Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can "ansible_ssh_common_args" variable be used for different child groups in inventory file?

Tags:

ansible

I am trying to connect to 2 hosts from 2 different ProxyJumpHost.

For example: hostname1 is reachable only via ProxyJumpHost1 hostname2 is reachable only via ProxyJumpHost2

when I give "ansible_ssh_common_args" variable separately for the group but ansible is picking only one ProxyJumpHost information and trying to connect both the hosts from there.

My inventory yaml file looks like this

all_nodes:
  children:
    preprod:
      children:
        PRE_CH:
          vars:
            ansible_ssh_common_args: '-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost1>"'
          hosts:
            hostname1:
              ansible_host: <IP_Address>
            hostname2:
              ansible_host: <IP_Address>
        PRE_NL:
          vars:
            ansible_ssh_common_args: '-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost1>"'
          hosts:
            hostname3:
              ansible_host: <IP_Address>
            hostname4:
              ansible_host: <IP_Address>

My expectation is to connect the correct host via correct ProxyJumpHost.

But actually it takes only one ProxyJumpHost value and tries to connect all the hosts via that.

like image 389
Prashaanth Avatar asked Oct 30 '25 06:10

Prashaanth

1 Answers

In your example both vars are identical

PRE_CH:
  vars:
    ansible_ssh_common_args: '-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost1>"'

PRE_NL:
  vars:
    ansible_ssh_common_args: '-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost1>"'

Q: "For example, hostname1 is reachable only via ProxyJumpHost1 hostname2 is reachable only via ProxyJumpHost2. I expect to connect the correct host via correct ProxyJumpHost."

A: Set ansible_ssh_common_args for each host

hosts:
  hostname1:
    ansible_host: <IP_Address>
    ansible_ssh_common_args: '... {{ user }}@<ProxyJumpHost1>"'
  hostname2:
    ansible_host: <IP_Address>
    ansible_ssh_common_args: '... {{ user }}@<ProxyJumpHost2>"'

Q: "What if I have 2 more hosts that I can connect via ProxyJumpHost1 and 2 more via ProxyJumpHost2? In total, I will have 3 hosts via ProxyJumpHost1 and 3 hosts via ProxyJumpHost2"

A: For example (for simplicity and modularity) create inventory file gates.ini with two other groups gate1 and gate2. Add this file to the inventory either in the config, or command line. Remove ansible_ssh_common_args from other inventory files

[gate1]
hostname1
hostname2
hostname3
[gate1:vars]
ansible_ssh_common_args='-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost1>"'

[gate2]
hostname4
hostname5
hostname6
[gate2:vars]
ansible_ssh_common_args='-o ProxyCommand="sshpass -p {{ password }} ssh -W %h:%p -q {{ user }}@<ProxyJumpHost2>"'

See

  • How do I configure a jump host to access servers that I have no direct access to?.
  • How to add multiple inventory files in command line while executing a playbook
like image 139
Vladimir Botka Avatar answered Nov 01 '25 06:11

Vladimir Botka
Sign in to Comment

Related questions

Ansible fail a playbook if directory not exist in windows
Ansible - The error was: 'item' is undefined
Use a var in a var in Ansible (lookup) - aws_ssm plugin
Ansible : Split a string with multiple spaces as delimiter
Provisioning a docker container using ansible

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!