Skip to content

Diagnostic Questions

Before revealing the investigation path:

  1. The Ansible playbook hangs on one host at a git clone task but completes successfully on two other hosts. What are the first three things you would check to determine if the problem is host-specific, network-specific, or task-specific?

  2. SSH from the Ansible control node to app-server-03 works fine, but git clone git@gitlab.internal from app-server-03 hangs. What does this tell you about the difference between the two SSH connections?

  3. You find that SSH agent forwarding works (ssh-add -l shows the key) but the become: deploy sudo context strips SSH_AUTH_SOCK. Is this the root cause of the hang, or a contributing factor? How would you distinguish between agent forwarding issues and network connectivity issues?

  4. nc -zv gitlab.internal 22 times out from app-server-03 but succeeds from app-server-01. The servers are in different security groups. Why is the fix a networking change (security group) rather than a Linux change (sudoers) or an Ansible change (playbook config)?

  5. What alternative to SSH agent forwarding would eliminate this entire class of failures? What are the trade-offs?