New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create Ansible provisioner #2661

Closed
lukehoersten opened this Issue Jul 8, 2015 · 152 comments

Comments

Projects
None yet
@lukehoersten

lukehoersten commented Jul 8, 2015

I'd like to use Terraform to build infrastructure then configure it with Ansible, similar to the Chef provisioner.

@donovanmuller

This comment has been minimized.

donovanmuller commented Jul 10, 2015

+1

@phinze phinze added the enhancement label Jul 10, 2015

@martineg

This comment has been minimized.

martineg commented Jul 14, 2015

@lukehoersten

This comment has been minimized.

lukehoersten commented Jul 14, 2015

terraform-inventory just isn't as clean as the Terraform Chef provisioner and hopefully what a true Ansible provisioner could be.

@tony612

This comment has been minimized.

tony612 commented Jul 15, 2015

👍

@IanVS

This comment has been minimized.

IanVS commented Jul 21, 2015

Honest question: would there be a benefit to having a built-in Ansible provisioner over-and-above just using local-exec and using the Ansible cli?

@donovanmuller

This comment has been minimized.

donovanmuller commented Jul 21, 2015

@IanVS That is the route I followed initially but Terraform seems to buffer stdout, so once you kick off your Ansible plays you don't see anything until your play is done or has been running enough until the buffer flushes.

I'm hoping support for Ansible would hopefully solve this problem, however if there is a workaround or a fix in Terraform that would solve this, then that would be good enough for me.
Not sure about others reasons behind this?

@nlamirault

This comment has been minimized.

nlamirault commented Jul 23, 2015

👍

4 similar comments
@bborysenko

This comment has been minimized.

bborysenko commented Aug 12, 2015

👍

@wakwanza

This comment has been minimized.

wakwanza commented Aug 12, 2015

+1

@kchygoe

This comment has been minimized.

kchygoe commented Sep 2, 2015

+1

@thomaskrag

This comment has been minimized.

thomaskrag commented Sep 3, 2015

👍

@jsmartin

This comment has been minimized.

jsmartin commented Sep 3, 2015

Fix local_exec's buffering of stdout and just call the ansible-playbook command. Couple that with a terraform dynamic inventory script. That's going to be the most flexible.

@IanVS

This comment has been minimized.

IanVS commented Sep 3, 2015

Ansible has its own dynamic inventory scripts as well. The advantage to using them rather than Terraform dynamic inventory is that you can continue to run the Ansible playbooks (for updates, upgrades, deployments, etc.) after you have used Terraform to spin up the resources.

@jsmartin

This comment has been minimized.

jsmartin commented Sep 3, 2015

@IanVS by "terraform dynamic inventory script" I'm referring to an Ansible dynamic inventory script that pulls form Terraform :).

@lukehoersten

This comment has been minimized.

lukehoersten commented Sep 3, 2015

It's not so much about kicking off Ansible as it is about communicating the information Terraform has to Ansible. Ansible dynamic inventory is many times not enough (for example groups are auto-generated from tags etc). Ansible plays however typically use nice group names like "webservers". What would be ideal is something similar to what Vagrant does with Ansible:
http://docs.vagrantup.com/v2/provisioning/ansible.html

So, after running Terraform, Terraform now knows the custom VPC DNS domain names I've given each host. This is not easily known to Ansible. Also, Terraform could generate a static inventory w/ groups of my choosing etc.

This is just what I had in mind and a lot of it comes form Vagrant. Perhaps others are thinking of other features.

@ghost

This comment has been minimized.

ghost commented Sep 7, 2015

It would be great if stdout / wasn't buffered, at least as a stop-gap.

@riccardofreixo

This comment has been minimized.

riccardofreixo commented Sep 9, 2015

+1

12 similar comments
@dflower-rms

This comment has been minimized.

dflower-rms commented Sep 15, 2015

+1

@d33d33

This comment has been minimized.

d33d33 commented Sep 16, 2015

+1

@pmastalerz

This comment has been minimized.

pmastalerz commented Sep 16, 2015

👍

@beeradb

This comment has been minimized.

beeradb commented Sep 18, 2015

+1

@michaelandersen

This comment has been minimized.

michaelandersen commented Sep 19, 2015

+1

@danieslo

This comment has been minimized.

danieslo commented Sep 21, 2015

+1

@kelseyfrancis

This comment has been minimized.

kelseyfrancis commented Oct 1, 2015

+1

@cad

This comment has been minimized.

cad commented Oct 2, 2015

+1

@sidick

This comment has been minimized.

sidick commented Oct 3, 2015

+1

@jdoss

This comment has been minimized.

jdoss commented Oct 10, 2015

+1

@dereulenspiegel

This comment has been minimized.

dereulenspiegel commented Oct 12, 2015

+1

@asafdav

This comment has been minimized.

asafdav commented Oct 15, 2015

+1

@hartzell

This comment has been minimized.

