Delegate_to fails if host is referenced by non-inventory name
1,149 views
Skip to first unread message
Andrew Davison
Feb 1, 2016, 12:34:16 PM2/1/16
to Ansible Project
I'm not sure if this is a bug in Ansible 2.0.0.2 or an intended change in behaviour, so I'm asking here before filing any bug report :)
ansible 2.0.0.2
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
Ansible configuration:
Default
Environment:
Ubuntu 14.04
Summary:
If I have an inventory file that contains hosts listed only by their IP, but I use the DNS name in delegate_to, then the delegate_to command runs with no ssh user (it outputs "ESTABLISH SSH CONNECTION FOR USER: None").
In Ansible 1.9 it worked fine, but since upgrading to Ansible 2.0 it does not work. Our inventory file is created by the ec2.py script at https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
Steps to reproduce:
I used vagrant to launch two boxes for testing (vagrantfile below) and added box2 to my hosts file:
192.168.120.12 box2
Given an inventory file:
[tag_hosttype_box1]
192.168.120.11
[tag_hosttype_box2]
192.168.120.12
and a playbook:
- name: whoami
command: whoami
- name: IP Delegate whoami (works)
command: whoami
delegate_to: 192.168.120.12
- name: Name Delegate whoami (fails)
command: whoami
delegate_to: box2
Ansible output (summarized):
ansible-playbook -i inventory.yml box1.yml --extra-vars="ansible_ssh_user=vagrant" -vvvv --private-key=~/.vagrant.d/insecure_private_key
Using /etc/ansible/ansible.cfg as config file
Loaded callback default of type stdout, v2.0
1 plays in box1.yml
PLAY ***************************************************************************
TASK [setup] *******************************************************************
<192.168.120.11> ESTABLISH SSH CONNECTION FOR USER: vagrant
TASK [box1 : whoami] ***********************************************************
task path: /home/adavison/vagrant/ansible-test/roles/box1/tasks/main.yml:4
<192.168.120.11> ESTABLISH SSH CONNECTION FOR USER: vagrant
TASK [box1 : IP Delegate whoami] ***********************************************
task path: /home/adavison/vagrant/ansible-test/roles/box1/tasks/main.yml:7
<192.168.120.12> ESTABLISH SSH CONNECTION FOR USER: vagrant
TASK [box1 : Name Delegate whoami] *********************************************
task path: /home/adavison/vagrant/ansible-test/roles/box1/tasks/main.yml:11
<box2> ESTABLISH SSH CONNECTION FOR USER: None
PLAY RECAP *********************************************************************
192.168.120.11 : ok=3 changed=2 unreachable=1 failed=0
Note the "ESTABLISH SSH CONNECTION FOR USER: None" in the last task.
Simply adding "box2" to the inventory file resolves the problem, but I can't easily do this for our EC2 hosts as the inventory is auto-generated each time. I can work around this for now by changing the "delegate_to" value to the IPs of the hosts in our playbooks, but wanted to check if this is an intended change in behaviour since 1.9 or a bug?
Kind regards
Andrew
Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.ssh.insert_key = false
config.vm.define "box1" do |box1|
box1.vm.provider "virtualbox" do |v|
v.memory = 512
end
box1.vm.box = "ubuntu/trusty64"
box1.vm.hostname = "box1"
box1.vm.network "private_network", ip: "192.168.120.11", netmask: "255.255.255.0"
end
config.vm.define "box2" do |box2|
box2.vm.provider "virtualbox" do |v|
v.memory = 512
end
box2.vm.box = "ubuntu/trusty64"
box2.vm.hostname = "box2"
box2.vm.network "private_network", ip: "192.168.120.12", netmask: "255.255.255.0"
end
end
Brian Coca
Feb 1, 2016, 1:43:41 PM2/1/16
to Ansible Project
since box2 does not have an inventory reference it is not picking up
the need to login as vagrant user, does setting `remote_user: vagrant`
fix this?
--
Brian Coca
the need to login as vagrant user, does setting `remote_user: vagrant`
fix this?
--
Brian Coca
Andrew Davison
Feb 2, 2016, 7:06:25 AM2/2/16
to Ansible Project
Hi, thanks for the reply.
Setting remote_user: vagrant does not appear to fix this I'm afraid. I ran the command as:
ansible-playbook -i inventory.yml box1.yml --extra-vars="ansible_ssh_user=vagrant remote_user=vagrant" -vvvv --
private-key=~/.vagrant.d/insecure_private_key
and there was no change, the last task still outputs "ESTABLISH SSH CONNECTION FOR USER: None".
private-key=~/.vagrant.d/insecure_private_key
and there was no change, the last task still outputs "ESTABLISH SSH CONNECTION FOR USER: None".
Kind regards
Andrew
Brian Coca
Feb 2, 2016, 8:39:24 AM2/2/16
to Ansible Project
remote_user is not a variable, its a directive, ansible_ssh_user would
override it anyways.
--
Brian Coca
override it anyways.
--
Brian Coca
Andrew Davison
Feb 2, 2016, 9:24:32 AM2/2/16
to Ansible Project
Aha, sorry. I created an ~/.ansible.cfg file and placed the remote_user directive in it:
ansible-playbook -i inventory.yml box1.yml --extra-vars="ansible_ssh_user=vagrant" -vvvv --private-key=~/.vagrant.d/insecure_private_key
This time it worked!
[defaults]
remote_user=vagrant
Then ran the command again:
ansible-playbook -i inventory.yml box1.yml --extra-vars="ansible_ssh_user=vagrant" -vvvv --private-key=~/.vagrant.d/insecure_private_key
This time it worked!
However, we run our ansible playbooks from a Tower host and have other jobs which don't run as that user, so this solution is not good if it sets it for all playbooks.
As you mentioned ansible_ssh_user should override remote_user I tried setting remote_user to vagrant2 as a test, but the delegate_to command still tried to ssh as vagrant2 (so ansible_ssh_user=vagrant was not overriding it). Is there a way to set remote_user per playbook (or task?).
Kind regards
Andrew
Brian Coca
Feb 2, 2016, 9:32:15 AM2/2/16
to Ansible Project
remote_user is ONLY in play or task, in ansible.cfg has a 'user'
option, again, all overridden by ansible_ssh_user
--
Brian Coca
option, again, all overridden by ansible_ssh_user
--
Brian Coca
Andrew Davison
Feb 2, 2016, 9:43:03 AM2/2/16
to Ansible Project
Well now I'm more confused, because setting remote_user in ansible.cfg did "fix" the problem and also the documentation does list remote_user as a config file setting:
If I set remote_user at the task level:
- name: Name Delegate whoami
command: whoami
delegate_to: box2
remote_user: vagrant
It does not work, I still get "ESTABLISH SSH CONNECTION FOR USER: None".
If I set remote_user at the playbook level:
- hosts: tag_hosttype_box1
roles:
- role: box1
remote_user: vagrant
it does not work, I still get "ESTABLISH SSH CONNECTION FOR USER: None".
So is this a bug or am I still misunderstanding?
Kind regards
Andrew
Brian Coca
Feb 9, 2016, 1:54:26 PM2/9/16
to Ansible Project
I was wrong, it used to be "user" on the PLAY not in config ... my bad ....
--
Brian Coca
--
Brian Coca
Reply all
Reply to author
Forward
0 new messages