Problem connection via a host.yml file

[Support-DataExpertise]

Hi,

This is my problem :

I have this host file :

all:
  children:
    bastion:
      children:
        client01:
          hosts:
            srv01vm: 
              ansible_host: ip_srv
            srv03vm:
              ansible_host: ip_srv
            srv04vm: 
              ansible_host: ip_srv
            srv05vm: 
              ansible_host: ip_srv
            srv06vm: 
              ansible_host: ip_srv
            srv07vm: 
              ansible_host: ip_srv
            srv08vm: 
              ansible_host: ip_srv
            srv09vm: 
              ansible_host: ip_srv
            srv13vm: 
              ansible_host: ip_srv
          vars:
            ansible_user: root
            ansible_port: 22
            bastion_user: bastion_user
            bastion_host: bastion_ip
            bastion_port: 22
      vars:
        ansible_pipelining: True
        ansible_scp_if_ssh: True
        ansible_private_key_file: "/home/nicolas/.ssh/id_ed25519"
        ansible_ssh_executable: "/home/nicolas/Ansible/bastion/sshwrapper.py"
        ansible_scp_executable: "/home/nicolas/Ansible/bastion/scpbastion.sh"
        ansible_ssh_transfer_method: scp
        ansible_python_interpreter: /usr/bin/python3
        ansible_host_key_checking: no

I have also put the ansible_* vars in my .ansible.cfg this does not work.

The problem is that when I'm trying to ping via the host file it gives me this error :

srv01vm | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: OpenSSH_8.4p1 Ubuntu-5ubuntu1.1, OpenSSL 1.1.1j  16 Feb 2021\r\ndebug1: Reading configuration data /home/nicolas/.ssh/config\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/nicolas/.ssh/known_hosts'\r\ndebug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/nicolas/.ssh/known_hosts2'\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket \"/home/nicolas/.ansible/cp/3c7791cd0b\" does not exist\r\ndebug2: resolving \"none\" port 22\r\nssh: Could not resolve hostname none: Name or service not known",
    "unreachable": true
}

Via the command :

ansible all -i host.yml -m ping -vvvvvvvv

But the ansible-inventory command print me my host.yml file with the right variables.

Thanks

[Support-DataExpertise]

After a litte investigation I found this :

When I export the variables before I execute my command, it works :

export BASTION_USER="bastion_user"
export BASTION_HOST="bastion_ip"
export BASTION_PORT=22

ansible all -i host_bastion.yml -m ping
srv01vm | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
srv01vm | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

...

It seems that when I only put those variables in my invetory file, the sshwrapper.py does not gather them but my ansible-inventory command gives me the bastion_host and user and port :

   "_meta": {
        "hostvars": {
            "srv01vm": {
                "ansible_host": "ip_srv",
                "ansible_host_key_checking": false,
                "ansible_pipelining": true,
                "ansible_port": 22,
                "ansible_private_key_file": "/home/nicolas/.ssh/id_ed25519",
                "ansible_python_interpreter": "/usr/bin/python3",
                "ansible_scp_executable": "/home/nicolas/Ansible/bastion/scpbastion.sh",
                "ansible_scp_if_ssh": true,
                "ansible_ssh_executable": "/home/nicolas/Ansible/bastion/sshwrapper.py",
                "ansible_ssh_transfer_method": "scp",
                "ansible_user": "root",
                "bastion_host": "bastion_ip",
                "bastion_port": 22,
                "bastion_user": "bastion_user",

[mhdan]

there is the same issue when the variables are on the group_vars/all.yml file. non of bastion_* variables find when we place them in inventory variables files. the sshwrapper.py doesn't parse inventory correctly.

[mhdan]

I read the sshwrapper.py and lib.py and find out the root cause of the problem is that I use a custom inventory file that is not in ansible.cfg so the get_inventory() function can't get the inventory and parse it. The problem can be solved by using BASTION_ANSIBLE_INV_OPTIONS ENV variable.

export BASTION_ANSIBLE_INV_OPTIONS='-i <path_to_custom_inventory_file>'

It's better to update README.md and mention this special use case of BASTION_ANSIBLE_INV_OPTIONS ENV.

[LucJubeau]

hi mhdan

I have the same issue but i haven't undestood your answer. i have a custom inventory and a group_vars like that : ansible_python_interpreter: /usr/bin/python3

bastion_user: MYUSER bastion_host: MYBASTION bastion_port: 22

ansible_ssh_transfer_method: scp ansible_ssh_pipelining: 1 ansible_ssh_executable: /etc/ansible/extra/bastion/sshwrapper.py

ansible_scp_if_ssh: True ansible_scp_executable: /etc/ansible/extra/bastion/scpbastion.sh

Could you help me please ? thanks a lot

[mhdan]

hi mhdan

I have the same issue but i haven't undestood your answer. i have a custom inventory and a group_vars like that : ansible_python_interpreter: /usr/bin/python3

bastion_user: MYUSER bastion_host: MYBASTION bastion_port: 22

ansible_ssh_transfer_method: scp ansible_ssh_pipelining: 1 ansible_ssh_executable: /etc/ansible/extra/bastion/sshwrapper.py

ansible_scp_if_ssh: True ansible_scp_executable: /etc/ansible/extra/bastion/scpbastion.sh

Could you help me please ? thanks a lot

Hi LucJubeau

it would be best if you only exported the path of your custom inventory same as below:

export BASTION_ANSIBLE_INV_OPTIONS='-i <path_to_custom_inventory_file>'

then run your ansible with the standard procedure explained in README with bastion.

[LucJubeau]

Thanks a lot mhdan. That's worked.