Running ansible-playbook on a bastion host

Running ansible playbooks against AWS servers can be glacially slow because of the many SSH connections, even when using Bilbie’s recipe for an ssh proxy setup. What follows is a code snippet that replaces the local ansible-playbook command with a bash function that calls a remote script Run_ansible in turn massages the parameters in an edible-format creates a temp bash script and launches it.

Time savings for a largish deployment: down to 24 mins from 1hr 58Mins with exactly the same scripts!

Note: ansible-ssh-host is used in the inventory to denote the final target system

# if just local

# Running the playbooks on the jump box
if [[ "$USE_JUMPBOX" == true ]]; then
    if [[ -n "$ANSIBLE_SSH_HOST" ]] && [[ -n "$JUMP_USER" ]] && [[ -n "$JUMP_BOX" ]]; then

        # Now we need to pass parameters to the jump box

        # massage the remote env
        # copy the playbooks over   
        ssh ${JUMP_USER}@${JUMP_BOX}  mkdir -p /tmp/deployment-ansible
        rsync -avuh --delete $WORKSPACE/ansible  ${JUMP_USER}@${JUMP_BOX}:/tmp/deployment-ansible/
        # copy the dispatcher script
        scp $WORKSPACE/  ${JUMP_USER}@${JUMP_BOX}:
        echo "ANSIBLE_SSH_HOST,JUMP_USER,JUMP_BOX must be set when USE_JUMPBOX is true" exit 1
# --extra-vars must be the last parameter to ansible-playbook 
# or this hack will not work
function remote_ansible {
 ssh -t ${JUMP_USER}@${JUMP_BOX} /bin/bash -l ./ -vvv $@

And the helper script that runs on the bastion host. People with experience in quoting quotes over BASH driver SSH scripts will nod in understanding.


# quoting across SSH is a nightmare

params=`echo $params | sed -e "s/extra-vars/extra-vars \"/g"`

echo "cd /tmp/deployment-ansible/ansible" > t
echo "ansible-playbook $params" >> t
bash t


