Initialize fails - Issue with "ansible_ssh_pipelining"
malywut opened this issue · 3 comments
I am running in an issue with the task "Ensure PostgreSQL database is initialized." in initialize.yml. The task fails with
TASK [postgresql : Ensure PostgreSQL database is initialized.] *****************
fatal: [myhost]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Failed to add the host to the list of known hosts (/root/.ssh/known_hosts).\r\nFailed to add the ho st to the list of known hosts (/root/.ssh/known_hosts).\r\nsudo: sorry, you must have a tty to run sudo\n", "module_stdout": "", "msg": "MODULE FAILURE"}
I use this role by installing it with ansible-galaxy, and in a playbook with
name: Install postgresql
hosts: myhost
become: yes
roles:
- postgresql
vars:
postgresql_global_config_options:
- option: listen_addresses
value: '*'
postgresql_version: 9.4
tags:
- hdp
- database
The playbook is run in a vagrant environment.
I suspect that this issue is coming from the fact that I am using a ssh config with a ProxyCommand to ssh to "myhost" through a bastion host.
"myhost" and the bastion host are both running CentOS 7.
The task runs successfully when I comment the line
ansible_ssh_pipelining: true
Would it be possible to make this "ansible_ssh_pipelining" value overridable ?
I hit this same issue when trying to run this role against a VirtualBox VM running Red Hat 7. Following @malywut's lead, I comment out the ansible_ssh_pipelining lines in the following files:
You can see from the source that the command references this comment:
There's a discussion of the role of SSH pipelining in Ansible here:
As I read it, the settings is tied to performance rather than security so making the value overridable makes sense to me:
With pipelining enabled, Ansible will connect only once per task using ssh to execute python, and write the module source to its stdin. Even with persistent ssh connections enabled, it's a noticeable improvement to make only one ssh connection per task.
But I freely admit to not knowing all the implications of the change.
I'm also not clear on why it's an issue in the first place. Another member of my team ran the same playbook in a very similar environment with default pipeline setting enabled and did not encounter this issue.
This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
Please read this blog post to see the reasons why I mark issues as stale.
This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.