Using ansible's inventory to ssh

[Brian Picciano]

Hi there! Sorry if this has been asked before, I searched quite a bit and wasn't able to find anything of this nature.

We have our ansible repo with our inventory and all of that fun stuff. Currently our inventory is static, but at some point in the future we''ll likely switch to a dynamic inventory. At the moment when I go to ssh into any of our machines I go to our inventory file which has all the ips, copy the one I want, and paste it into an ssh command. This is kind of a pain. I'm wondering if there's a way to use ansible to start an ssh session. If not ansible actually starting a process, a way at least for ansible to tell me ip it would use to connect to any given name of a machine. I could easily write a script which just greps through our file, but then this script would get rewritten (and likely become a lot more complicated) when we switch to a dynamic inventory. It also just makes more sense for just ansible to understand the inventory, and to provide the information about it to other processes which need it (at least in my mind).

Hopefully someone has an answer, and thanks!

[Michael Peters]

Sounds like you're wanting to be able to ssh to a machine based on
it's name instead of it's ip address. DNS is the obvious answer.

If not that, then maybe create an ansible playbook that generates an
/etc/hosts file for your control server based on the servers in the
inventory. Then you can just use the hostname. The downside of that is
you have to re-run the playbook if any IPs change.

> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f7672ab9-3be1-40d6-9b3f-e814de5f6956%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Brian Picciano]

The problem with dns, like the /etc/hosts problem you mentioned, is we'd have to run ansible for any inventory changes. Which isn't the end of the world, I was just hoping there might be a cleaner solution. I have the inventory locally, I have ansible which can read and understand that inventory, I was hoping I could get the information I need directly from ansible rather than having ansible essentially cache it in another place. It's kind of a weird request, so I understand if there isn't a great solution. Thanks for the response!

You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/fHKQPs38POI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.

To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJQqANfJjQ7gvBpdbE-_2KDYSL1hG8T3Bo5X0XWXMLcaD9PfAw%40mail.gmail.com.

[Josh Smift]

If the inventory mostly changes when you run other ansible playbooks
(e.g. you're using Ansible to provision systems), you could potentially
update /etc/hosts (or DNS, or whatever) as part of the provisioning process.

-Josh (j...@care.com)



This email is intended for the person(s) to whom it is addressed and may contain information that is PRIVILEGED or CONFIDENTIAL. Any unauthorized use, distribution, copying, or disclosure by any person other than the addressee(s) is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and delete the message and any attachments from your system.

[Brian Coca]

someone was working on an ansible-ssh that does just that, sshs into
an 'ansible defined host'



--
Brian Coca

[Abhijit Menon-Sen]

At 2015-08-19 13:26:12 -0700, mediocr...@gmail.com wrote:
>
> It also just makes more sense for just ansible to understand the
> inventory, and to provide the information about it to other
> processes which need it (at least in my mind).

Yes, I agree completely. I want to be able to treat my inventory as the
canonical source of all connection information.

I'm the someone who was working on an ansible-ssh that executes ssh with
the same command-line arguments that ansible would use. It works, but to
be really useful it needs the functionality provided by PR #11908 to be
able to construct a ProxyCommand.

https://github.com/ansible/ansible/pull/11908

I'll put ansible-ssh in a repository on Github sometime. If I haven't
said anything in a couple of days in this thread, please remind me by
private mail.

-- Abhijit

[Abhijit Menon-Sen]

At 2015-08-20 11:08:50 +0530, a...@2ndQuadrant.com wrote:
>
> I'll put ansible-ssh in a repository on Github sometime.

https://github.com/2ndQuadrant/ansible-ssh

Feedback welcome.

-- Abhijit

[esco real]

not that fancy and no support for non default port, you could do something similar with bash: 

# function ansible-ssh { ssh $(ansible -m debug -a "msg={{ ansible_ssh_user }}@{{ ansible_ssh_host }}" $1 | grep msg |awk -F\" '{print $4}');}

# export -f ansible-ssh

# ansible-ssh <inventory-hostname>

esco