Ansible will use your SSH config when using the ssh (not paramiko) transport, perhaps it’s not finding it for some reason.
paramiko would be the default if you were running from RHEL/CentOS 6 or before, where OpenSSH is not new enough to support ControlMaster, and paramiko is therefore still faster. (review for everyone: accelerate mode is the performance option there, since pipeling is OpenSSH only).
Let’s start with what OS you are running form as that may highlight that transport question. If not, we can ask other questions.
That didn’t make a difference.
I know that ansible is using that ansible.cfg file because I can put a “remote_user = xxx” line
at the end of it and ansible uses that.
It would be helpful if someone could simply add “ssh_args= -F sshconfig” to an ansible.cfg
file and show some output that proves that Ansible is using it.
FWIW, I got this idea from you - reference: https://groups.google.com/d/msg/ansible-project/AOt-5fgBzho/hEDnnOrJkC8J
However, I’ve never seen an implementation of it or a working example that’s been tested. I think someone posted an
example where they had “-F ~/.ssh/config” but since that’s the default ssh config file (ssh will use ~/.ssh/config whether or not
your specify it with the -F flag) it doesn’t really test whether it’s working or not.
Yes. I tried that. No difference. As I mentioned, it’s clear that Ansible is using my ansible.cfg file. For example, if I set the remote_user in my ansible.cfg to:
[defaults]
transport=ssh
ssh_args= -F /work/sshconfig
remote_user=dummyuser
Then everything fails because Ansible tries to use “dummyuser” to connect.
I’m still wondering if anyone has ever successfully used ssh_args with anything besides “-o param=value” directives.
What is ansible doing, for example, if you put “-v” or “-f” in ssh_args? They seem to have no effect.
Thanks. That got things working. It would be nice if Ansible did some basic syntax checking on the cfg file.
So if you have multiple bastion files, but no specific domain name you can wildcard off of (e.g. “Host *.mydomain.com”, "Host “.anotherdom.com”, etc), what is the Ansible best practice for handling multiple clusters with a bastion server for each
cluster? Reference: https://groups.google.com/d/msg/ansible-project/bWdWJ4UtkFQ/fXHO3MDvF_kJ
So, if a lot of your machines have IP addresses (or very different domain names) then you’d have
to create an ssh config file entry for each individual IP address, right? Because there’d be no way
to use wildcards. Am I missing something here?