Contributor

hartzell commented Jan 2, 2017

Several folks have been questioning the usefulness of an Ansible provisioner, suggesting instead that we run Ansible separately. I'd just like to chime in and say that:

  • it's very useful that successful provisioning is considered part-and-parcel of an instance being considered viable (if provisioning fails, the instance is not considered to have been built);
  • while it's true that I could write bash scripts to do my provisioning I find the ability to use Ansible's higher-level mechanisms to be concise and maintainable; and finally
  • it's convenient to not require that all of my nodes include up-to-date Ansible and all of its prereqs.
@alessandro-dibella-rockalltech

This comment has been minimized.

alessandro-dibella-rockalltech commented Jan 26, 2017

+1

1 similar comment
@cochransj

This comment has been minimized.

cochransj commented Feb 16, 2017

👍

@andor-pierdelacabeza

This comment has been minimized.

andor-pierdelacabeza commented Mar 24, 2017

@cochransj @alessandro-dibella-rockalltech @visokoo @mr-future @schmitzcc And all the "+1" or "👍" posters, previous and to come: Stop Spamming.

If you wanna show support, instead of posting a comment and notifying the 100 people subscribed to it, there's an awesome "Add your reaction" button for each commit and issue, were you can give 'thumbs up' or 'thumbs down' or wathever you feel like giving to this issue. 🤦‍♂️

@rehmanzile

This comment has been minimized.

rehmanzile commented Mar 24, 2017

👍

@stack72

This comment has been minimized.

Contributor

stack72 commented Apr 18, 2017

Hi Friends,

Just an FYI, I opened an issue on a terraform-provisioner-ansible to talk about this. The maintainer of that project is going to be doing some work on it and then he will be looking at, potentially, opening a PR to the core repo

While we'd love to see something like this, we don't currently have any plans to implement this ourselves. Until then, this issue is unlikely to see any movement and remain stale. We're trying to prune the stale issues (that aren't going to be addressed anytime soon) by closing them. Note that we only do this for enhancement requests and not bugs.

Thanks

@stack72

@stack72 stack72 closed this Apr 18, 2017

@FlorinAndrei

This comment has been minimized.

FlorinAndrei commented Apr 18, 2017

@stack72 That issue you're referencing - you've actually closed it. Why reference it here, then?

@stack72

This comment has been minimized.

Contributor

stack72 commented Apr 19, 2017

@FlorinAndrei I am now waiting on the writer of the provisioner

This is classed as something we are not going to be working on ourselves - I am in email talks with the writer

@rcaught

This comment has been minimized.

rcaught commented Jun 5, 2017

@stack72 there hasn't been movement on that repo for over a year. Any updates? I would really like to run an Ansible provisioner, but don't feel comfortable when things go this stale.

@rcaught

This comment has been minimized.

rcaught commented Jun 5, 2017

Also, I've read the other issue, but this seems like it needs someone just to move the current version (with PR's merged that fix some things) into core. Otherwise we could be sitting here waiting for a rewrite forever.

@stack72

This comment has been minimized.

Contributor

stack72 commented Jun 5, 2017

Hi @rcaught

I totally understand your concerns - as you can see, I did ask the question over there and the owner said he was going to do it. Unfortunately, I don't really feel as though it's my place to pick someone's code and move it to Terraform core - we haven't written it and don't own it

I am hopeful this will get resolved though

Thanks

Paul

@nealabh

This comment has been minimized.

nealabh commented Jun 22, 2017

Hi all

was looking for some similar kind of a solution for provisioning azure VMs
something like this worked well for me.

provisioner "local-exec" {
command = <<EOD
cat <> azure_hosts
${element(azurerm_public_ip.mh..ip_address, count.index)}
EOF
EOD
}
}
resource "null_resource" "ansible" {
triggers {
host_ip = "${element(azurerm_public_ip.mh.
.ip_address, count.index)}"
}
provisioner "local-exec" {
command = "sleep 1m && ansible-playbook -i azure_hosts deploy.yml"
}
}

creating a null resource helped me generate an un-buffered output.

what do you guys think on this?

@wjam

This comment has been minimized.

Contributor

wjam commented Aug 15, 2017

It seems like the provisioner that's been linked here is only designed to run Ansible on the machine that has been created rather than running from the machine that is running Terraform. Wouldn't a better approach be similar to how Packer already does this?

Packer accomplishes this by for the ansible provisioner (Ansible runs on the machine running packer) by proxying the commands through an in-memory SSH server to the remote instance, thus reusing already configured connection.

