"But it is not setting Ansible to perform agent forwarding." I'm glad it's not, that would be a very bad default.
SSH options are configurable via ansible.cfg. http://docs.ansible.com/intro_configuration.html#ssh-args On Thu, Jan 2, 2014 at 7:25 AM, bryan hunt <[email protected]> wrote: > Sorry to resurrect an old post. > > I'm trying to get ansible/vagrant integration working. > > Vagrant uses a generated inventory file to communicate with Ansible. > > But it is not setting Ansible to perform agent forwarding. > > > > > > On Wednesday, August 7, 2013 2:53:20 AM UTC+1, Michael DeHaan wrote: > >> > if you use ANSIBLE_SSH_ARGS you loose the "sensible ControlMaster >> options". >> >> This is not the case, you can pass in whatever arguments you wish to pass >> in, including ControlMaster/ControlPersist. >> >> The user who wanted the ProxyCommand parameter was asking for the same >> kind of option sprawl that resulted in this command being rejected -- >> because if you want to set individual ProxyCommands, you can specify an SSH >> config usign ANSIBLE_SSH_ARGS or the configuration file to specify a >> configuration file that sets this up on a per host basis pretty easily. >> >> There isn't a reason to add a parameter for every possible SSH >> configuration parameter in Ansible *UNLESS* ansible needs to have >> significant behavior changes when those parameters are used. >> >> As for your arguments that it are "not nice", I disagree! It's quite >> nice and ultimately flexible, and presenting a SSH option for every single >> flag in OpenSSH quickly results in unmanageable option sprawl. >> >> >> >> >> >> On Tue, Aug 6, 2013 at 7:28 PM, <[email protected]> wrote: >> >>> Hello all, >>> >>> First, being new to ansible and the ansible community, and having >>> already this proposal rejected in a pull request ( >>> https://github.com/ansible/ansible/pull/3756) >>> let me know if the path I'm taking to have my arguments heard is the >>> good one and I do not hurt or annoy anyone. >>> >>> I began with a problem I'm far from the only one to have: using ssh jump >>> hosts. >>> Apparently, the only ways to manage it with ansible are either via >>> ANSIBLE_SSH_ARGS/ansible.cfg or via an entry in ~/.ssh/config. >>> >>> The first is far from convenient: >>> - According to http://www.ansibleworks.com/docs/gettingstarted.html#id4, >>> if you use ANSIBLE_SSH_ARGS you loose the "sensible ControlMaster options". >>> - These parameters are system-wide/user-wide, and outside of the ansible >>> - I want to version my ansible playbooks/inventory >>> - I expect my ansible playbooks/inventory to be playable on any >>> out-of-the-box ansible installation, like you'd expect any PDF file to open >>> on any PDF reader out of the box. >>> >>> The second is also inconvenient >>> - it's a user-wide setting >>> - you cannot version it with your playbooks/inventory because it is >>> outside of it >>> >>> I stumbled upon somebody with same needs that proposed a >>> ansible_ssh_proxy_cmd inventory parameter >>> https://github.com/ansible/ansible/pull/2970 >>> that would solve my problems but I find this solution in either not >>> generic enough or not specific enough. >>> >>> So that would be nice to have a ansible_ssh_jump_host for instance, like >>> we already have ansible_ssh_user, ansible_ssh_port, >>> ansible_ssh_host. Why not also add ansible_ssh_known_hosts_file, or >>> ansible_ssh_verify_host_key_dns, or any of the bazillions ssh >>> parameters. >>> But that would make a lot of parameters in the inventory file which goal >>> seems to be more about listing and grouping hosts. >>> >>> On the other hand, why not separate the the inventory and the >>> connections parameters. ssh config file is good enough to explain how to >>> connect to a host >>> (user, real name, identity file to use, proxy command, know_host file to >>> use, etc.) already working with every option you'd happen to need. >>> >>> But, as I already said, I think that: >>> - using ~/.ssh/config is not nice >>> - using ansible.cfg or ANSIBLE_SSH_ARGS to relocate ssh config into >>> ansible playbook/inventory repository is also not nice >>> - what if we would like to use several ssh config files according to >>> inventory groups ? >>> >>> Hence, I think ansible_ssh_config is a light and convenient way to >>> - integrate ssh config files into the inventory/playbook repository >>> - have this repository be self-sufficient and work from any host with a >>> working ansible installation (git clone + point ansible to cloned >>> repository + ansible-playbook my_playbook) as anyone would expect >>> - permit to separate inventory and description on how to connect to hosts >>> >>> I hope that was not too long. I'm ready for the >>> suggestions/critics/flames?/anything. >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>> >>> >> >> >> >> -- >> Michael DeHaan <[email protected]> >> >> CTO, AnsibleWorks, Inc. >> http://www.ansibleworks.com/ >> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > > For more options, visit https://groups.google.com/groups/opt_out. > -- Michael DeHaan <[email protected]> CTO, AnsibleWorks, Inc. http://www.ansibleworks.com/ -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
