I just don’t know what else to try. I’ve beat my head on this for 3 days now and it’s becoming obvious that either Ansible 2.3 is a complete disaster, or the CentOS 7 package is a complete cluster. Here’s my problem. I am working on getting an ansible server to manage about 100
or so CentOS 6 servers. All have an unprivileged user account setup (up to 3 years before I got here in April) but that user account isn’t setup with sudo access. The way to get to root is ‘su’.
I’m not a newbie with Ansible as I used it extensively in my previous position to manage ~70 or so Ubuntu servers. The Ansible is CentOS 7.
I’m working on getting Ansible to play nice with privilege escalation using SU and NAFT has worked. Here’s an example (very simple) playbook:
Because I’m having to use ‘su’ I have to either add the user password to the inventory file or use the –ask-become-pass parameter to the command line. Every time I do, I get this:
[root@ansible ~]# ansible-playbook playbooks/radtest.yml –ask-become-pass SUDO password:
It bombs timing out on privilege escalation. Every single time. I’m absolutely frustrated and am almost ready to throw ansible to the curb for something that doesn’t suck so bad. But before I do, I’m asking the list, anyone seen anything like this before? I could post to the ansible list, but it’s a google group and God knows when I might get a reply.
BTW, setting up root with key-only auth is an option, but would be a real PITA to configure 100+ external servers by hand with the keys and reconfig sshd for it.