How to tell ansible to use a key

Question

I'm not very familiar with ansible. The problem I have at the moment is the following: I have a master - nodes environment with multiple nodes. My ansible needs to access my nodes but can't access them.

SSH Error: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

I'm able to SSH from my master to each node but only by using a key:

ssh -i key-to-node.pem centos@ec2...

Is it possible to setup something to allow ansible to connect to the created hosts?

Answer 1

You can define your pem file in your ansible.cfg:

private_key_file=key-to-node.pem

If you don't have one, create one at the same location where you playbook is or in /etc/ansible/ansible.cfg.

If you have different keys for your hosts, you can also define the key in your inventory:

ansible_ssh_private_key_file=key-to-node.pem

Also, if you would have configured ssh to work without explicitly passing the private key file (in your .ssh/config) Ansible would automatically work.

---

Adding an example from the OpenShift page, as mentioned in the comments.

I personally have never configured it this way (as I have set up everything via ~/.ssh/config but according to the docs it should be working like this:

[masters]
master.example.com ansible_ssh_private_key_file=1.pem

# host group for nodes, includes region info
[nodes]
node1.example.com openshift_node_labels="{'region': 'primary', 'zone': 'east'}" ansible_ssh_private_key_file=2.pem

Alternatively, since you have multiple nodes and maybe the same key for all of them, you can define a separate nodes:vars section

[nodes:vars]
ansible_ssh_private_key_file=2.pem