openstack-ansible stuck on ssh

Question

I'm being brave on deploying OpenStack using Ansible. Finally stage of punching commands except I'm running into ssh error. This seems to be either forked or customized ansible for OpenStack. In the past, upon "ssh-copy-id" and proper cfg, things worked right away. (Note: For testing purposes, root login is permitted)

os@7:/opt/openstack-ansible/playbooks$ sudo openstack-ansible setup-hosts.yml -vvvv
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "

PLAY [Basic host setup] ******************************************************* 

GATHERING FACTS *************************************************************** 
<172.27.255.84> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> ESTABLISH CONNECTION FOR USER: root
<172.27.255.84> REMOTE_MODULE setup
<172.27.255.93> ESTABLISH CONNECTION FOR USER: root
<10.4.1.113> REMOTE_MODULE setup
<172.27.255.91> ESTABLISH CONNECTION FOR USER: root
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
<172.27.255.93> REMOTE_MODULE setup
<172.27.255.91> REMOTE_MODULE setup
<172.27.255.164> REMOTE_MODULE setup
<172.27.255.84> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.84 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-38377904647735'
<10.4.1.113> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 10.4.1.113 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-28043973332190'
<172.27.255.93> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.93 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-247742941146890'
<172.27.255.91> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.91 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-239068187999404'
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706 && echo $HOME/.ansible/tmp/ansible-tmp-1458671499.99-253354461562706'
fatal: [infra1] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.84:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> ESTABLISH CONNECTION FOR USER: root
fatal: [900089-compute001] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> REMOTE_MODULE setup
fatal: [storage1] => SSH Error: Permission denied (publickey,password).
    while connecting to 10.4.1.113:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
<172.27.255.164> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/os/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o IdentityFile="/home/os/.ssh/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=120 172.27.255.164 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847 && echo $HOME/.ansible/tmp/ansible-tmp-1458671500.08-121316397320847'
fatal: [infra3] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.93:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [infra2] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.91:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
fatal: [compute1] => SSH Error: Permission denied (publickey,password).
    while connecting to 172.27.255.164:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.

TASK: [apt_package_pinning | Add apt pin preferences] ************************* 
FATAL: no hosts matched or all hosts have already failed -- aborting


PLAY RECAP ******************************************************************** 
           to retry, use: --limit @/home/os/setup-hosts.retry

900089-compute001          : ok=0    changed=0    unreachable=1    failed=0   
compute1                   : ok=0    changed=0    unreachable=1    failed=0   
infra1                     : ok=0    changed=0    unreachable=1    failed=0   
infra2                     : ok=0    changed=0    unreachable=1    failed=0   
infra3                     : ok=0    changed=0    unreachable=1    failed=0   
storage1                   : ok=0    changed=0    unreachable=1    failed=0   

os@7:/opt/openstack-ansible/playbooks$ 

As you can see, "ssh os@ip" straight works.

root@7:/etc/openstack_deploy# ssh root@172.27.255.164
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-47-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
root@13:~# 
root@13:~# exit
logout
Connection to 172.27.255.164 closed.
root@7:/etc/openstack_deploy# 

But only via "ansible" does it fail.

Here's the version #

$ openstack-ansible --version
Variable files: "-e @/etc/openstack_deploy/user_group_vars.yml -e @/etc/openstack_deploy/user_secrets.yml -e @/etc/openstack_deploy/user_variables.yml "
ansible-playbook 1.9.4
  configured module search path = /etc/ansible/plugins/library

and the cfg that playbooks pulls

[defaults]
# Additional plugins
lookup_plugins = /etc/ansible/plugins/lookup
filter_plugins = /etc/ansible/plugins/filter
action_plugins = /etc/ansible/plugins/action
library = /etc/ansible/plugins/library
transport = smart
remote_port = 22
#ask_sudo_pass = True
# Fact caching
gathering = smart
fact_caching = jsonfile
fact_caching_connection = /etc/openstack_deploy/ansible_facts
fact_caching_timeout = 86400

inventory = inventory
#host_key_checking = False

# Set color options
nocolor = 0

# SSH timeout
timeout = 120

private_key_file = ~/.ssh/id_rsa



[ssh_connection]
#pipelining = True

Answer 1

It seems that your inventory isn't using root id_rsa but the one located in /home/os/.ssh/id_rsa so when ansible tries to connect your host it's not permitted. Try to alter the inventory by referring the proper id_rsa.

On another note, there's https://www.rdoproject.org which allows you to deploy OpenStack on OpenStack, also called TripleO it's a bash script using Ansible under the hood. Got my stack setup in an hour with that.