Giters

rundeck / rundeck

Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

Home Page:http://rundeck.org

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Ansible inventory, Rundeck cannot connect to node

hanserasmus opened this issue · comments

commented

Note: Bug Reports not following this template may be closed without feedback.

Getting Help
Please use this issue template for reporting identified or suspected bugs only. For support on configuration or troubleshooting please see Getting Help for the appropriate channels.

Describe the bug
When trying to set up an Ansible inventory with ssh key (no passphrase), I keep getting an error in my rundeck logs:

fatal: [dev-ubuntu.my.domain]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Load key \"/tmp/rundeck/ansible-runner4638317308961054090id_rsa\": error in libcrypto\r\nroot@dev-ubuntu.my.domain: Permission denied (publickey).", "unreachable": true}

But when I test Ansible via cli, using the same key, just saved in the correct space, it works:

root@rundeck:/opt# ansible ced_ubuntu -i test_inventories/ced.ini -m ping -v
No config file found; using defaults
dev-ubuntu.my.domain | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}

My Rundeck detail

  • Rundeck version: 5.1.0-20240214
  • install type: deb
  • OS Name/version: Ubuntu 22.04
  • DB Type/version: MariaDB

To Reproduce
Steps to reproduce the behavior:

  1. Go to Edit Nodes in the project, add ansible inventory location, under SSH settings add a previously added SSH key.
  2. Click on Nodes and check your logs, you will find an error like the one mentioned above.

Expected behavior
I expect Rundeck to connect to the remote node and add it under the Nodes page.

Screenshots
image

image

image

Desktop (please complete the following information):

  • OS: Ubuntu 22.04
  • Browser Firefox - Version 122.0.1

What am I doing wrong?

EDIT: I should add I have tried using it as the admin user, and the admin user has full ACL permissions on all keys.

commented

For anyone else finding this: The issue was I was uploading an OpenSSH key, rather than an RSA key. I fixed it by first converting the key with ssh-keygen -p -m PEM -f ./privkey and then uploading the key again.

Next up I ran into an issue as described in #7766 and found my answer in this comment. Changing my executors to SSHJ fixed all my problems.