[Howto] Adding SSH Keys To Ansible Tower Via Tower-cli [Update]

DOWNLOAD > https://urloso.com/2tw839

How to Add SSH Keys to Ansible Tower via tower-cli [Update]

Ansible Tower is a web-based interface for managing Ansible automation tasks. It allows you to create and run jobs, monitor their status, manage inventories, credentials, projects, and more. One of the common tasks in Ansible Tower is to add machine credentials that enable Ansible to connect to remote hosts via SSH. In this article, we will show you how to use the command-line tool tower-cli to add SSH keys as machine credentials in Ansible Tower.

tower-cli is a Python-based tool that interacts with the Ansible Tower API. It can be used to perform various operations on Ansible Tower objects, such as creating, updating, deleting, listing, and launching them. You can install tower-cli using pip:

pip install ansible-tower-cli

Before using tower-cli, you need to configure it with your Ansible Tower URL, username, and password. You can do this by creating a configuration file at /.tower_cli.cfg or by using environment variables. For example:

export TOWER_HOST=https://tower.example.com

export TOWER_USERNAME=admin

export TOWER_PASSWORD=secret

To add an SSH key as a machine credential in Ansible Tower, you need to provide the following information:

The name of the credential

The organization that owns the credential

The credential type (Machine)

The username that will use the SSH key

The SSH key data (the private key)

The become method (optional)

You can use the tower-cli credential create command to create a new credential with these inputs. However, there is a challenge: the SSH key data needs to be in one line, but the SSH key file usually has multiple lines. To solve this problem, you can use a sed command to remove the new lines and replace them with \\n characters. For example:

tower-cli credential create --name \"Example Credentials\" \\

--organization \"Default\" --credential-type \"Machine\" \\

--inputs=\"{\\\"username\\\":\\\"ansible\\\",\\\"ssh_key_data\\\":\\\"$(sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' /home/ansible/.ssh/id_rsa)\\n\\\",\\\"become_method\\\":\\\"sudo\\\"}\"

This command will create a new machine credential named \"Example Credentials\" in the \"Default\" organization with the username \"ansible\" and the SSH key data from /home/ansible/.ssh/id_rsa file. It will also use sudo as the become method for privilege escalation.

If you want to update an existing credential with a new SSH key data, you can use the tower-cli credential modify command with the same inputs. For example:

tower-cli credential modify --name \"Example Credentials\" \\

--inputs=\"{\\\"username\\\":\\\"ansible\\\",\\\"ssh_key_data\\\":\\\"$(sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' /home/ansible/.ssh/id_rsa)\\n\\\",\\\"become_method\\\":\\\"sudo\\\"}\"

This command will update the SSH key data of the credential named \"Example Credentials\" with the new one from /home/ansible/.ssh/id_rsa file.

You can verify that your credential has been created or updated successfully by using the tower-cli credential list or tower-cli credential get commands. For example:

tower-cli credential list

tower-cli credential get --name \"Example Credentials\"

You can also check the Ansible Tower web interface and see your credential under Credentials -> Machine.

Now you can use your credential to run jobs against remote hosts that accept your SSH key. You can assign your credential to a job template or launch a job directly with tower-cli job launch command. For example:

tower-cli job launch --job-template 1 --credential \"Example Credentials\"

This command will launch a job based on the job template with ID 1 and use the credential named \"Example Credentials\". You can monitor the status of your job with tower-cli job monitor command or check the Ansible Tower web interface.

In conclusion, we have shown you how to use tower-cli to add SSH keys as machine credentials in Ansible Tower. This can be useful for aa16f39245