Ansible getting started official doc not working

Get Help
1

I’m learning Ansible thanks of the official documentation: Building an inventory — Ansible Community Documentation

the step 4: “Ping the myhosts group in your inventory” is not working for me
ansible myhosts -m ping -i inventory.ini

returns me:

server | UNREACHABLE! => {
    "changed": false,
    "msg": "Task failed: Failed to connect to the host via ssh: Host key verification failed.",
    "unreachable": true
}

but I can ping manually the “server” host, and I can connect with ssh on it thanks to the authorized_keys.

My server Dockerfile:

FROM alpine

RUN apk add openssh

RUN ssh-keygen -A

RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh

COPY authorized_keys /root/.ssh/authorized_keys

CMD ["/usr/sbin/sshd", "-D"]

My ansible dockerfile:

FROM alpine/ansible:latest

RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh

COPY .ssh /root/.ssh

COPY ansible_project ansible_project

WORKDIR /ansible_project

RUN chmod 600 /root/.ssh/id_rsa && chmod 644 /root/.ssh/id_rsa.pub

CMD ["tail", "-f", "/dev/null"]

Did the tutorial forgot to tell any configuration steps ?

2

The ping module does not do an icmp ping, it is a round trip test, that among other things validates that it can SSH to the host.

The error you are getting states:

Host key verification failed

This means the local ssh client likely has an SSH host key stored for the server that no longer matches what the server is configured to use.

3

After reading more documentation, my new ansible Dockerfile is this:

FROM python

RUN adduser ansible

USER ansible

COPY --chown=ansible .ssh /home/ansible/.ssh

RUN chmod 700 /home/ansible/.ssh && \
    chmod 600 /home/ansible/.ssh/id_rsa && \
    chmod 644 /home/ansible/.ssh/id_rsa.pub

RUN python3 -m pip install --user pipx && \
    python3 -m pipx ensurepath

RUN ~/.local/bin/pipx install --include-deps ansible

COPY ansible_project ansible_project

WORKDIR /ansible_project

CMD ["tail", "-f", "/dev/null"]

I still have to register the host in the known_host which I need to find a way to automatise.

With this Dockerfile the error is now:

server | UNREACHABLE! => {
    "changed": false,
    "msg": "Task failed: Failed to connect to the host via ssh: ansible@server: Permission denied (publickey,password,keyboard-interactive).",
    "unreachable": true
}

Then by installing python3 on the host and specify -u root on the ansible command, it works.

The official “Getting Starter” should add those information to be aimed at beginners

4

I didn’t know what happened, anyway with a not root user it seems to work better. I’m not familiar with ssh at the moment

5

This might not be the best example as the role is very old and needs a re-write but the SSH role I have written generates known_hosts and other SSH config files, an example output is this repo: