EC2 dynamic inventory: SSH rules

59 views
Skip to first unread message

Soren Olegnowicz

unread,
Aug 29, 2016, 9:04:47 PM8/29/16
to Ansible Project
Hey guys I need to connect to my ec2 instances in various ways using the ec2.ini provided. Right now my I can only get my ec2.ini to connect to my instances via their private or public IP alone, but I need to connect to some instances via their private IP and some via their public. Any suggestions for introducing logic to accomplish this?

Hagai Kariti

unread,
Aug 30, 2016, 5:21:06 AM8/30/16
to Ansible Project
You can set destination_variable to public_dns_name in ec2.ini (I think this is the default). Amazon's DNS servers resolve the public DNS name to the private IP when you're inside AWS and to the public IP when you're outside.

Does that help?

Soren Olegnowicz

unread,
Aug 31, 2016, 10:09:45 AM8/31/16
to Ansible Project
Unfortunately, this setting does not help. Perhaps I need to run Ansible from within Amazon instead of locally?

Hagai Kariti

unread,
Aug 31, 2016, 12:19:20 PM8/31/16
to Ansible Project
Can you elaborate on what doesn't work vs what you want?

--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/jfEO2I9pStM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/41a14cc3-d025-4465-9e30-6a36257a1587%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Soren Olegnowicz

unread,
Aug 31, 2016, 4:22:36 PM8/31/16
to Ansible Project
Sure!

Currently I run: " ansible all -m ping -i ec2.py "

With:
destination_variable = public_dns_name
vpc_destination_variable = private_ip_address
The return values for the ping will only return positive on the private vpc instances because the ping happens via the private IP's

If I change it to:
vpc_destination_variable = public_ip_address
then the return values for the ping will only return positive for the public non-vpc instances because the ping happens via the public IP's

I would like to be able to successfully ping all instances with the above command.

Hope that helps.

Hagai Kariti

unread,
Sep 1, 2016, 2:31:07 AM9/1/16
to Ansible Project

You can try setting it to public_dns_name. It should resolve to the private IP when you're inside the vpc, and to the public IP when your outside.


--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/jfEO2I9pStM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fbdc0064-709e-405f-8f32-5685a5dd6d52%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages