Skip to content


Repository files navigation

DC/OS Ansible based remote exec install

This module installs all DC/OS node types via a set of Ansible roles, invoked from an Docker image.


  • Docker available on bootstrap node
  • Access to Dockerhub. Alternatively the mesosphere/dcos-ansible-bundle Docker image can be made available by other means.
  • The boostrap node is able to ssh into the other nodes, either via SSH-Agent forwarding or a statically deployed key.

Re-running Ansible for upgrading or config updates

terraform taint -module dcos-install null_resource.run_ansible_from_bootstrap_node_to_install_dcos
terraform apply


 module "dcos-install" {
   source = "dcos-terraform/dcos-install-remote-exec-ansible/null"
   version = "~> 0.2.0"

   bootstrap_ip                = "${module.dcos-infrastructure.bootstrap.public_ip}"
   bootstrap_private_ip        = "${module.dcos-infrastructure.bootstrap.private_ip}"
   master_private_ips          = ["${module.dcos-infrastructure.masters.private_ips}"]
   private_agent_private_ips   = ["${module.dcos-infrastructure.private_agents.private_ips}"]
   public_agent_private_ips    = ["${module.dcos-infrastructure.public_agents.private_ips}"]

   dcos_config_yml = <<EOF
   cluster_name: "mfrickansible"
   bootstrap_url: http://${module.dcos-infrastructure.bootstrap.private_ip}:8080
   exhibitor_storage_backend: static
   master_discovery: static
   master_list: ["${join("\",\"", module.dcos-infrastructure.masters.private_ips)}"]

   depends_on = ["${module.dcos-infrastructure.bootstrap.prereq-id}"]


Name Description Type Default Required
bootstrap_ip The bootstrap IP to SSH to string n/a yes
bootstrap_private_ip Private IP bootstrap nginx is listening on. Used to build the bootstrap URL. string n/a yes
dcos_config_yml DC/OS Configuration string n/a yes
master_private_ips list of master private ips list n/a yes
private_agent_private_ips List of private agent IPs to SSH to list n/a yes
public_agent_private_ips List of public agent IPs to SSH to list n/a yes
ansible_additional_config Add additional config options to ansible. This is getting merged with generated defaults. Do not specify dcos: string "" no
ansible_bundled_container Docker container with bundled dcos-ansible and ansible executables string "mesosphere/dcos-ansible-bundle:latest" no
ansible_force_run Run Ansible on every Terraform apply string "false" no
ansible_winrm_server_cert_validation Validation setting for the target WinRM connection certificate string "ignore" no
ansible_winrm_transport Authentication type for WinRM string "basic" no
bootstrap_os_user The OS user to be used with ssh exec (only for bootstrap) string "centos" no
dcos_download_url Custom DC/OS download URL string "" no
dcos_download_url_checksum Custom DC/OS download URL SHA256 Checksum. Empty string omits checking. string "" no
dcos_download_windows_url [DEPRECATED] Custom DC/OS windows download URL string "" no
dcos_download_windows_url_checksum [DEPRECATED] Custom DC/OS windows download URL SHA256 Checksum. Empty string omits checking. string "" no
dcos_image_commit The commit hash for the build of DC/OS string "" no
dcos_variant Specifies which DC/OS variant it should be: open (Open Source) or ee (Enterprise Edition) string "open" no
dcos_version Specifies which DC/OS version instruction to use. Options: 2.0.0, 1.13.6, 1.12.4, 1.11.12, etc. See for a full list. string "2.0.0" no
dcos_version_to_upgrade_from explicit version to upgrade from string "2.0.0" no
depends_on Modules are missing the depends_on feature. Faking this feature with input and output variables list <list> no
windows_private_agent_passwords List of private windows agent passwords to be used for WinRM list <list> no
windows_private_agent_private_ips List of private windows agent IPs to WinRM to list <list> no
windows_private_agent_username Username for the WinRM connection string "Administrator" no