diff --git a/connection_plugins/ssh_lxc.py b/connection_plugins/ssh_lxc.py index 2ea7293..0839c94 100644 --- a/connection_plugins/ssh_lxc.py +++ b/connection_plugins/ssh_lxc.py @@ -13,6 +13,10 @@ connection: ssh_lxc short_description: connect via ssh client binary and then to a container with lxc-attach description: + - Normally this connection target host is the one running LXC. Roles which set variable + `ansible_connection` and `ansible_ssh_lxc_name` will be executed on the container. + - If the target host variable `ansible_lxc_host` is defined the behavior is reverted, and the connection + is established - This connection plugin allows ansible to communicate to the target machines via normal ssh command line. - Ansible does not expose a channel to allow communication between the user and the ssh process to accept a password manually to decrypt an ssh key when using this connection plugin (which is the default). The @@ -21,14 +25,25 @@ version_added: "2.9.6" options: host: - description: Hostname/ip to connect to. + description: Hostname/ip running LXC to connect to, or name of the container if `lxc_host` is set. default: inventory_hostname vars: - name: ansible_host - name: ansible_ssh_host + lxc_host: + descriotion: Hostname/ip running LXC, if `ansible_host` is the container. + vars: + - name: ansible_lxc_host + type: str + hostvars: + description: obtain invetory values for use in `delegate_to` mode with `lxc_host` set. + vars: + - name: hostvars + type: dict container_name: - description: name of lxc container to attach to + description: name of lxc container to attach to. vars: + - name: ansible_lxc_name - name: ansible_ssh_lxc_name - name: ansible_docker_extra_args type: str @@ -478,7 +493,28 @@ def __init__(self, *args, **kwargs): # management here. def _connect(self): - self.container_name = self.get_option('container_name') + if self.get_option('lxc_host') is None: + self.container_name = self.get_option('container_name') + + display.vvv("lxc_host=None; so container_name={}, host={}".format(self.container_name, + self.host)) + else: + self.container_name = self.get_option('container_name') + + lxc_host_hostname = self.get_option('lxc_host') + try: + lxc_host_vars = self.get_option('hostvars')[lxc_host_hostname] + except KeyError: + raise AnsibleError("ansible_lxc_host={} not found in invetory.".format(lxc_host_hostname)) + + self.host = lxc_host_vars['ansible_host'] + if 'ansible_port' in lxc_host_vars: + self.port = lxc_host_vars['ansible_port'] + if 'ansible_user' in lxc_host_vars: + self.user = lxc_host_vars['ansible_user'] + + display.vvv("lxc_host={1}; so container_name={0}, host={1}".format(self.container_name, + self.host)) return self @staticmethod diff --git a/hosts.example b/hosts.example new file mode 100644 index 0000000..9d754a7 --- /dev/null +++ b/hosts.example @@ -0,0 +1,32 @@ +localhost ansible_connection=local +gandalf ansible_host=10.150.40.1 ansible_user=root + +# CERTIFICATION AUTHORITIES +authorities ansible_host=10.150.40.8 ansible_user=root +authorities_request ansible_host=10.150.40.8 ansible_user=request + +# PHYSICAL HOST -------------------------------------------------------------- +black ansible_host=10.150.40.42 ansible_user=root vg_name=black-vg +ca ansible_host=10.150.40.8 ansible_user=root + +# LXC GUEST ------------------------------------------------------------------ ------ +#blogs ansible_host=10.150.42.17 ansible_user=root ansible_lxc_host=black ansible_lxc_name=blogs +ldap ansible_host=10.150.42.10 ansible_user=root ansible_lxc_host=black ansible_lxc_name=ldap +#lists ansible_host=10.150.42.15 ansible_user=root +#login ansible_host=10.150.42.100 ansible_user=root +#mail ansible_host=10.150.42.36 ansible_user=root +#matrix ansible_host=10.150.42.26 ansible_user=root +#media ansible_host=10.150.42.104 ansible_user=root +#projects ansible_host=10.150.42.12 ansible_user=root +#status ansible_host=10.150.42.103 ansible_user=root +#users ansible_host=10.150.42.18 ansible_user=root +#webmail ansible_host=10.150.42.14 ansible_user=root +#wiki ansible_host=10.150.42.16 ansible_user=root + +# NETWORK NODES +management_gateway ansible_host=10.150.40.1 ansible_user=root +vm_gateway ansible_host=10.150.42.1 ansible_user=root +reverse_proxy ansible_host=10.150.42.1 ansible_user=root + +[vm_hosts] +black