Search code examples
ansiblevagrantansible-inventoryvagrantfile

How to set host_key_checking=false in ansible inventory file?


I would like to use ansible-playbook command instead of 'vagrant provision'. However setting host_key_checking=false in the hosts file does not seem to work.

# hosts file
vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key 
ansible_ssh_user=vagrant ansible_ssh_port=2222 ansible_ssh_host=127.0.0.1 
host_key_checking=false

Is there a configuration variable outside of Vagrantfile that can override this value?

Also, how would this work if running ansible from a Kubernetes pod?


Solution

  • Due to the fact that I answered this in 2014, I have updated my answer to account for more recent versions of ansible.

    Yes, you can do it at the host/inventory level (Which became possible on newer ansible versions) or global level:

    inventory:

    Add the following.

    ansible_ssh_common_args='-o StrictHostKeyChecking=no'
    

    host:

    Add the following.

    ansible_ssh_extra_args='-o StrictHostKeyChecking=no'
    

    hosts/inventory options will work with connection type ssh and not paramiko. Some people may strongly argue that inventory and hosts is more secure because the scope is more limited.

    global:

    Ansible User Guide - Host Key Checking

    • You can do it either in the /etc/ansible/ansible.cfg or ~/.ansible.cfg file:

        [defaults]
        host_key_checking = False
      
    • Or you can setup and env variable (this might not work on newer ansible versions):

        export ANSIBLE_HOST_KEY_CHECKING=False
      

    Kubernetes:

    • You can also run a ansible head node as a Kubernetes pod like described here.

    In this case you can use any of the global options above.