Hi,
We are using GCP with ansible which has been working great up now, we are
setting all the flags in ~/.ansible.cfg for ssh
i.e
ssh_args = -t -i ~/.ssh/google_compute_engine -o CheckHostIP=no -o
ControlMaster=auto -o ControlPersist=600s -o IdentitiesOnly=yes -o
UserKnownHostsFile=~/.ssh/google_compute_known_hosts -o
ProxyCommand="/usr/bin/python3 -S /usr/lib64/google-cloud-sdk/lib/gcloud.py
beta compute start-iap-tunnel %h %p --listen-on-stdin
--project=studio-00056 --zone=europe-west1-b --verbosity=warning" -o
ProxyUseFdpass=no
This has been fine, till we now have to use another zone, meaning that i
need to switch the args
I tired replacing the ssh_executable with my own wrapper
#!/bin/bash
set -x
host="${@: -2: 1}"
cmd="${@: -1: 1}"
# ControlMaster=auto & ControlPath=... speedup Ansible execution 2 times.
socket="/tmp/ansible-ssh-${host}-22-iap"
zone=$(gcloud compute instances list --filter="name:${host}"
--format='value(zone)')
gcloud_args="
--tunnel-through-iap
--zone=$zone
--quiet
--no-user-output-enabled
--
-C
-o PreferredAuthentications=publickey
-o KbdInteractiveAuthentication=no
-o PasswordAuthentication=no
-o ConnectTimeout=20
-i ~/.ssh/google_compute_engine
-o CheckHostIP=no
-o ControlMaster=auto
-o ControlPersist=600s
-o IdentitiesOnly=yes
-o ProxyUseFdpass=no
"
exec gcloud compute ssh "$host" $gcloud_args "$cmd"
but this is is super slow as it does one ssh connection for each part of
the playbook, a normal playbook before would take 33 seconds now it take
590 second
Any suggestion?
Thanks
Adam
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/052cb4dc-ceee-44ca-a301-99fe1cc58ffan%40googlegroups.com.
