Hey Eric, Thanks for your questions!
vagrant sets different private keys for each hosts This is a new feature introduced in Vagrant 1.7.0, that you can easily disable by adding this setting in your Vagrantfile: config.ssh.insert_key = false Another possible workaround (if you really want to keep these distinct ssh key pairs for each machine), can consist in providing multiple private keys to Ansible with something like: config.ssh.private_key_path = [ "vagrant/machines/host-1/virtualbox/private_key", ... ".vagrant/machines/host-n/virtualbox/private_key" ] Note: I did not test the latter. Having in the future GH-5005 (add a global public key insertion) <https://github.com/mitchellh/vagrant/issues/5005> will also help to solve this problem. But for now, I would personally recommend to stick to config.ssh.insert_key = false. How can I let vagrant specify this explicitly for ansible, in the generated > inventory file, so that ansible can be run independently? > You cannot since this option is not supported at the moment. There is an open pull request GH-5044 (Use `ansible_ssh_private_key_file` in generated inventory) <https://github.com/mitchellh/vagrant/pull/5044/> that actually proposes to go this way, but there are several issues around this proposal that bring me to most probably reject it: - this wish is motivated by an external or unsupported usages of Vagrant (calling `ansible-playbook` from the shell or using the parallel provisioning trick <https://github.com/mitchellh/vagrant/issues/5048>) - it would require some tricky special cases that can lead to unnecessary code complexity and usage confusions. Examples: - When ansible.inventory_path is used, then pass the private key as a command line argument. - When a generated inventory is used, then put the private key paths in the inventory file. - Very probable mess when dealing with multiple SSH identities with the config.ssh.private_key_path option and ANSIBLE_SSH_ARGS under the hood. - Many (most?) Ansible users configure a single ssh key pair for the machines they manage, especially in simple/sandbox contexts like Vagrant. If you don't share my opinions, please try to convince me of the contrary with a comment directly on GH-5044 :-) "Group variables are intentionally not supported, as this practice is not > recommended." . If anyone can explain me why this is not recommended, I'm > curious. > In the Inventory Guide from docs.ansible.com <http://docs.ansible.com/intro_inventory.html#splitting-out-host-and-group-specific-data> it is mentioned that: *The preferred practice in Ansible is actually not to store variables in the main inventory file.* By setting all your variables in group_vars (and/or host_vars) files, you can easily configure multiple environments, etc. Note that it might be a good idea to clarify a bit the vagrant docs by saying something like "Group variables are intentionally not supported, as it is not recommended to store variables in the main inventory file" (with a link to Ansible docs <http://docs.ansible.com/intro_inventory.html#splitting-out-host-and-group-specific-data> ). I hope all this answer well your questions and please keep the discussion open if you have any more doubts or remarks. Best Regards, Gilles Le samedi 10 janvier 2015 15:49:01 UTC+1, Eric Feliksik a écrit : > > My Vagrantfile includes an instruction to do Ansible provisioning. Vagrant > neatly generates an ansible inventory file > in .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory , but > it does not include ansible_ssh_private_key_file instructions for each > host: > > host-1 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2200 > host-2 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2201 > otherhost-1-1 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2202 > > The consequence is that I can not control them with ansible-playbook > directly, as vagrant sets different private keys for each hosts so even > ansible-playbook --private-key $MYFILE -i > .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory site.yml > would not work. What does work is modifying the generated file: > > host-1 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2200 > ansible_ssh_private_key_file=.vagrant/machines/host-1/virtualbox/private_key > host-2 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2201 > ansible_ssh_private_key_file=.vagrant/machines/host-2/virtualbox/private_key > otherhost-1-1 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2202 > ansible_ssh_private_key_file=.vagrant/machines/otherhost-1-1/virtualbox/private_key > > Main question: How can I let vagrant specify this explicitly for ansible, > in the generated inventory file, so that ansible can be run independently? > > Second I actually tried to make Vagrant include per-host (and per-group) > variables in the generated inventory file -- for this and other purposes -- > but this seems not possible: > https://docs.vagrantup.com/v2/provisioning/ansible.html says "Group > variables are intentionally not supported, as this practice is not > recommended." . If anyone can explain me why this is not recommended, I'm > curious. Because the Ansible documentation does not mention this, and > happily describes how to use group variables (also in inventory files). > > Thanks in advance, > Eric > > -- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.