Reputation: 8361
SSH into a Vagrant machine with Ansible
Normally, you can ssh into a Vagrant-managed VM with vagrant ssh. There are two options:
- You can use an
insecure_private_keygenerated by Vagrant to authenticate. - Use your own private key - provided that
config.ssh.forward_agentis set totrue, and the VM is configured correctly
I use the second option. S when I run vagrant ssh, I ssh into the machine with my custom private key.
Now I need to let Ansible SSH into my Vagrant machine and I do not want to use Vagrantfile for it.
So I executed:
ansible-playbook -i hosts/development --private-key=~/.ssh/id_rsa -u vagrant dev.yml
And I have this error returned:
fatal: [192.168.50.5] => SSH Error: Permission denied (publickey). while connecting to 192.168.50.5:22
The hosts/inventory file holds just the IP of my Vagrant VM (192.168.50.5).
I do not know why Ansible cannot ssh into the VM. It's using exactly the same user (vagrant) and key (id_rsa) as when executing vagrant ssh.
However, there is no problem sshing with vagrant ssh while the above would not run.
Any suggestions would be much appreciated.
Upvotes: 20
Views: 20756
Answers (4)
Reputation: 36
To let Ansible access into a Vagrant machine via SSH we'll need the following ingredients:
vagrant ssh-configoutputs OpenSSH valid configuration to connect to the Vagrant VMs (see vagrant ssh-config - Command-Line Interface )ansible_ssh_common_argsis always appended to the default command line for ssh commands (see How to build your inventory - Ansible Documentation)- In SSH commands, the option
-Fspecifies an alternative per-user configuration file (see ssh - Linux manual page)
Here's what you could do. First, execute vagrant ssh-config > .vagrant/ssh-config. Then, create an inventory file dedicated to Vagrant (e.g. inventories/vagrant.yml) with the following contents:
all:
hosts:
vagrant-host-1:
vagrant-host-2:
vars:
ansible_ssh_common_args: -F .vagrant/ssh-config
You're ready to let Ansible SSH into Vagrant VMs by adding -i inventories/vagrant.yml to the commands! For example, you could run the following command to test the connection:
ansible -i inventories/vagrant.yml all -m ping
Upvotes: 1
Reputation: 877
For those using an inventory.txt, it will look something like this:
[vmgroup]
192.168.56.10
[vmgroup:vars]
ansible_ssh_user=vagrant
ansible_ssh_private_key_file=/Users/amar/centos7/.vagrant/machines/default/virtualbox/private_key
This private key file location was observed from the output of vagrant ssh-config command; Executed while being inside the folder formed with vagrant init centos/7
Upvotes: 1
Reputation: 31
I think that you should try using the inventory generated by vagrant. This will save you from having to maintain an Ansible inventory in addition to your Vagrantfile.
For example, you should find an inventory like this used for vagrant ssh:
cat .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
>>>
# Generated by Vagrant
default ansible_host=127.0.0.1 ansible_port=2222 ansible_user='vagrant' ansible_ssh_private_key_file='/home/someone/coding-in-a-project/.vagrant/machines/default/virtualbox/private_key'
You will be able to run ansible ad-hoc commands and ansible-playbook commands.
(specify this maybe for your needs : --private-key=~/.ssh/your_private_key)
ansible default -i .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory -m ansible.builtin.shell -a 'echo foobar'
ansible-playbook -i .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory playbook.yml
source : https://docs.ansible.com/ansible/latest/scenario_guides/guide_vagrant.html
Upvotes: 3
Reputation: 6195
The problem probably lies within your hosts/inventory file. You need to add the proper connection configuration for Ansible therein, save and re-run.
192.168.50.5 ansible_ssh_port=22 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.ssh/id_rsa
If you are not using port 22, adjust the ansible_ssh_port in your hosts file accordingly.
It is also a possibility that you have not setup your pubkey in Vagrant, hence this would also not work. To test this, run:
vagrant ssh-config | grep IdentityFile
# result should be your private key and not
# .vagrant/machines/default/virtualbox/private_key
If you have not put your pubkey in the Vagrant vm, you will need to add that before you can try your private key.
Reference: http://docs.ansible.com/ansible/intro_inventory.html#list-of-behavioral-inventory-parameters
Reference: https://docs.vagrantup.com/v2/cli/ssh_config.html
Upvotes: 32
Related Questions
- Ansible can't connect to Vagrant VM (Permission denied)
- ssh connection to Vagrant virtual machine using Ansible fails
- Ansible & Vagrant development environment
- Failed to connect to host via SSH on Vagrant with Ansible Playbook
- Ansible cannot ssh into VM created by Vagrant
- Error: Failed to connect to the host via ssh
- Vagrant and ansible & ssh
- Vagrant Ansible provisioning SSH error
- Error connecting with Ansible to Vagrant guest using SSH
- Vagrant, Ansible, and SSH forwarding