Machine credentials are used to define the username and password of the user that will be making an SSH connection from the control node (Tower) to each managed node. This is similar to the remote_user parameter.
- In Tower, select Credentials.
- Select the green plus icon.
- Enter the following:
- Name = Something unique
- Description = Something unique
- Organization =
- Credential Type = Machine
- Username = the username
- Password = the password
- Select Save.
In this example, a machine credential with username rabbitmq is created.
Let's say you run a job template with verbosity set to 4 (Connection Debug).
You will want to ensure that the playbook being invoked, which is example.yml in this example, does not include the remote_user parameter, as the remote_user parameter in the playbook would take precedence over the machine credential.
Something like this should be returned, which shows that the remote user was obtained from the machine credential.
Positional arguments: example.yml
The ansible_ssh_pass variable will contain the password being used by the Machine credential. However, this is not the way that Machine credentials are meant to be used. Instead, Vault credentials can be used to define a password that can then be used in a playbook.
- name: display ansible_ssh_pass