К основному контенту

How to set host_key_checking=false in ansible inventory file?

 

Due to the fact that I answered this in 2014, I have updated my answer to account for more recent versions of ansible.
Yes, you can do it at the host/inventory level (Which became possible on newer ansible versions) or global level:
inventory:
Add the following.
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
host:
Add the following.
ansible_ssh_extra_args='-o StrictHostKeyChecking=no'
hosts/inventory options will work with connection type ssh and not paramiko. Some people may strongly argue that inventory and hosts is more secure because the scope is more limited.
global:
Ansible User Guide - Host Key Checking
  • You can do it either in the /etc/ansible/ansible.cfg or ~/.ansible.cfg file:
    [defaults]
host_key_checking = False
  • Or you can setup and env variable (this might not work on newer ansible versions):
    export ANSIBLE_HOST_KEY_CHECKING=False 
     
     
     
     

    Yes, you can set this on the inventory/host level.

    With an already accepted answer present, I think this is a better answer to the question on how to handle this on the inventory level. I consider this more secure by isolating this insecure setting to the hosts required for this (e.g. test systems, local development machines).
    What you can do at the inventory level is add
    ansible_ssh_common_args='-o StrictHostKeyChecking=no'
    or
    ansible_ssh_extra_args='-o StrictHostKeyChecking=no'
    to your host definition (see Ansible Behavioral Inventory Parameters).
    This will work provided you use the ssh connection type, not paramiko or something else).
    For example, a Vagrant host definition would look like…
    vagrant ansible_port=2222 ansible_host=127.0.0.1 ansible_ssh_common_args='-o StrictHostKeyChecking=no'
    or
    vagrant ansible_port=2222 ansible_host=127.0.0.1 ansible_ssh_extra_args='-o StrictHostKeyChecking=no'
    Running Ansible will then be successful without changing any environment variable.
    $ ansible vagrant -i <path/to/hosts/file> -m ping
vagrant | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
    In case you want to do this for a group of hosts, here's a suggestion to make it a supplemental group var for an existing group like this:
    [mytestsystems]
test[01:99].example.tld

[insecuressh:children]
mytestsystems

[insecuressh:vars]
ansible_ssh_common_args='-o StrictHostKeyChecking=no'

     

Комментарии

Отправить комментарий

Популярные сообщения из этого блога

How to do Arithmetic Operations in Ansible

You can use arithmetic calculations in Ansible using the Jinja syntax. This is helpful in many situations where you have stored the output of an operation, and you need to manipulate that value. All usual operation like addition, subtraction, multiplication, division, and modulo are possible. Let us start with an example. We will be using the  debug module  to print the out the result. The following tasks show all the basic arithmetic operations. The output is given in comments. Ansible arithmetic operation example - hosts: loc tasks: - debug: msg: "addition{{ 4 +3 }}" #Ansible addition 7 - debug: msg: "substraction {{ 4 - 3 }}" #Ansible arithmetic substraction 1 - debug: msg: "multiplication {{ 4 * 3 }}" #multiplication 12 - debug: msg: "Modulo operation {{ 7 % 4}}" #ansible Modulo operation - find remainder 3 - debug: msg: "floating division {{ 4 / 3}}" #ansible floating divisio...
Отправить комментарий
Далее...

ubuntu/debian ipmi

#install ipmitool (this is for debian) apt-get install ipmitool #insert the kernel modules needed for ipmi modprobe ipmi_devintf modprobe ipmi_si modprobe ipmi_msghandler #get the current mode (01 00 is dedicated mode) ipmitool raw 0x30 0x70 0x0c 0 #send the raw command to enable dedicated lan ipmitool raw 0x30 0x70 0xc 1 1 0
Отправить комментарий
Далее...
Ansible - Appending to lists and dictionaries  n this blog post I'll show how to add items to lists and dictionaries, when using loops, and across tasks. Normally when trying to add a new item to the variable, while in the loop, or between tasks, Ansible will ovewrite the values, keeping the result of the last iteration. For example, let's see what will be the result of running the following playbook: --- - name: Append to list hosts: localhost vars: cisco: - CiscoRouter01 - CiscoRouter02 - CiscoRouter03 - CiscoSwitch01 arista: - AristaSwitch01 - AristaSwitch02 - AristaSwitch03 tasks: - name: Add Cisco and Airsta devices to the list set_fact: devices: "{{ item }}" with_items: - "{{ cisco }}" - "{{ arista }}" - name: Debug list debug: var: devices verbosity: 0 [przemek@quasar blog]$ ansible-playbook append_list.yml PLAY [Append to list] ****************...
Отправить комментарий
Далее...