Why is module os_keypair not returning private_key?

ssh ansible openstack

I am deploying to Rackspace Cloud with the OpenStack ansible module.

I am facing an issue with the SSH keypair creation. It creates the public key, and installs it on the host. However I can see that the returned JSON does not contain a private_key key-value pair.

- name: SSH key check
  os_keypair:
    auth:
      auth_url: "{{ os_auth_url }}"
      project_name: "{{ os_project_name }}"
      username: "{{ os_username }}"
      password: "{{ os_password }}"
    state: present
    region_name: "{{ os_region }}"
    name: "{{ os_key_name }}"
  register: keypair

- name: Create local public
  local_action:
    module: copy
    content: "{{ keypair.key.public_key }}"
    dest: "~/.ssh/{{ keypair.key.name }}.pub"

- name: Create local private key
  local_action:
    module: copy
    content: "{{ keypair.key.private_key }}"
    dest: "~/.ssh/{{ keypair.key.name }}"
  ignore_errors: True

Value of keypair var:

{
"changed": false,
"id": "openstack",
"key": {
  "public_key": "ssh-rsa AAAAByouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeyouknowwhatapublickeylookslikeJiln Generated-by-Nova",
  "NAME_ATTR": "name",
  "name": "openstack",
  "fingerprint": "89:e9:3d:s0:m3:nu:mb:3r:41:d5:09:8b:a9:b8:50:65",
  "id": "openstack",
  "human_id": null,
  "request_ids": [],
  "HUMAN_ID": false,
  "x_openstack_request_ids": []
  }
}

As you can see private_key is not present. According to the docs it should return it.

Fairly new to all of this, so be gentle :)


I believe the os_keypair module has not performed any changes to the system. The contents of your keypair variable indicate:

{
  "changed": false,
  ...
}

The ansible docs say this about return of a private_key.

Only when a keypair is generated for the user (e.g., when creating one and a public key is not specified).

If a public key exists, I do not think the module would have generated a new key pair.

Related

How to change RDS KMS Key without losing data?
3 Exchange Mailboxes with 50GB and growing. Searching/Indexing is slow. Options?
WSUS not receiving updates?
Writing utf16 to file in binary mode
jQuery Deferred and Dialog box
ksoap2 org.xmlpull.v1.xmlpullparserexception expected start_tag error
Localizing enum values in resource bundle
How to split a list into n groups in all possible combinations of group length and elements within group?
jQuery AJAX form using mail() PHP script sends email, but POST data from HTML form is undefined
ref and out parameters in C# and cannot be marked as variant
How to connect to remote hive server from spark [duplicate]
php link to image file outside default web directory