Bug 1650103
Summary: | Satellite fails to execute ansible commands when connected to ipa server | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Stefan Meyer <smeyer> |
Component: | Ansible - Configuration Management | Assignee: | Ewoud Kohl van Wijngaarden <ekohlvan> |
Status: | CLOSED ERRATA | QA Contact: | Lukas Pramuk <lpramuk> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.4 | CC: | aperotti, egolov, hyu, ktordeur, matthew.lesieur, mhulan, phess, pierre-yves.goubet, pondrejk, sjagtap |
Target Milestone: | 6.6.0 | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | foreman-installer-1.22.0.10 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-10-22 19:51:10 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Stefan Meyer
2018-11-15 11:15:41 UTC
Created redmine issue https://projects.theforeman.org/issues/25481 from this bug *** Bug 1656480 has been marked as a duplicate of this bug. *** Alternate *less intrusive* workaround that will allow Satellite to run Ansible playbooks successfully without messing with system-wide ssh_client settings: --- # cat ~foreman-proxy/.ssh/config Host * ProxyCommand none --- Since Ansible playbooks are being run by the foreman-proxy user, this will override the ProxyCommand option for this user only while the rest of the system can keep using sss_ssh_knownhostsproxy as intended by IPA. All, I also ran into the ProxyCommand problem, but I found two different errors in the Plays that I ran. Updating the foreman-proxy user's SSH configuration as per Pablo Hess (comment 5) resolved the problem. fatal: [satellite.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: key_load_public: invalid format\r\nwrite: Broken pipe", "unreachable": true} fatal: [satellite.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: key_load_public: invalid format\r\nssh_exchange_identification: Connection closed by remote host", "unreachable": true} Thanks Matthew LeSieur Upstream bug assigned to ekohlvan Upstream bug assigned to ekohlvan Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/25481 has been resolved. VERIFIED.
@Satellite 6.6.0 Snap22
foreman-installer-1.22.0.16-1.el7sat.noarch
# tail -2 /etc/foreman-proxy/ansible.cfg
[ssh_connection]
ssh_args = -o ProxyCommand=none
>>> ansible ssh_args override any proxy commands to empty for ansible runs only
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:3172 |