Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ansible playbook does not run on dynamic added host #94

Open
stschmitt opened this issue Feb 22, 2024 · 11 comments
Open

Ansible playbook does not run on dynamic added host #94

stschmitt opened this issue Feb 22, 2024 · 11 comments

Comments

@stschmitt
Copy link

Trying to get a simple sample running for a playbook.

resource "ansible_playbook" "playbook" {
  playbook   = "./ansible/playbook.yml"
  name       =  ansible_host.basic.name

  #### ignore for demo purpose
  ignore_playbook_failure = true
  replayable = true
  verbosity = 6
  check_mode = true

  extra_vars = {
    var_a = "Some variable"
    var_b = "Another variable"
  }
}

It looks like the playbook is not picking up the dynamic inventory. When I execute the playbook without the terraform , direct with ansible it works, if I trigger it through the ansible provider it seems as if the standard inventory is used.

[WARNING]: Could not match supplied host pattern, ignoring: myhosts\nansible-playbook [core 2.16.3]\n config file = None\n configured module search path = ['/Users/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']\n ansible python module location = /opt/homebrew/Cellar/ansible/9.2.0/libexec/lib/python3.12/site-packages/ansible\n ansible collection location = /Users/user/.ansible/collections:/usr/share/ansible/collections\n executable location = /opt/homebrew/bin/ansible-playbook\n python version = 3.12.2 (main, Feb 6 2024, 20:19:44) [Clang 15.0.0 (clang-1500.1.0.2.5)] (/opt/homebrew/Cellar/ansible/9.2.0/libexec/bin/python)\n jinja version = 3.1.3\n libyaml = True\nNo config file found; using defaults\nsetting up inventory plugins\nLoading collection ansible.builtin from \nhost_list declined parsing /var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini as it did not pass its verify_file() method\nscript declined parsing /var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini as it did not pass its verify_file() method\nauto declined parsing /var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini as it did not pass its verify_file() method\nyaml declined parsing /var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini as it did not pass its verify_file() method\nParsed /var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini inventory source with ini plugin\nLoading callback plugin default of type stdout, v2.0 from /opt/homebrew/Cellar/ansible/9.2.0/libexec/lib/python3.12/site-packages/ansible/plugins/callback/default.py\nAttempting to use 'default' callback.\nSkipping callback 'default', as we already have a stdout callback.\nAttempting to use 'junit' callback.\nAttempting to use 'minimal' callback.\nSkipping callback 'minimal', as we already have a stdout callback.\nAttempting to use 'oneline' callback.\nSkipping callback 'oneline', as we already have a stdout callback.\nAttempting to use 'tree' callback.\n\nPLAYBOOK: playbook.yml *********************************************************\nPositional arguments: ./ansible/playbook.yml\nverbosity: 6\nconnection: ssh\nbecome_method: sudo\ntags: ('all',)\ncheck: True\ninventory: ('/var/folders/nl/bvl07_9s5djgkv2jc_41gj3r0000gn/T/.inventory-2409761638.ini',)\nextra_vars: ('hostname=myIP', 'var_b=Another variable', 'var_a=Some variable')\nforks: 5\n1 plays in ./ansible/playbook.yml\n\nPLAY [My first play] ***********************************************************\nskipping: no hosts matched\n\nPLAY RECAP *********************************************************************\n\n",

@gravesm
Copy link
Member

gravesm commented Apr 16, 2024

Can you post the playbook you are trying to run?

@nnsense
Copy link

nnsense commented Apr 20, 2024

I'm experiencing the same behaviour, I suppose that - since you cannot set the inventory_file and the temp_inventory_file is a read-only attribute, you cannot point ansible to the right (dynamically created) inventory, so ansible will probably read some default inventory.

For example with this

resource "ansible_host" "host" {
  name = var.name
  variables = {
    ansible_host                    = var.ip_address
    ansible_user                    = "ubuntu"
    ansible_ssh_private_key_file    = var.ansible_ssh_private_key_file
  }
}

resource "ansible_playbook" "playbook" {
  playbook   = "ansible/playbook.yaml"
  name       = var.ip_address
}

Ansible should read the private key from the dynamic inventory, but it fails (not only the private key is wrong, but also the user, it clearly doesn't read the right inventory)

│ Warning: 
│ PLAY [all] *********************************************************************
│ 
│ TASK [Gathering Facts] *********************************************************
│ fatal: [192.168.2.101]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey).", "unreachable": true}
│ 
│ PLAY RECAP *********************************************************************
│ 192.168.2.101              : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0  

@stschmitt
Copy link
Author

I need to rebuild my environment, but it is like shown above

@gravesm
Copy link
Member

gravesm commented Apr 22, 2024

If there are additional connection variables needed, you will have to set those on the playbook resource.

@mando-intelcom
Copy link

I need those variables to apply to the targeted host only, applied to the playbook they mess up with any connection to localhost.
There's no example on how to integrate ansible_host or ansible_groups with ansible_playbook. Documentation is lacking and the options are not intuitive.

@dasra
Copy link

dasra commented Aug 12, 2024

any updates on this issue

@mando-intelcom
Copy link

Ended up using provisioner local-exec in a terraform_data resource block for both the dynamic inventory creation and the playbook.

@dasra
Copy link

dasra commented Aug 12, 2024

did you use something like below or if you have any different config, could you please suggest. Thank you

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"

  tags = {
    Name = "TerraformExample"
  }
}

# Create a dynamic inventory file using the local-exec provisioner
data "local_file" "inventory" {
  content  = <<EOF
[webserver]
${aws_instance.example.public_ip} ansible_user=ubuntu ansible_ssh_private_key_file=/path/to/private/key
EOF
  filename = "${path.module}/inventory.ini"
}

# Run the Ansible playbook using local-exec provisioner
resource "null_resource" "run_playbook" {
  provisioner "local-exec" {
    command = "ansible-playbook -i ${data.local_file.inventory.filename} /path/to/playbook.yml"
  }

  depends_on = [aws_instance.example, data.local_file.inventory]
}

@mando-intelcom
Copy link

mando-intelcom commented Aug 13, 2024

I use dynamic inventory. And I think null_resource has been deprecated in favor of terraform_data:

resource "terraform_data" "inventory" {
  provisioner "local-exec" {
    command     = "ansible-inventory -i ../inventory/rel.aws_ec2.yml --graph"
    working_dir = "${path.module}/.."
  }
  triggers_replace = {
    always_run = "${timestamp()}"
  }
}

resource "terraform_data" "playbook" {
  provisioner "local-exec" {
    command     = "ansible-playbook -i inventory/rel.aws_ec2.yml configure-ec2.yml -e target=$GROUPS --private-key $PRIVATE_KEY"
    working_dir = "${path.module}/.."
    environment = {
      PRIVATE_KEY = "${abspath(path.root)}/${var.private_key}"
      GROUPS      = "${var.groups}"
    }
  }
  triggers_replace = {
    always_run = "${timestamp()}"
  }
  depends_on = [terraform_data.inventory]
}

@ioxam
Copy link

ioxam commented Aug 18, 2024

Do I understand correctly that it is currently impossible to use "ansible_playbook" resource with aws_ec2 plugin?

@Its-Alex
Copy link

@mando-intelcom What do you think about adding an example in the repository from a MR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants