Here below is a inventory file that I need to use when I run my playbook with.
[eu-de_eos]
eos-apps-45180 ansible_host=10.20.0.21
eos-apps-45181 ansible_host=10.20.0.22
[eu-de_ora]
ora-apps-45184 ansible_host=10.20.0.23
ora-apps-45185 ansible_host=10.20.0.24
[all_servers:children]
eu-de_eos
eu-de_ora
This is my playbook which only does a cat /etc/hosts for every host from inventory having a role with a task for this purpose.
- name: Cat /etc/hosts
hosts: "{{ variable_host | default('all') }}"
remote_user: "{{ variable_user | default('ansible') }}"
roles:
- cat-hosts
To be able to connect via ssh to remote hosts from the inventory, I need to go through a bastion.
I know that when working with a bastion I need to add ansible_ssh_common_args like eu-de_ora:vars or eu-de_eos:vars. More details here. I need to mention that the connection through a bastion works, but I need to use vars in a different file, that's the main requirement like below:
This is a yaml file that I use but this is only for eu-de_ora and the 10.20.30.40 should be the IP of the bastion.
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/ora.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
To run my playbook using the above YAML file as --extra-vars I run the command as :
ansible-playbook -i inventory/inventory-otc-50160 manage_users.yml --extra-vars "@inventory/oravars.yaml" --extra-vars "variable_host=eu-de_ora"
But this scenario is only for eu_de-ora. I need to run my playbook for both remote hosts and having ansible_ssh_common_args in a different file. I expect to have a different yaml file that I can use for both remote hosts. I need to mention that I tried different ways but none of them worked.
#This is not working :(
eu-de_ora:
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/ora.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
eu-de_eos:
ansible_port: 22
ansible_user: linux
ansible_ssh_private_key_file: ~/.ssh/eos.pem
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
You don't need extra vars, just a correctly crafted inventory:
Example file structure:
.
├── demo_playbook.yml
└── inventories
└── demo
├── group_vars
│ ├── all.yml
│ ├── eu-de_eos.yml
│ └── eu-de_ora.yml
└── hosts
hosts file:
[eu-de_eos]
eos-apps-45180 ansible_host=10.20.0.21
eos-apps-45181 ansible_host=10.20.0.22
[eu-de_ora]
ora-apps-45184 ansible_host=10.20.0.23
ora-apps-45185 ansible_host=10.20.0.24
[all_servers:children]
eu-de_eos
eu-de_ora
Group variables:
all.yml---
ansible_port: 22
ansible_user: linux
ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q ansible@{{ jump_host }} -o Port=65222 -W %h:%p\""
eu-de_eos.yml---
ansible_ssh_private_key_file: ~/.ssh/eos.pem
jump_host: 30.40.50.60
* `eu-de_ora.yml`
```yaml
---
ansible_ssh_private_key_file: ~/.ssh/ora.pem
jump_host: 10.20.30.40
Using the above inventory with the dummy demo_playbook.yml:
---
- hosts: all_servers
gather_facts: false
tasks:
- ansible.builtin.debug:
msg:
- "I'm running on {{ inventory_hostname }}"
- "I'd connect to target with user {{ ansible_user }}"
- "I'd use ssh port {{ ansible_port }}"
- "The private key for ssh would be {{ ansible_ssh_private_key_file }}"
- "The ssh option I would use are: {{ ansible_ssh_common_args }}"
gives:
$ ansible-playbook -i inventories/demo/ demo_playbook.yml
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
PLAY [all_servers] *********************************************************************************************************************************************************************************************************************
TASK [ansible.builtin.debug] ***********************************************************************************************************************************************************************************************************
ok: [eos-apps-45180] => {
"msg": [
"I'm running on eos-apps-45180",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/eos.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [eos-apps-45181] => {
"msg": [
"I'm running on eos-apps-45181",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/eos.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [ora-apps-45184] => {
"msg": [
"I'm running on ora-apps-45184",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/ora.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
ok: [ora-apps-45185] => {
"msg": [
"I'm running on ora-apps-45185",
"I'd connect to target with user linux",
"I'd use ssh port 22",
"The private key for ssh would be ~/.ssh/ora.pem",
"The ssh option I would use are: -o StrictHostKeyChecking=no -o ProxyCommand=\"ssh -q [email protected] -o Port=65222 -W %h:%p\""
]
}
PLAY RECAP *****************************************************************************************************************************************************************************************************************************
eos-apps-45180 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
eos-apps-45181 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ora-apps-45184 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ora-apps-45185 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Note the warning about invalid group names where you should replace dashes (-) with underscores (_).