So I've got a host that I need to jump through two bastion hosts to get to:
Ansible -----> bastion_1 -----> bastion_2 -----> target
I can use ansible to get to bastion_2 by setting up a hostvar:
ansible_ssh_common_args: -o "ProxyCommand=ssh -q -W %h:%p
{{local_user_account}}@bastion_1"
...and that works correctly.
I tried setting up a similar hostvar for target:
ansible_ssh_common_args: -o "ProxyCommand=ssh -q -W %h:%p
{{local_user_account}}@bastion_2"
...but that doesn't work, because ansible is trying to ssh directly to
bastion_2 and not caring about the hostvar set up to access bastion_2.
I have a workaround. I can set up an entry in my ~/.ssh/config file
Host bastion_2
ProxyCommand ssh -q -W %h:%p bastion_1
... and then ansible works, because ansible tells ssh to go through
bastion_2, and ssh figures its own way there.
But is there a way to do this just within ansible, without using
.ssh/config ?
--EbH
PS -- my ssh is too old for the -J / ProxyJump option, which I think would
solve my problem.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/edea0ef1-1dac-43ee-9dc6-fe6e69783815%40googlegroups.com.
