Modify ssh connection arguments that ansible uses.
44 views
Skip to first unread message
Mohtashim S
Sep 9, 2020, 5:34:04 AM9/9/20
to Ansible Project
The below ssh connection by ansible fails to connect to remote hosts
ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/app/ssh_keys/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o ControlPath=/home/ansibleuser/.ansible/cp/6abdc12511 -tt 10.9.88.205 'id mwweb || id webadm || ls -ld /web'
whereas when i remove the below two arguments from ssh my connection succeeds
1. -tt
2. -o ControlPath=/home/ansibleuser/.ansible/cp/6abdc12511
Working ssh command to be constructed by ansible.
ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/app/ssh_keys/id_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no 10.9.88.205 'id mwweb || id webadm || ls -ld /web'
This requirement (customized ssh command) is for a specific playbook for specific target hosts that is supplied as arguments to my ansible playbook below. I dont wish to modify the existing ssh configuration at OS:
- name: Play 2- Configure Source nodes
hosts: all
user: root
ignore_errors: yes
gather_facts: false
tasks:
- name: Get HTTPD userid on server
raw: id mwweb || id webadm || ls -ld /web
- name: Get OHS userid on server
raw: id mwweb
The above playbook runs using this command:
ansible-playbook -i 10.9.88.205, -f 5 testpython.yml -vvvv
I'm using jenkin's ansible plugin to trigger the above playbook.
Can you please suggest for the below:
can i disable -tt and ControlPath by modifying playbook code? This is my first preference. Please suggest?
If modifying the playbook wont help then how can i disable both ssh args using ansible parameters?
I was able to disable -tt using below:
ansible-playbook -i 10.9.88.205, -f 5 testpython.yml -e ansible_ssh_use_tty=no -vvvv
But, there is no way to could find to disable ControlPath despite passing -e control_path=""
I want the solution of disabling both ssh arguments -tt and -o ControlPath in the playbook testpython.yml or in ansible-playbook command-line.
Can you please suggest?
Dick Visser
Sep 9, 2020, 5:44:01 AM9/9/20
to ansible...@googlegroups.com
https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#connecting-to-hosts-behavioral-inventory-parameters
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1d986f4d-e9fc-42cd-bae5-7173bedf8ec6n%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1d986f4d-e9fc-42cd-bae5-7173bedf8ec6n%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
Mohtashim S
Sep 9, 2020, 5:56:19 AM9/9/20
to Ansible Project
@Dick thank you for the link but i have been through that before.
There is no details on how we can modify my playbook
testpython.yml or any command-line parameters for disabling ControlPath like we have use_tyy
Can you further guide and help me with changes to my playbook or to the ansible-playbook command-line ?
Dick Visser
Sep 9, 2020, 6:05:06 AM9/9/20
to ansible...@googlegroups.com
IIRC ControlPath is the SSH configuration option that makes pipelining work.
So you could try to disable that:
https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-pipelining
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7456f4fc-5892-4b9f-907b-6538e58481b9n%40googlegroups.com.
So you could try to disable that:
https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-pipelining
Mohtashim S
Sep 9, 2020, 6:36:04 AM9/9/20
to Ansible Project
@Dick
I tried the below "
ansible_ssh_pipelining: no " in my playbook but the -o ControlPath still remains.
- name: Play 2- Configure Source nodes
hosts: all
user: root
ignore_errors: yes
gather_facts: false
vars:
ansible_ssh_pipelining: no
tasks:
- name: Get HTTPD userid on server
raw: id mwweb || id webadm || ls -ld /web
- name: Get OHS userid on server
raw: id mwweb
I'm sorry but i'm new to this. Kindly suggest
Mohtashim S
Sep 9, 2020, 7:21:24 AM9/9/20
to Ansible Project
@Dick
ANSIBLE_SSH_ARGS=""
ansible-playbook -i 10.9.88.205, -f 5 testpython.yml -e ansible_ssh_use_tty=no -vvvv works !! and i dont see the -o ControlPath anymore.
However, I stated in the original post I'm using anisble plugin inside Jenkins where i cannot find any option to specify ANSIBLE_SSH_ARGS="" environment variable.
Adding ANSIBLE_SSH_ARGS="" to playbook yml also does not work like below:
- name: Play 2- Configure Source nodes
hosts: all
user: root
ignore_errors: yes
gather_facts: false
vars:
ansible_ssh_pipelining: no
ANSIBLE_SSH_ARGS=""
tasks:
From the documentation, i felt passing ansible_ssh_arg="" will work just how ansible_ssh_use_tty=no works but that too fails to remove -o ControlPath
ansible-playbook -i 10.9.88.205, -f 5 testpython.yml -e ansible_ssh_use_tty=no -e nsible_ssh_arg="" -vvvv
Can you please suggest ?
Dick Visser
Sep 9, 2020, 8:03:56 AM9/9/20
to ansible...@googlegroups.com
> ANSIBLE_SSH_ARGS="" ansible-playbook -i 10.9.88.205, -f 5 testpython.yml -e ansible_ssh_use_tty=no -vvvv works !! and i dont see the -o ControlPath anymore.
>
> However, I stated in the original post I'm using anisble plugin inside Jenkins where i cannot find any option to specify ANSIBLE_SSH_ARGS="" environment variable.
>
> Adding ANSIBLE_SSH_ARGS="" to playbook yml also does not work like below:
>
> - name: Play 2- Configure Source nodes
> hosts: all
> user: root
> ignore_errors: yes
> gather_facts: false
> vars:
> ansible_ssh_pipelining: no
> ANSIBLE_SSH_ARGS=""
I think this ^^ should be lower case, i.e.:
>
> However, I stated in the original post I'm using anisble plugin inside Jenkins where i cannot find any option to specify ANSIBLE_SSH_ARGS="" environment variable.
>
> Adding ANSIBLE_SSH_ARGS="" to playbook yml also does not work like below:
>
> - name: Play 2- Configure Source nodes
> hosts: all
> user: root
> ignore_errors: yes
> gather_facts: false
> vars:
> ansible_ssh_pipelining: no
> ANSIBLE_SSH_ARGS=""
vars:
ansible_ssh_pipelining: no
ansible_ssh_args: ""
Mohtashim S
Sep 9, 2020, 8:10:14 AM9/9/20
to ansible...@googlegroups.com
Tried your suggestion but it does not work @Dick.
Please suggest.
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/82npfyae2zQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwOeVNLcwrkcBT5xC%2BfjYJVcxdDB6vXRvp0UqY%3DdYH0qMQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages