Using Ansible via a bastion host

34 views
Skip to first unread message

Tim Coote

unread,
Jan 11, 2019, 1:58:47 PM1/11/19
to Ansible Project
I've encountered a couple of modules where target hosts that are accessed an intermediate host don't seem to work in a naive way. I'm wondering if this is a known issue and whether there are any workarounds. The latest version concerns the `apt` module.  Here's a snippet from my inventory file:

target_host ansible_host=localhost:4321 ansible_user=user host_key_checking=false

A simple stanza is:

```

- name: Remove CA certificate bundle

  tags:

      - oneoff

  apt:

      name: ca-certificates

      state: absent

```

When I run this playbook, I get this error:
```

TASK [upgrade : Remove CA certificate bundle] ***********************************************************************************************************************************

fatal: [target_host]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to remote host \"localhost:4321\". Make sure this host can be reached over ssh", "unreachable": true}

```

The module `rsync` has similar issues. Any thoughts on how to work around this, other than just using `shell`?

tc

Tim Coote

unread,
Jan 11, 2019, 2:15:46 PM1/11/19
to Ansible Project
ignore the `apt` example. Running it to remove ca-certificates from Raspian ripped out the packages that sustained the tunnel!

however, the error does still occur with the `rsync` module.

James Cassell

unread,
Jan 11, 2019, 2:21:41 PM1/11/19
to Ansible List


On Fri, Jan 11, 2019, at 2:15 PM, Tim Coote wrote:
> ignore the `apt` example. Running it to remove ca-certificates from Raspian
> ripped out the packages that sustained the tunnel!
>
> however, the error does still occur with the `rsync` module.
>

The synchronize module does not work with complicated connection setups, from my experience.


V/r,
James Cassell


> On Friday, 11 January 2019 18:58:47 UTC, Tim Coote wrote:
> >
> > I've encountered a couple of modules where target hosts that are accessed
> > an intermediate host don't seem to work in a naive way. I'm wondering if
> > this is a known issue and whether there are any workarounds. The latest
> > version concerns the `apt` module. Here's a snippet from my inventory file:
> >
> > target_host ansible_host=localhost:4321 ansible_user=user
> > host_key_checking=false
> >
> > A simple stanza is:
> >
> > ```
> >
> > - name: Remove CA certificate bundle
> >
> > tags:
> >
> > - oneoff
> >
> > apt:
> >
> > name: ca-certificates
> >
> > state: absent
> > ```
> >
> > When I run this playbook, I get this error:
> > ```
> >
> > TASK [upgrade : Remove CA certificate bundle]
> > ***********************************************************************************************************************************
> >
> > *fatal: [target_host]: UNREACHABLE! => {"changed": false, "msg": "SSH
> > Error: data could not be sent to remote host \"localhost:4321\". Make sure
> > this host can be reached over ssh", "unreachable": true}*
> > ```
Reply all
Reply to author
Forward
0 new messages