场景:
内网的Ansible, 可能需要连接DMZ区,只能通过代理转发实现。
服务器配置:
1.分类
10.6.17.100 Ansible 服务器
10.6.17.110 踏板机(当代理)
172.6.2.30 远程机
2.配置ansible 服务器conf
vim ~/.ssh/conf Host bastion User ansible HostName 10.6.17.110 ProxyCommand none BatchMode yes Host 172.16.10.* ServerAliveInterval 60 TCPKeepAlive yes ProxyCommand ssh -qaY bastion 'nc -w 14400 %h %p' #or ProxyCommand ssh -W %h:%p bastion ControlMaster auto
3.连接
ssh 172.6.2.30
参考资料:
http://stackoverflow.com/questions/31408017/ansible-with-a-bastion-host-jump-box
https://groups.google.com/forum/#!topic/ansible-project/PdJmnVMhHn0
http://alexbilbie.com/2014/07/using-ansible-with-a-bastion-host