Rundeck is unable to connect to nodes when using jumphosts.

[Lucas-Claeys]

Hello,

I have an issue with rundeck & ansible while connection via a jumphost. The setup works when only running ansible, but it can't connect when it's performed by rundeck.

Our setup: The following command is configured to let a group of hosts use the jumpserver. ansible_ssh_common_args: '-o StrictHostKeyChecking=no -J ansible-***@jmpserver -l ansible-***' This gives the expected result when using ansible:

[ansible-****@rundeckserver Git]$ ansible -m ping -i Atlas targetserver
targetserver | SUCCESS => {
"changed": false,
"ping": "pong"
}

But when trying to get the node rundeck fails as seen in /var/log/rundeck/service.log:

fatal: [targetserver]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,keyboard-interactive).\r\nssh_exchange_identification: Connection closed by remote host\r\n", "unreachable": true}

Connection to a server without using a jumphost works fine.

Rundeck Project configuration:

Wed Oct 24 16:12:47 CEST 2018

edit below

ansible-become-method=sudo ansible-become=true ansible-ssh-auth-type=privateKey ansible-ssh-key-storage-path=keys/ansible-* ansible-ssh-user=ansible- project.ansible-become-method=sudo project.ansible-become=true project.ansible-config-file-path=/etc/ansible.cfg project.ansible-debug=true project.ansible-executable=/bin/bash project.ansible-ssh-auth-type=privateKey project.ansible-ssh-key-storage-path=keys/ansible- project.ansible-ssh-user=ansible- project.ansible-windows-executable=cmd.exe project.description=Rundeck project for Atlas project.disable.executions=false project.disable.schedule=false project.gui.motd.display=projectList,projectHome project.gui.readme.display=projectList,projectHome project.jobs.gui.groupExpandLevel=1 project.label=Atlas project.name=Atlas project.nodeCache.delay=5 project.nodeCache.enabled=true project.nodeCache.firstLoadSynch=true project.ssh-authentication=privateKey project.ssh-keypath=/var/lib/rundeck/.ssh/id_rsa resources.source.1.type=local resources.source.2.config.ansible-become-method=sudo resources.source.2.config.ansible-become=false resources.source.2.config.ansible-config-file-path=/etc/ansible/ansible.cfg resources.source.2.config.ansible-debug=true resources.source.2.config.ansible-disable-limit=false resources.source.2.config.ansible-gather-facts=true resources.source.2.config.ansible-ignore-errors=true resources.source.2.config.ansible-inventory=/etc/ansible/Git/Atlas resources.source.2.config.ansible-ssh-auth-type=privateKey resources.source.2.config.ansible-ssh-keypath=/var/lib/rundeck/var/storage/content/keys/ansible- resources.source.2.config.ansible-ssh-user=ansible- resources.source.2.type=com.batix.rundeck.plugins.AnsibleResourceModelSourceFactory service.FileCopier.default.provider=com.batix.rundeck.plugins.AnsibleFileCopier service.NodeExecutor.default.provider=com.batix.rundeck.plugins.AnsibleNodeExecutor service.NodeExecutor.provider=com.batix.rundeck.plugins.AnsibleNodeExecutor

Could you assist with this issue?

Thanks in advance!

[plambert]

Are you able to reproduce the problem while running the job with the logging level set to DEBUG, and post the results here?

[Lucas-Claeys]

The issue occurs even before I try to run a job. It occurs when trying to get the nodes and I can't find how I can set the verbosity for it.

The nodes that should be accessible via a jumphost are simply "unreachable" so they don't appear in the nodes list.

I'd like to find out why they are unreachable via the node gathering, because they are reachable when I try to reach them via ansible without using rundeck.