From a47aaae0788e07244878abd6ef4fb215fdab0a98 Mon Sep 17 00:00:00 2001
From: Tennis Smith <gamename@users.noreply.github.com>
Date: Thu, 7 Sep 2017 13:26:52 -0700
Subject: [PATCH] Add bastion host definitions (#1621)

* Add comment line and documentation for bastion host usage

* Take out unneeded sudo parm

* Remove blank lines

* revert changes

* take out disabling of strict host checking
---
 contrib/terraform/aws/README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/contrib/terraform/aws/README.md b/contrib/terraform/aws/README.md
index 188fea00e..d0d63f7e3 100644
--- a/contrib/terraform/aws/README.md
+++ b/contrib/terraform/aws/README.md
@@ -36,6 +36,11 @@ terraform apply -var-file=credentials.tfvars -var 'loadbalancer_apiserver_addres
 
 - Terraform automatically creates an Ansible Inventory file called `hosts` with the created infrastructure in the directory `inventory`
 
+- Ansible will automatically generate an ssh config file for your bastion hosts. To make use of it, make sure you have a line in your `ansible.cfg` file that looks like the following:
+```commandline
+ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m 
+```
+
 - Once the infrastructure is created, you can run the kubespray playbooks and supply inventory/hosts with the `-i` flag.
 
 Example (this one assumes you are using CoreOS)
-- 
GitLab