Encrypting Host File
36 views
Skip to first unread message
Siva
Aug 10, 2017, 4:51:03 AM8/10/17
to Ansible Project
Hi,
Good Day!
I have a requirement to encrypt the host file in ansible, say for example, I want to encrypt the production environment host file so that the host information is not available with every one.
Can anyone tell me if this is achievable with Ansible Vault? Or any alternate way how I can get to this.
Regards,
Siva
Dick Visser
Aug 10, 2017, 6:36:11 AM8/10/17
to ansible...@googlegroups.com
Hi
On 10 August 2017 at 10:51, 'Siva' via Ansible Project
Not sure what you mean by "the host file", but in any case you can use
ansible-vault to encrypt inventory files as well as
host_vars/groups_vars.
--
Dick Visser
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
On 10 August 2017 at 10:51, 'Siva' via Ansible Project
ansible-vault to encrypt inventory files as well as
host_vars/groups_vars.
--
Dick Visser
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
Siva
Aug 10, 2017, 6:45:18 AM8/10/17
to Ansible Project
Just to give more information of what I am trying.
host (file name)[server-a]server-a[server-b]server-b
[appserver:children]server-aserver-b
_________________
host_details (file name)
[server-a:vars]env_name=server-aansible_ssh_user=rootansible_ssh_host=10.0.0.1ansible_ssh_private_key_file=~/.ssh/xyz-key.pem[server-b:vars]env_name=server-bansible_ssh_user=rootansible_ssh_host=10.0.0.2ansible_ssh_private_key_file=~/.ssh/xyz-key.pem
- I am encrypting host_details file using ansible vault.
- When I execute the playbook,
- Without encryption: Execution is successful
- With encryption: I get the below error,
TASK [setup] *******************************************************************
Thursday 10 August 2017 11:21:01 +0100 (0:00:00.053) 0:00:00.053 *******
fatal: [server-a]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname server-a: Name or service not known\r\n", "unreachable": true}
fatal: [server-b]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname server-b: Name or service not known\r\n", "unreachable": true}
Add Comment
Siva
Aug 10, 2017, 7:01:28 AM8/10/17
to Ansible Project
Host I mean is the inventory file.
On Thursday, August 10, 2017 at 2:21:03 PM UTC+5:30, Siva wrote:
Dick Visser
Aug 10, 2017, 8:15:38 AM8/10/17
to ansible...@googlegroups.com
I see.
Just to be sure: how do you exactly call the playbook?
It shouldn't matter, but can you try given the inventory files a .yml extension?
Dick
On 10 August 2017 at 13:01, 'Siva' via Ansible Project
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e7724add-27e1-493d-bc04-a6713ee96cda%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
Just to be sure: how do you exactly call the playbook?
It shouldn't matter, but can you try given the inventory files a .yml extension?
Dick
On 10 August 2017 at 13:01, 'Siva' via Ansible Project
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e7724add-27e1-493d-bc04-a6713ee96cda%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
Siva
Aug 10, 2017, 11:05:59 AM8/10/17
to Ansible Project
Hi Dick,
Thanks, your suggestion worked.
Reply all
Reply to author
Forward
0 new messages