For ansible-local (Ansible runs on the machine that has just been created), it's just a case of copying up a bunch of files and then running the Ansible command.

wjam added a commit to wjam/terraform that referenced this issue Aug 16, 2017

Add ansible-local provisioner
This adds the capability of provisioning a resource using Ansible that is running locally to the resource being provisioned.

This fixes part of hashicorp#2661.

wjam added a commit to wjam/terraform that referenced this issue Aug 16, 2017

Add ansible-local provisioner
This adds the capability of provisioning a resource using Ansible that is running locally to the resource being provisioned.

This fixes part of hashicorp#2661.

wjam added a commit to wjam/terraform that referenced this issue Aug 16, 2017

Add ansible-local provisioner
This adds the capability of provisioning a resource using Ansible that is running locally to the resource being provisioned.

This fixes part of hashicorp#2661.
@radekg

This comment has been minimized.

radekg commented Feb 2, 2018

I've created this recently, this runs ansible on the provisioned host: https://github.com/radekg/terraform-provisioner-ansible.
The local one will be ready over the weekend or so. I'd be happy to contribute into the core, if anyone would be interested.

Edit: But I do understand the feature creep story, in such case, just a heads up. The plugin linked above works fine with terraform 0.11.x.

@radekg

This comment has been minimized.

radekg commented Feb 5, 2018

I've added the local mode to the https://github.com/radekg/terraform-provisioner-ansible. Currently with a few caveats but the first version is there: https://github.com/radekg/terraform-provisioner-ansible#running-in-local-mode.

@monokal

This comment has been minimized.

monokal commented May 13, 2018

Why did this ticket get closed? I find it odd that we have a Chef Provisioner but no supported Ansible Provisioner with so much interest being shown. local-exec isn't a nice or reliable method of executing Ansible.

@jullianoacqio

This comment has been minimized.

jullianoacqio commented May 25, 2018

+1

@robertraybarnes

This comment has been minimized.

robertraybarnes commented Jun 1, 2018

I agree with @monokal completely. Ansible and terraform are a marriage made in heaven! To not have native provisioner support for it or a willingness to introduce such a provisioner is beyond me. I use terrafrom because it makes deployment and management tasks easy, until we get to the ansible bit so reading some of the comments, I can understand why some people have opted to use ansible modules instead but then again, it's not ideal either. There seems to be a huge demand for such a provisoner looking at this thread so for me it's a no-brainer but somehow this has been closed :-/

@radekg

This comment has been minimized.

radekg commented Jun 2, 2018

Looking at the comments above, I'd love to repeat, happy to see https://github.com/radekg/terraform-provisioner-ansible contributed to the core. There are definitely a bunch of features to be implemented (the biggest one being Windows support) but it is more or less complete. It supports local and remote deployments, quite well tested on non-Windows deployments at this moment in time.

@monokal

This comment has been minimized.

monokal commented Jun 2, 2018

@bkmeneguello

This comment has been minimized.

bkmeneguello commented Sep 20, 2018

What are the criterions to add a feature to core? Maintenance? I think @radekg ansible provisioner is amazing and if promoted to core it would be amazing.

@radekg

This comment has been minimized.

radekg commented Sep 22, 2018

The https://github.com/radekg/terraform-provisioner-ansible is now available via Terraform Module Registry. Not sure if this is the correct distribution path but I was not able to think of anything better.

I'm not sure if the file naming in prebuilt releases will cause a problem when Terraform resolves the provisioner (I would assume it might be a problem). Please let me know if that is a problem, indeed.

Edit: it turned out that the released files naming was an issue. I have documented this in the readme and supplied a shell script to fetch and deploy a version of the provisioner: https://github.com/radekg/terraform-provisioner-ansible#installation.

@nwipfli

This comment has been minimized.

nwipfli commented Sep 25, 2018

Just tested the v.1.0.0 and it is working great. Very useful provisioner.

@radekg

This comment has been minimized.

radekg commented Oct 7, 2018

I have released version 2.0.0 of the Ansible provisioner:

2.0.0 is not a drop-in replacement. Changes are documented: https://github.com/radekg/terraform-provisioner-ansible#breaking-changes. I have also provided some examples: https://github.com/radekg/terraform-provisioner-ansible/tree/master/examples.

Additionally, I have created a pull request for terraform. #19021 reflects the the commit radekg/terraform-provisioner-ansible@47d9435 (radekg@fac2403). The intent is to contribute the provisioner to Terraform.

@dmitrypol

This comment has been minimized.

dmitrypol commented Oct 15, 2018

+1. Would be great to have official support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment