tf-ansible-workflow

Terraform/Ansible Workflow for Libvirt
git clone https://git.in0rdr.ch/tf-ansible-workflow.git
Log | Files | Refs | Pull requests |Archive
commit cb0c3a9e6843ec34bc2b914ff8eac81991c69e10
parent ac1fa1e7f9c1535f6a0a9e70c58ecde0ed3ff1c7
Author: Andreas Gruhler <andreas.gruhler@adfinis-sygroup.ch>
Date:   Thu, 19 Sep 2019 16:51:47 +0200

update known hosts

Diffstat:

MReadme.md | 20+++++++++++++++++++-


Mansible/playbook.yml | 4++--


Aansible/update-known-hosts.yml | 24++++++++++++++++++++++++


3 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/Readme.md b/Readme.md
@@ -66,7 +66,7 @@ Adjust variables in `./ansible/group_vars/all.yml`:
 * Ensure `pve_api` points to your compiled PVE API binary
 * Define `additional_users` as needed
 
-### 4.2 Run Ansible
+### 4.2 Run Ansible to Build the SSH Config
 
 The Ansible playbook runst the following tasks:
 1. Retrieve the IP of the VMs via Qemu guest agent
@@ -90,6 +90,24 @@ If you choose an unprivileged `ansible_user` to reach the VMs, you may need to s
 ansible-playbook playbook.yml -i inventory -l myhost -e ansible_user=root
 ```
 
+### 4.3 Update Known Hosts
+
+To prepare the local host for consecutive SSH connections, you might want to update you local `./ssh/known_hosts` file as follows:
+```
+# update known hosts locally and confirm
+ansible-playbook update-known-hosts.yml -i inventory
+```
+
+Alternatively, use the following commands:
+```
+cd ansible
+
+# remove previous hosts from known hosts
+for ip in $(cat qemu-config.yml | grep ip4 | awk '{print $2}'); do ssh-keygen -R $ip; done
+
+# update known hosts and confirm
+for host in $(cat qemu-config.yml | grep fqdn | awk '{print $3}'); do ssh -F ../ssh/config $host exit; done
+```
 
 ## 5 Troubleshooting, Tips & Tricks
 
diff --git a/ansible/playbook.yml b/ansible/playbook.yml
@@ -1,7 +1,7 @@
 ---
 
-# local tasks to generate ssh config
-#   - input/requires: './qemu-config.yml' 
+# Local tasks to generate ssh config
+# Input/requires: './qemu-config.yml'
 - hosts: local
   vars:
     qemu_config: "{{ lookup('file', 'qemu-config.yml') | from_yaml }}"
diff --git a/ansible/update-known-hosts.yml b/ansible/update-known-hosts.yml
@@ -0,0 +1,24 @@
+---
+
+# Local tasks to update known ssh hosts
+#
+# Remove:
+#  for ip in $(cat qemu-config.yml | grep ip4 | awk '{print $2}'); do ssh-keygen -R $ip; done
+#
+# Add:
+#  for host in $(cat qemu-config.yml | grep fqdn | awk '{print $3}'); do ssh -F ../ssh/config $host exit; done
+#
+# Requires './qemu-config.yml' with ipv4 addresses
+- hosts: local
+  vars:
+    qemu_config: "{{ lookup('file', 'qemu-config.yml') | from_yaml }}"
+  tasks:
+    - name: remove the host from local known hosts
+      known_hosts:
+        path: '{{ ansible_env.HOME }}/.ssh/known_hosts'
+        name: '{{ item.ip4 }}'
+        state: absent
+      loop: '{{ qemu_config }}'
+    
+    - name: update known host locally
+      shell: 'for host in $(cat qemu-config.yml | grep fqdn | awk "{print $3}"); do ssh -F ../ssh/config $host exit; done'