Jenkins, Ansible, EC2, Git, and SSH

548 views
Skip to first unread message

Chris Preisinger

unread,
Mar 10, 2014, 5:34:41 PM3/10/14
to ansible...@googlegroups.com
So I've spent a good amount of time researching this problem and trying out numerous solutions but I've still had no luck so I thought I'd ask.

My current setup is an EC2 instance with Jenkins and Ansible playbooks. I want this Jenkins instance to watch the repositories and run a playbook if something new is pushed up to github.

The Jenkins instance has the ubuntu user with the playbooks and necessary ssh keys for the other ec2 instances. I'm having a problem with ssh-agent and ssh-forwarding from the Jenkins instance to the other ec2 instances.

If I ssh in to the Jenkins node from my personal machine I can run the playbooks no problem. The problems arise when I try to run the Jenkins job from the web interface. I fixed the problem with allowing Jenkins to connect by switching to the jenkins user from the ubuntu user and running eval `ssh-agent` and then ssh-add <key>.pem.

This allows the playbooks to connect in the first place but then it fails when trying to pull from git because it isn't forwarding the ssh key for git. I've even tried editing the .ssh/config file for the jenkins user to allow ssh forwarding to amazon instances.

I'm having a hard time finding any resources or tutorials on this type of setup. I've found similar ones but nothing that addresses this specific configuration.

Michael DeHaan

unread,
Mar 11, 2014, 9:36:17 PM3/11/14
to ansible...@googlegroups.com
There's a nice "accept_hostkey" and "keyfile" options new in Ansible 1.5:


(Alternatively it sounds like you could configure SSH forwarding if you understood the risks)




--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fcd32542-07d1-40dc-9702-4a330b0365d4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages