Menu
The question is simple: what is the difference between ansible_user (former ansible_ssh_user) and remote_user in Ansible, besides that the first one is set if configuration file and the latter one is set in plays / roles? How do they relate to -u / --user command line options?
673
remote_user is the account that logs into the machine ( ssh vagrant@tmp_ansible_test_vm would have vagrant as the remote user). If this user is going to do perform tasks as root or another user, it should have sudo permissions (i.e., be added to the wheel group on CentOS).
Ansible can use a variety of connection methods beyond SSH. You can select any connection plugin, including managing things locally and managing chroot, lxc, and jail containers.
They both seem to be the same. Take a look here:
https://github.com/ansible/ansible/blob/c600ab81ee/lib/ansible/playbook/play_context.py#L46-L55
# the magic variable mapping dictionary below is used to translate
# host/inventory variables to fields in the PlayContext
# object. The dictionary values are tuples, to account for aliases
# in variable names.
MAGIC_VARIABLE_MAPPING = dict(
connection = ('ansible_connection',),
remote_addr = ('ansible_ssh_host', 'ansible_host'),
remote_user = ('ansible_ssh_user', 'ansible_user'),
port = ('ansible_ssh_port', 'ansible_port'),
Besides, ansible_user is used when we want to specifiy default SSH user in ansible hosts file where as remote_user is used in playbook context.
From https://github.com/ansible/ansible/blob/c600ab81ee/docsite/rst/intro_inventory.rst
ansible_user The default ssh user name to use.
and here is an example of using ansible_user in ansible hosts file:
[targets]
localhost ansible_connection=local
other1.example.com ansible_connection=ssh ansible_user=mpdehaan
other2.example.com ansible_connection=ssh ansible_user=mdehaan
One difference between remote_user and ansible_user:
When you run a role with different users from a playbook, e.g.:
- name: Apply user configuration to user root
hosts: all
remote_user: root
- name: Apply user configuration to user murphy
hosts: all
remote_user: murphy
Then you can perform a conditional task for a distinct user by using "when: ansible_user == .." but not with "when: remote_user == ..". e.g.:
- name: Add user murphy to wheel group
user:
name: murphy
groups: wheel
append: yes
when: ansible_user == "root"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
