Retries ssh connection for Gather node certs (kubernetes-sigs#10515)

This allows this task to work with a forks count > 10 and the default configuration of sshd, which is to limit sessions to 10. (see MaxSessions in sshd_config). Since this is a delegate_to task, it connects to the same host (first etcd) for each node in the cluster, thus easily going above 10. Raising the ssh connection attempts allow for more robustness, without decreasing the forks count or serialising the tasks, which could slow the task (or the playbook as a whole, if decreasing forks).
guytet · Oct 30, 2023 · 95b5478 · 95b5478
1 parent 785534c
commit 95b5478
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/roles/etcd/tasks/gen_nodes_certs_script.yml b/roles/etcd/tasks/gen_nodes_certs_script.yml
@@ -14,6 +14,8 @@
     - "{{ my_etcd_node_certs }}"
 
 - name: Gen_certs | Gather node certs
+  vars:
+    ansible_ssh_retries: 10
   shell: "set -o pipefail && tar cfz - -C {{ etcd_cert_dir }} {{ my_etcd_node_certs | join(' ') }} | base64 --wrap=0"
   args:
     executable: /bin/bash