KVM(Jumphost) host IP is unreachable if it is behind a Proxyjump
redobed opened this issue · comments
When installing OCP cluster on a KVM host only reacheable via a proxyjump the installation fails on playbook5
with error:
PLAY [5 setup bastion - configure bastion node with essential services] **************************************************************
TASK [Gathering Facts] ***************************************************************************************************************
fatal: [bastion3]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Connection timed out during banner exchange\r\nConnection to UNKNOWN port 65535 timed out", "unreachable": true}
PLAY RECAP ***************************************************************************************************************************
127.0.0.1 : ok=16 changed=9 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0
bastion3 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
jumphost : ok=13 changed=5 unreachable=0 failed=0 skipped=2 rescued=1 ignored=0
As a work around, I had to edit the Ansible-OpenShift-Provisioning/roles/ssh_add_config/tasks/main.yaml file in order for the script to insert my proxyjump entry to into the .ssh/config used during the ansible process.
- name: Create ssh config file (or add to an exsting file) to if network mode is NAT
[...]
block: |
Host {{ env.jumphost.name }}
HostName {{ env.jumphost.ip }}
User {{ env.jumphost.user }}
IdentityFile {{ path_to_key_pair.split('.')[:-1] | join('.') }}
ProxyJump gateway <--------------------
Host {{ env.bastion.networking.ip }}
[...]
Shouldn't a proxyjump be accounted for somehow?
Environment:
Scripts were run directly on my mac
Closing this issue, it appears I need to setup NAT on my mac