Reputation: 13
Ansible "Failed to connect to the host via ssh: ubuntu@ because target machine uses ec2-user
So I'm trying to use roles in Ansible and I'm not sure how to tell Ansible to use a specific user to ssh
So I have 2 files
site.yml
- hosts: _uat_web
- import_playbook: ../static-assignments/uat-webservers.yml
uat-webservers.yml
---
- hosts: _uat_web
remote_user: ec2-user
roles:
- webservers
So if I run ansible-playbook uat-webservers.yml everything works as expected but the idea is for site.yml to call uat-webservers.yml
So when I run ansible-playbook site.yml I get this issue
UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true}
I know the issue is that the target machine is using Red Hat therefore I need user ec2-user for ssh to work.
I tried putting remote_user: ec2-user in site.yml did not work. FYI I'm executing the ansible playbooks on an Ubuntu machine thats why it defaults to ubuntu user
- hosts: _uat_web #uat-webservers
- remote_user: ec2-user
- import_playbook: ../static-assignments/uat-webservers.yml
In addition, I'm using dynamic inventory aws_ec2 I know with static inventory you can specify the user in the inventory. Would love a solution in the playbook itself such as remote_user that doesn't seem to work when using the import. Thank you
Upvotes: 0
Views: 317
Answers (1)
Reputation: 2291
In site.yml, this line by itself doesn't do anything (aside from gather facts). So it is redundant and can be removed.
- hosts: _uat_web
So if you remove that line, your import_playbook should work on it's own. ie.
# site.yml
- import_playbook: ../static-assignments/uat-webservers.yml
If you really wanted that section because you wanted to run some stuff before importing the playbook, then do:
# site.yml
- hosts: _uat_web
remote_user: ec2-user # Notice this line doesn't start with a "-" like it did in your example
tasks: # or roles:
...
- import_playbook: ../static-assignments/uat-webservers.yml
Edit:
Once the UNREACHABLE error is resolved, I think you may encounter another error where it cannot find the role. I'm not sure how your directory structure is setup, but when you use import_playbook, the imported playbook will look for the roles relative to itself.
Ie. your ../static-assignments/uat-webservers.yml playbook calls the webservers role, then it will try to find it in ../static-assignments/roles/webservers which may not exist in that path.
Some potential solutions is to look into the roles_path setting in ansible.cfg. Or potentially using a symlink to point to your main roles directory.
Upvotes: 0
Related Questions
- Ansible - Failed to connect to the host via ssh: Permission denied (publickey,...password)
- Ansible failed to connect to the host via ssh, but ssh command works
- Ansible remote_user: root, ssh: Permission denied (publickey)
- Ansible throwing "Failed to connect to the host via ssh: Permission denied (publickey)." error with remote connections
- Ansible amazon linux Permission denied (publickey)
- Ansible 'Failed to connect to the host via ssh'
- Ansible "Could not resolve hostname" error for host user@ip_address
- Ansible unable to connect to AWS EC2 instance
- Ansible-Failed to connect to the host via ssh
- Ansible: connection to AWS host fails with unknown SSH error