using Z HMC collection over jumphost

[ScYang1991]

Currently planning to use Z HMC collection on Ansible tower over jumphost. Flow will be as below. Ansible Tower - jumphost - target HMC

I was wondering if any additional setting or parameter is required to run through jumphost. I believe no additional setting is required in case of ssh based collections, however I am concerned since Z HMC collection is based on http API call using host: localhost.

I've seen FTP based collection being used with host: localhost runs through socks5 by running below task before other tasks. Is there similar solution for Z HMC collection?

    - shell: |
        bash -c '/usr/bin/ssh -CfNq -D 127.0.0.1:10022 {{ jh1_ssh_user }}@{{ jh1_ip }} -i $JH1_SSH_PRIVATE_KEY -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -vvvvvv;sleep 30'

[andy-maier]

I don't have experience with Ansible Tower particularly where it runs the Ansible modules. The requirement is that wherever the Ansible modules from the ibm_zhmc collection run (on the Ansible control node), from there you need to have direct network access to the HMC. See also here: https://zhmcclient.github.io/zhmc-ansible-modules/requirements.html#requirements

Ansible allows some variations in how the playbook defines the connection, the recommended approach for the ibm_zhmc collection is to use connection: local and delegate_to: localhost which causes the module to run on localhost (as seen from the control node), but you can also change that if the module is supposed to run elsewhere where Ansible Tower can place it. You have to experiment with that.

Also, if you set up connectivity prior to using Ansible using socks5 or similar, that can be experimented with, but again I have no experience with it.

[ScYang1991]

@andy-maier Thank you for the reply. I will test suggested methods on my environment next month.

[andy-maier]

Closing this issue now. Please reopen the issue or open a new one if there are issues with running in that environment.