Encrypting Host File

Archives Ansible Project
1

Hi,

Good Day!

I have a requirement to encrypt the host file in ansible, say for example, I want to encrypt the production environment host file so that the host information is not available with every one.

Can anyone tell me if this is achievable with Ansible Vault? Or any alternate way how I can get to this.

Regards,
Siva

2

Hi

3

Just to give more information of what I am trying.

host (file name)

[server-a]
server-a

[server-b]
server-b

[appserver:children]
server-a
server-b

host_details (file name)

[server-a:vars]

env_name=server-a

ansible_ssh_user=root

ansible_ssh_host=10.0.0.1

ansible_ssh_private_key_file=~/.ssh/xyz-key.pem

[server-b:vars]

env_name=server-b

ansible_ssh_user=root

ansible_ssh_host=10.0.0.2

ansible_ssh_private_key_file=~/.ssh/xyz-key.pem

  • I am encrypting host_details file using ansible vault.
  • When I execute the playbook,
  • Without encryption: Execution is successful
  • With encryption: I get the below error,
    TASK [setup] *******************************************************************
    Thursday 10 August 2017 11:21:01 +0100 (0:00:00.053) 0:00:00.053 *******
    fatal: [server-a]: UNREACHABLE! => {“changed”: false, “msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname server-a: Name or service not known\r\n”, “unreachable”: true}
    fatal: [server-b]: UNREACHABLE! => {“changed”: false, “msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname server-b: Name or service not known\r\n”, “unreachable”: true}
    Add Comment
4

Host I mean is the inventory file.

5

I see.

Just to be sure: how do you exactly call the playbook?

It shouldn't matter, but can you try given the inventory files a .yml extension?

Dick

6

Hi Dick,

Thanks, your suggestion worked.