From a47aaae0788e07244878abd6ef4fb215fdab0a98 Mon Sep 17 00:00:00 2001 From: Tennis Smith Date: Thu, 7 Sep 2017 13:26:52 -0700 Subject: [PATCH] Add bastion host definitions (#1621) * Add comment line and documentation for bastion host usage * Take out unneeded sudo parm * Remove blank lines * revert changes * take out disabling of strict host checking --- contrib/terraform/aws/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/contrib/terraform/aws/README.md b/contrib/terraform/aws/README.md index 188fea00e..d0d63f7e3 100644 --- a/contrib/terraform/aws/README.md +++ b/contrib/terraform/aws/README.md @@ -36,6 +36,11 @@ terraform apply -var-file=credentials.tfvars -var 'loadbalancer_apiserver_addres - Terraform automatically creates an Ansible Inventory file called `hosts` with the created infrastructure in the directory `inventory` +- Ansible will automatically generate an ssh config file for your bastion hosts. To make use of it, make sure you have a line in your `ansible.cfg` file that looks like the following: +```commandline +ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m +``` + - Once the infrastructure is created, you can run the kubespray playbooks and supply inventory/hosts with the `-i` flag. Example (this one assumes you are using CoreOS)