Hi,
We are using GCP with ansible which has been working great up now, we are
setting all the flags in ~/.ansible.cfg for ssh
i.e
ssh_args = -t -i ~/.ssh/google_compute_engine -o CheckHostIP=no -o
ControlMaster=auto -o ControlPersist=600s -o IdentitiesOnly=yes -o
UserKnownHostsFile=~/.ssh/google_compute_known_hosts -o
ProxyCommand="/usr/bin/python3 -S /usr/lib64/google-cloud-sdk/lib/gcloud.py
beta compute start-iap-tunnel %h %p --listen-on-stdin
--project=studio-00056 --zone=europe-west1-b --verbosity=warning" -o
ProxyUseFdpass=no
This has been fine, till we now have to use another zone, meaning that i
need to switch the args
I tired replacing the ssh_executable with my own wrapper
#!/bin/bash
set -x
host="${@: -2: 1}"
cmd="${@: -1: 1}"
# ControlMaster=auto & ControlPath=... speedup Ansible execution 2 times.
socket="/tmp/ansible-ssh-${host}-22-iap"
zone=$(gcloud compute instances list --filter="name:${host}"
--format='value(zone)')
gcloud_args="
--tunnel-through-iap
--zone=$zone
--quiet
--no-user-output-enabled
--
-C
-o PreferredAuthentications=publickey
-o KbdInteractiveAuthentication=no
-o PasswordAuthentication=no
-o ConnectTimeout=20
-i ~/.ssh/google_compute_engine
-o CheckHostIP=no
-o ControlMaster=auto
-o ControlPersist=600s
-o IdentitiesOnly=yes
-o ProxyUseFdpass=no
"
exec gcloud compute ssh "$host" $gcloud_args "$cmd"
but this is is super slow as it does one ssh connection for each part of
the playbook, a normal playbook before would take 33 seconds now it take
590 second
Any suggestion?
Thanks
Adam
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/052cb4dc-ceee-44ca-a301-99fe1cc58ffan%40googlegroups.com.
