How to bootstrap a host with python-keyczar and a different ssh port, then keep going ?

Hello,

I’m provisioning hosts from a vanilla Ubuntu image (that lacks python-keyczar and has sshd on port 22)
I want to end up using accelerate mode and moving sshd to a different port.

Can you think of a way to do this that doesn’t involve 2 stages with a separate “bootstrap” playbook/inventory that just installs keyczar and the sshd config, and another regular one for subsequent runs ? This is especially painful with Vagrant which can take only a single “ansible.playbook” parameter.

Ideally I’d like not to use extra_vars either, just :

• have accelerate mode fall back to off if keyczar isn’t present on the remote host, then be able to switch it back on in the middle of the playbook once it’s been installed
• have fallback ports for ssh to be able to connect to either bootstrapped/non bootstrapped machines

Is any of that possible ? How do people deal with that ?

Thanks !

just test the ssh port, register a var/group_by and run the ‘bootstrap’ if that is not what it should be before the rest of the plays, skip otherwise.

My suggestion is that once you update the image, save the image, and use that image moving forward.

If you are going a preseed-installation approach, you could put keyczar in the preseed.