summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLénaïc Huard <lhuard@amadeus.com>2015-08-11 16:22:03 +0200
committerLénaïc Huard <lhuard@amadeus.com>2015-08-11 16:22:03 +0200
commit40e6be99ab4e95a27c0f13de3ad6b93c7ddb2674 (patch)
tree0d14ccfa9fe00703caffbdff3cd1d269a27fd997
parent22921a40239aa366e44b61e5341ccaffbe5c8b3b (diff)
downloadopenshift-40e6be99ab4e95a27c0f13de3ad6b93c7ddb2674.tar.gz
openshift-40e6be99ab4e95a27c0f13de3ad6b93c7ddb2674.tar.bz2
openshift-40e6be99ab4e95a27c0f13de3ad6b93c7ddb2674.tar.xz
openshift-40e6be99ab4e95a27c0f13de3ad6b93c7ddb2674.zip
Prevent Ansible from serializing tasks
even if the ssh known_host file misses the ssh public host keys of the servers.
-rwxr-xr-xbin/cluster10
1 files changed, 10 insertions, 0 deletions
diff --git a/bin/cluster b/bin/cluster
index 7eb4a4448..c80fe0cab 100755
--- a/bin/cluster
+++ b/bin/cluster
@@ -23,6 +23,16 @@ class Cluster(object):
'-o ControlMaster=auto '
'-o ControlPersist=600s '
)
+ # Because of `UserKnownHostsFile=/dev/null`
+ # our `.ssh/known_hosts` file most probably misses the ssh host public keys
+ # of our servers.
+ # In that case, ansible serializes the execution of ansible modules
+ # because we might be interactively prompted to accept the ssh host public keys.
+ # Because of `StrictHostKeyChecking=no` we know that we won't be prompted
+ # So, we don't want our modules execution to be serialized.
+ os.environ['ANSIBLE_HOST_KEY_CHECKING'] = 'False'
+ # TODO: A more secure way to proceed would consist in dynamically
+ # retrieving the ssh host public keys from the IaaS interface
def get_deployment_type(self, args):
"""