Ansible - Create Machine Credentials in Tower

Machine credentials are used to define the username and password of the user that will be making an SSH connection from the control node (Tower) to each managed node. This is similar to the remote_user parameter.

  1. In Tower, select Credentials.
  2. Select the green plus icon.
  3. Enter the following:
    • Name = Something unique
    • Description = Something unique
    • Organization = 
    • Credential Type = Machine
    • Username = the username
    • Password = the password
  4. Select Save.

In this example, a machine credential with username rabbitmq is created.

 

Let's say you run a job template with verbosity set to 4 (Connection Debug).

 

AVOID TROUBLE

You will want to ensure that the playbook being invoked, which is example.yml in this example, does not include the remote_user parameter, as the remote_user parameter in the playbook would take precedence over the machine credential.

 

Something like this should be returned, which shows that the remote user was obtained from the machine credential.

PLAYBOOK: example.yml
Positional arguments: example.yml
subset: server001
ask_pass: True
remote_user: rabbitmq

 

The ansible_ssh_pass variable will contain the password being used by the Machine credential. However, this is not the way that Machine credentials are meant to be used. Instead, Vault credentials can be used to define a password that can then be used in a playbook.

- name: display ansible_ssh_pass
  debug:
    var: ansible_ssh_pass

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter 8d724 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |