Hi,
Just gave some directions in the issue on github to make it work
Regards,
JYL
Le 09/02/2021 à 17:00, C.J. Brown a écrit :
Say, did you ever find a better solution here? Because I've run into
the same problem recently, and...well, it's ugly.
I saw that this ticket had been filed against Ansible:
https://github.com/ansible/ansible/issues/66310
...but was auto-closed by ansibot when all this stuff got moved to the
GCP collection. So I've filed my own feature request against that repo:
https://github.com/ansible-collections/google.cloud/issues/373
We'll see if anybody picks it up over there. My sense is that a
number of folks have had the Ansible-over-IAP problem; one of these
days, GCP really ought to support a proper solution...
On Monday, November 25, 2019 at 12:16:11 PM UTC-6 race...@gmail.com wrote:
I am required to tunnel through IAP with service account credentials.
I have overridden my ssh binary, ‘ssh_executable=script.sh’,
creating a ‘gcloud compute ssh xxxx —tunnel-through-iap’ wrapper,
where I regex ssh arguments into the gcloud command.
For tunneling to work I must
1. Run my playbook with my instance IP in the hosts variable of my
playbook
2. Hardcode my compute instance hostname for my ssh wrapper
connection.
3. This always makes an initial connection but always fails to run
the command. No matter my regex there is always extra “, ‘ or
something.
4. Comment out my ‘ssh_execution’ wrapper overriding in ansible.cfg
5. Run my playbook again which runs successfully.
Running the playbook with the gcp plugin will only list available
instances but will never ssh successfully without a previously
opened gcloud session.
--
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to ansible-project+unsubscr...@googlegroups.com
<mailto:ansible-project+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/49aa114a-ef11-428b-a6e5-3c8dbd672ce5n%40googlegroups.com
<https://groups.google.com/d/msgid/ansible-project/49aa114a-ef11-428b-a6e5-3c8dbd672ce5n%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/15ee75c3-6f64-2c18-4e7f-fc0b80a461f7%40lenhof.eu.org.
