I do have access to ssh into the destination machine, and it works, but whenever I run this playbook, I get this error output:
sudo ansible-playbook ansible-playbook-test.yml
PLAY [openstack] *****************************************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************************
fatal: [amachine]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive).\r\n", "unreachable": true}
to retry, use: --limit @/blah/ansible-play/ansible-playbook-test.retry
PLAY RECAP ***********************************************************************************************************************************************************************************************
amachine : ok=0 changed=0 unreachable=1 failed=0
My playbook is as simple as this:
---
# hosts could have been "remote" or "all" as well
- hosts: openstack
tasks:
- name: test connection
ping:
remote_user: djuarezg
vars:
ansible_ssh_extra_args: '-K -o ControlPath=none'
- hosts: openstack
tasks:
- name: Create Swarm cluster
command: mkdir djg
vars:
ansible_ssh_extra_args: '-K -o ControlPath=none'
I was trying to use ansible_ssh_extra_args: '-K -o ControlPath=none'
to see if it was able to forward the Kerberos ticket, but any kind of connection is enough.
If Ansible cannot connect to a host, it marks that host as 'UNREACHABLE' and removes it from the list of active hosts for the run. You can use meta: clear_host_errors to reactivate all hosts, so subsequent tasks can try to reach them again.
Details: Use Special Variables. Quoting: ansible_play_hosts_all: List of all the hosts that were targeted by the play. ansible_play_hosts: List of hosts in the current play run, not limited by the serial.
Ansible normally has defaults that make sure to check the return codes of commands and modules and it fails fast – forcing an error to be dealt with unless you decide otherwise. Sometimes a command that returns different than 0 isn't an error.
You can achieve similar effect by just using the --step flag e.g: ansible-playbook playbook. yml --step . The step asks you on before executing each task and you could choose (N)o/(y)es/(c)ontinue . With this approach you selectively execute tasks when needed and also continue from point where it failed, after fixes.
Try this:
$ ansible-playbook --user=djuarezg -vvv ansible-playbook-test.yml
Check SSH args in the output
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With