You need to delegate the wait_for task to the bastion server:
delegate_to: bastion.host.com
On Wed, May 24, 2017 at 7:06 AM 'Ansible Madness' via Ansible Project <
ansible-project@googlegroups.com> wrote:
>
> Sadly I do not have an answer to your question, but as I am facing the
> same situation i was curious to know if you found a solution?
>
> Rod
>
>
> On Wednesday, 22 June 2016 13:39:46 UTC+2, Vincent Van der Kussen wrote:
>>
>> Hi,
>>
>> I'm currently testing Ansible for deploying instances on AWS. To reach
>> hosts in private subnets, I'm using a bastion host. When deploying new
>> instances I have a task that waits for the ssh port of the new instance to
>> come up before proceding.
>>
>> During the creation of the instance I also update my local inventory file
>> with the ip of the instance and the ansible_ssh_private_key_file (aws
>> generated key-pair) like this:
>>
>> x.x.x.x ansible_private_key_file=~/.ssh/instance.pem
>>
>> However, the task that waits for the ssh port to come up gives a timeout.
>> This is the wait_for task:
>>
>> - name: Wait for SSH
>> wait_for:
>> host: "{{ item.private_ip }}"
>> port: 22
>> delay: 60
>> timeout: 320
>> state: started
>> with_items: "{{ ec2.instances }}"
>>
>> The host variable resolves to the correct ip of the new instance.
>>
>> In my ssh config file I have configured the bastion host for each subnet.
>> And ssh'ing into the new instance works without issues. I can also
>> perfectly run ad-hoc commands against the new instance.
>>
>> This is the ansible_cfg I'm using:
>>
>> [defaults]
>> inventory=./hosts
>> ProxyCommand="ssh -W %h:%p -q centos@<ip bastion host>"
>> host_key_checking=False
>>
>> [ssh_connection]
>> ssh_args=-o ForwardAgent=yes
>>
>>
>> I also tried delegating the wait task to the bastion host, but that
>> results in the same error. Is there something I'm missing?
>>
>>
>> Vincent
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3f239a2c-aff7-4879-8adb-7addd3d3c7bb%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/3f239a2c-aff7-4879-8adb-7addd3d3c7bb%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Matt Martz
@sivel
sivel.net
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9GFMrt%3DCeoSrn2uzhiv%3DzeQU7zLiAWF3PLDbieXA%3DHbw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
