Current state of pivoting through a jumpbox

andrew2 · October 8, 2014, 6:13pm

Hi everyone,

First-time poster here. I’d like to have Ansible on one subnet pivot through a jumpbox to a different subnet (technically a separate datacenter) for provisioning a host.

I found posts such as this:

https://groups.google.com/forum/#!searchin/ansible-project/jumpbox/ansible-project/-whVJFjYESg/LTf6dRzoFUsJ

and this:

http://alexbilbie.com/2014/07/using-ansible-with-a-bastion-host/

The machine being provisioned has an internal IP and provisioning fails with ‘FAILED: [Errno 101] Network is unreachable’. This makes sense since these are separate networks and we don’t use a VPN. What confuses me is why Ansible isn’t pivoting.

This is maybe a complicated setup (and an edge-case at that), so any advice as to alternative methods will also be taken into consideration. Maybe there’s even an “accepted” way to do this that I don’t know about. We are also open to simply having an Ansible provisioning box at our secondary location.

Best regards,

Andrew

user32 · January 23, 2015, 9:15am

Andrew, try to create public SSH bastions for every Amazon VPC you have at the moment. So you will have an ability to provision any private node over appropriate Bastion from Ansible playbook.

The ony problem will be to tell Ansible to reload ssh_config on-the-fly if you would like to generate it from playbook and use at farther steps of the same playbook.

Topic		Replies	Views
Ansible provisioning through bastion SSH host Ansible Project aws	2	4	July 19, 2015
Ansible jumpbox/bastion host configuration and private server Get Help ubuntu	1	825	November 7, 2023
Any way to re-read ssh_config on-the-fly from Ansible playbook? Ansible Project ubuntu	2	2	May 6, 2015
Using Ansible from host through bastion to private IP Ansible Developer awx	0	13	September 30, 2019
Jumphost + Ansible Ansible Project	0	2	March 20, 2018

Current state of pivoting through a jumpbox

Related topics