Hi Todd,
Thank you for sharing the same, however, I have already checked this
article.
I have a requirement to connect Host-A then I can connect Host-B. I can’t
connect Host-B directly. So in this case how to execute the playbook task
on Host-B from Control Machine? Because my control machine is centralized.
Hence, my question is how to execute the playbook task on Host-B directly
from the control machine via bastion host-: Below is an example of how I am
connecting to the remote host via bastion host using ssh. ssh
user@<remote-host IP>@<bastion-host-IP> -p 8022 In the playbook I have
created the inventory, however, while running the same I am getting the
below error-: cat lab.txt [need_bastion] bastion-host [need_bastion:vars]
ansible_ssh_common_args='-o StrictHostKeyChecking=no -o
ProxyJump="user@<remote-host>@<bastion-host>:8022"' PLAY [copy file from
jump to remote servers]
********************************************************************************************************
TASK [copy node exporter package]
************************************************************************************************************************
Password: Password: fatal: [IP]: UNREACHABLE! => {"changed": false, "msg":
"Failed to connect to the host via ssh: Connection timed out during banner
exchange", "unreachable": true} PLAY RECAP
***********************************************************************************************************************************************
IP : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
On Monday, April 3, 2023 at 2:21:53 AM UTC+5:30 Todd Zullinger wrote:
Will McDonald wrote:
> https://www.jeffgeerling.com/blog/2022/
> using-ansible-playbook-ssh-bastion-jump-host
Odd that uses ProxyCommand in `ansible_ssh_common_args` and
not the far simpler ProxyJump, which it does mention in the
~/.ssh/config method. The `-J` shortcut for that is even
better.
Perhaps it does that to illsutrate a more complex use case,
where the bastion runs on a different port, but if you're
not doing that, it's likely simpler to skip it and use the
`-J` argument.
I would expect (but have not tested) this works:
ansible_ssh_common_args='-J $your_bastion_hostname'
ProxyJump / -J was added in OpenSSH-7.3 -- so it's surely on
any host folks would be using as an ansible control host.
--
Todd
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/4765020f-4259-472a-af7c-a47af04b70e8n%40googlegroups.com.
