My goal is to create a compute engine instance in Google cloud from which I can run ansible scripts to further create additional instances that will run containers via GKE.
I've figured out a number of things already:
- How to create an instance where ansible and gce.py can run
- How to give that instance sufficient rights to call apache-cloudlib
- That ansible uses 'ansible_ssh_host' from inventory to make its connection
gce.py can either use the external IP address, or the internal IP address, depending on the value of the shell variable INVENTORY_IP_TYPE.
Neither of these are configured by the compute engine environment to use the SSH key generated by gcloud compute ssh-config, which looks like this:
Host compute-instance.us-central1-a.project-name
Hostname 99.99.99.99
IdentityFile /home/user/.ssh/google_compute_engine
*where 99.99.99.99 is the public IP address
The end result is I can ssh to compute-instance.us-central1-a.project-name, but not to the public IP, 99.99.99.99 or the private IP, without specifying the private key file ( google_compute_engine ), which is not an option in the gce.py script.
I can get the behavior I want by adding the internal IP as another entry for the Host:
Host compute-instance.us-central1-a.project-name 10.128.0.2
.. however, there is a note in the config file that the file is automatically generated ( and not to do that thing ):
# The following has been auto-generated by "gcloud compute config-ssh"
# to make accessing your Google Compute Engine virtual machines easier.
#
# To remove this blob, run:
#
# gcloud compute config-ssh --remove
...
# You should not hand-edit this section, unless you are deleting it.
#
Is there a known "right" way to get gce.py working from within google cloud, as it is, without hacking the ansible_ssh_host value the script generates?
