I have configured Azure Dynamic Inventory for Ansible and can fetch server details using the public IP address. However, when I add the ansible_ssh_private_key_file option in azure-rm.yml, I encounter the following error:
azure-rm.yml Configuration
plugin: azure.azcollection.azure_rm
subscription_id: "1234abc-12ab-1a2b-1a2b-12345abcd"
auth_source: msi
msi_client_id: >
12345-1234-1234-1234-12345678 # Break long values into new lines
resource_groups:
- "RG-Dev-001"
filters:
os_type: "Linux"
compose:
ansible_host: public_ip_address
ansible_ssh_private_key_file: "/my/path/.ssh/id_rsa"
Error Message:
[WARNING]: * Failed to parse /etc/ansible/azure_rm.yml with auto plugin: Could not set ansible_ssh_private_key_file for host myvmname_nic: template error while
templating string: unexpected '/'. String: {{/my/path/.ssh/id_rsa}}. unexpected '/'
[WARNING]: Unable to parse /etc/ansible/azure_rm.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
Environment Details:
$ ansible --version
ansible [core 2.17.9]
python version = 3.10.12
jinja version = 3.0.3
$ ansible-galaxy collection list | grep azure
azure.azcollection 3.3.1
azure.azcollection 2.7.0
Question:
How can I resolve this error and correctly define ansible_ssh_private_key_file in my Azure Dynamic Inventory?
I have configured Azure Dynamic Inventory for Ansible and can fetch server details using the public IP address. However, when I add the ansible_ssh_private_key_file option in azure-rm.yml, I encounter the following error:
azure-rm.yml Configuration
plugin: azure.azcollection.azure_rm
subscription_id: "1234abc-12ab-1a2b-1a2b-12345abcd"
auth_source: msi
msi_client_id: >
12345-1234-1234-1234-12345678 # Break long values into new lines
resource_groups:
- "RG-Dev-001"
filters:
os_type: "Linux"
compose:
ansible_host: public_ip_address
ansible_ssh_private_key_file: "/my/path/.ssh/id_rsa"
Error Message:
[WARNING]: * Failed to parse /etc/ansible/azure_rm.yml with auto plugin: Could not set ansible_ssh_private_key_file for host myvmname_nic: template error while
templating string: unexpected '/'. String: {{/my/path/.ssh/id_rsa}}. unexpected '/'
[WARNING]: Unable to parse /etc/ansible/azure_rm.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
Environment Details:
$ ansible --version
ansible [core 2.17.9]
python version = 3.10.12
jinja version = 3.0.3
$ ansible-galaxy collection list | grep azure
azure.azcollection 3.3.1
azure.azcollection 2.7.0
Question:
How can I resolve this error and correctly define ansible_ssh_private_key_file in my Azure Dynamic Inventory?
Share Improve this question asked Mar 17 at 12:44 Ghansham MahajanGhansham Mahajan 511 silver badge4 bronze badges 1- Move ansible_ssh_private_key_file to hostvars or groups.vars in azure-rm.yml, as it is a static value and should not be in compose @GhanshamMahajan – Vinay B Commented Mar 27 at 6:10
1 Answer
Reset to default 0Could not set ansible_ssh_private_key_file" Error in Azure Dynamic Inventory
The blocker happens because of not understanding how compose section works in Ansible's Azure dynamic inventory plugin, i.e., incorrect Jinja template syntax.
The ansible_ssh_private_key_file should not be included in the compose section because it doesn't need Jinja2 processing. When you mentioned a static string like "/my/path/.ssh/id_rsa", Ansible expects it as a Jinja2 template, which in result to the template error with the unexpected /.
To overcome this, Set static values outside the compose section using a different inventory configuration mechanism & ensure the value in compose is a valid Jinja2 expression if it needs to be dynamically computed.
So by this you can try the following methods as to place the key as per the requirement, i.e., either in the inventory file under a host_vars section or in a separate group vars file.
azure-rm.yml
subscription_id: "SubID"
auth_source: msi
msi_client_id: "ClientID"
resource_groups:
- "RG-Dev-001"
filters:
os_type: "Linux"
compose:
ansible_host: public_ip_address
host_vars:
all:
ansible_ssh_private_key_file: "/my/path/.ssh/id_rsa"
The host vars section applies the ansible_ssh_private_key_file to all hosts discovered by the inventory plugin, and also ensure the path /my/path/.ssh/id_rsa exists and is readable by the user running Ansible.
You can also try to use apply this only to a specific group, try creating a group vars file by creating directory named group_vars next to your azure-rm.yml
Refer:
https://learn.microsoft/en-us/azure/developer/ansible/dynamic-inventory-configure?tabs=azure-cli
https://docs.ansible/ansible/latest/inventory_guide/intro_inventory.html#anizing-host-and-group-variables
https://docs.ansible/ansible/latest/collections/azure/azcollection/azure_rm_inventory.html