Can somebody please tell me where the hell I am wrong here…??
commands i used are:-
I had tried 5 times and everytime it is getting failed…!!
@Tej-Singh-Rana
@Sauron
@sunil_2
What`s in /home/thor/ansible/inventory file?
You can write user pass to ansible inventory file via:
[hosts]
host_ip
[hosts:vars]
ansible_ssh_private_key_file=~/.ssh/id_rsa
ansible_user=user
ansible_password=pass
So, when in logs you see password error, look in inventory file.
stapp01 ansible_user=tony ansible_host=stapp01 ansible_ssh_pass=Ir0nM@n
you mean something like this for all 3 servers??
I read again task conditions. You must make passwordless ssh connection.
So, I think you must specify your id_rsa in inventory file:
stapp01 ansible_user=tony ansible_ssh_private_key_file=~/.ssh/id_rsa
Try to ping with this inventory file.
alright, i will try again…
done… Thanks a lot 
This is for education purpose only, there is no guarantee if you follow my steps here you will pass the Task verification for any Ansible Tasks.
But again, I have been doing the following steps in almost all my Ansible Tasks.
In any case, the query here has been Solved, so if you just want to pass the Task, and not care for anything else, just ignore this.
[thor@jump-host ansible]$ ansible --version
ansible [core 2.15.3]
config file = /home/thor/ansible/ansible.cfg
configured module search path = ['/home/thor/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /home/thor/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.4 (main, Aug 11 2023, 13:46:19) [GCC 8.5.0 20210514 (Red Hat 8.5.0-20)] (/usr/bin/python3.11)
jinja version = 3.1.2
libyaml = True
[thor@jump-host ansible]$ egrep -v "^;|^#|^$" ansible.cfg
[defaults]
host_key_checking=False
[privilege_escalation]
[persistent_connection]
[connection]
[colors]
[selinux]
[diff]
[galaxy]
[inventory]
[netconf_connection]
[paramiko_connection]
[jinja2]
[tags]
[runas_become_plugin]
[su_become_plugin]
[sudo_become_plugin]
[callback_tree]
[ssh_connection]
[winrm]
[inventory_plugins]
[inventory_plugin_script]
[inventory_plugin_yaml]
[url_lookup]
[powershell]
[vars_host_group_vars]
[thor@jump-host ansible]$
[thor@jump-host ansible]$ cat inventory
[stapps]
stapp01 ansible_user=tony
stapp02 ansible_user=steve
stapp03 ansible_user=banner
[thor@jump-host ansible]$ cat /etc/hosts
127.0.1.1 jump-host
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.238.10 stapp01
172.16.238.11 stapp02
172.16.238.12 stapp03
172.16.238.14 stlb01
172.16.238.15 ststor01
172.16.239.10 stdb01
[thor@jump-host ansible]$ ansible -i inventory stapps -m ping
stapp02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
stapp01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
stapp03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
[thor@jump-host ansible]$ cat ~/.ssh/id_ed25519 # this is a throw away private key. It will be invalidated after this demo, when the environment is destroy.
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACCIzufXoV+JG7pNCA9ZV1ytaEpeq3NYD1rZxSXpmSYKLgAAAJg02oTnNNqE
5wAAAAtzc2gtZWQyNTUxOQAAACCIzufXoV+JG7pNCA9ZV1ytaEpeq3NYD1rZxSXpmSYKLg
AAAEA2Fb7SJLC9MEWemkccn7kTVPY02k5ouDoop1sezZ1esojO59ehX4kbuk0ID1lXXK1o
Sl6rc1gPWtnFJemZJgouAAAADnRob3JAanVtcC1ob3N0AQIDBAUGBw==
-----END OPENSSH PRIVATE KEY-----
[thor@jump-host ansible]$ ansible -i inventory stapps -a "cat ~/.ssh/authorized_keys"
stapp02 | CHANGED | rc=0 >>
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjO59ehX4kbuk0ID1lXXK1oSl6rc1gPWtnFJemZJgou thor@jump-host
stapp03 | CHANGED | rc=0 >>
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjO59ehX4kbuk0ID1lXXK1oSl6rc1gPWtnFJemZJgou thor@jump-host
stapp01 | CHANGED | rc=0 >>
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjO59ehX4kbuk0ID1lXXK1oSl6rc1gPWtnFJemZJgou thor@jump-host
And if you really know what you are doing with ssh…
[thor@jump-host ansible]$ cat inventory
[stapps]
stapp01
stapp02
stapp03
[thor@jump-host ansible]$ ansible -i inventory stapps -m ping
stapp03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
stapp02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
stapp01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
Note: the above are in my own environment, not in KKE environment. YMMV.
Already done brother… But thanks for the help😊
Hi Bhard,
I have tried this task and succeeded but with one change in the inventory file. I used ansible_user=banner instead of ansible_host provided with the same password for the banner. However, I am confused with this as ping fails when giving ansible_hosts.
Please explain if possible.
Thanks.
Hi uwithnishad!
Im not quite clear understood your question. With stapp01 ansible_user=tony ansible_ssh_private_key_file=~/.ssh/id_rsa in inventory you say to ansible login tostapp01with usertonyfrom jump server. On jump server you login asthorand send your rsa key tostapp01server for usertonyon that server. On other hand you can specify in inventory usertonyand password for usertony` and this must work, but it definetly unsecure.
HI,
I meant when I gave ansible_user=banner in my task with the password for banner. it worked out. Then I removed ansible_user rather I gave ansible_hosts it did not. So the point here is why it did not worked out with ansible host when details are already present on inventory file and also we passed the ssh-key to respective servers as per the tasks.
I meant when I gave ansible_user=banner in my task with the password for banner.
Your inventory was something like this:
stapp03 ansible_user=banner ansible_password=pass?
And this is correct and should work.
Next you try inventory like this:
stapp03 ansible_host=stapp03and have errors?
Well, this also correct.
stapp03 just name for host in inventroy. First ansible read ansible_host variable if it exists, nest try to login to host by name in inventory.
And if you omit username in inventory line, ansible try to login with current user from jumpserver, but user thor does not exist on stapp03 server.
Yes. it was throwing an error but once I removed ansible_host and rather gave ansible_user. it worked out correctly.