Ansible for managed nodes behind firewalls
Hi from freezing Toronto to sunny LA ! 😎
Read your great intro article:
1. So how about using Ansible from an Ubuntu VPS to manage Linux boxes that are behind firewalls, i.e., only have private (non addressable) IPs?
2. I suppose you will need to create reverse SSH tunnels first between these boxes ( NATed servers) and Ansible VPS?
3. Can we just generate keys from the VPS and then simply copy these keys to all such NATed servers so that upon boot these NATed servers can establish persistent tunnels to the Ansible VPS?
Any links or code snippets to do this key gen/copying? (Of course the VPS domain IP will be used by NATed servers to establish the tunnels.)
I am assuming that all the NATed servers get the same keys generated by the Ansible VPS?