This change helps to avoid troubles like reported in #5018 and #4860.
Note that for sake of configuration simplicity, no new `ansible.timeout`
option has been added. The users who want to set a different value can
rely on `ansible.raw_arguments`.
This SSH option is always set, except when Vagrant is running from an
operating system fo the Solaris-family, as this parameter is not
supported by SunSSH. Logic taken from
bed1f8335f/lib/vagrant/util/ssh.rb (L116-L121)Fix#5017
When using the salt provisioner with verbose=true, most lines read with an extra newline:
```
[INFO ] Syncing modules for environment 'base'
[INFO ] Loading cache from salt://_modules, for base)
```
because the line read has a newline, and emitting the log entry again includes an additional newline.
Like Vagrant's default SSH behaviors (e.g ssh or ssh-config commands),
the Ansible provisioner should by default not modify or read the user
known host file (e.g. ~/.ssh/known_hosts).
Given that `UserKnownHostsFile=/dev/null` SSH option is usually combined
with `StrictHostKeyChecking=no`, it seems quite reasonable to bind the
activation/disactivation of both options to `host_key_checking`
provisioner attribute.
For the records, a discussion held in Ansible-Development mailing list
clearly confirmed that there is no short-term plan to adapt Ansible to
offer an extra option or change the behavior of
ANSIBLE_HOST_KEY_CHECKING. For this reason, the current implementation
seems reasonable and should be stable on the long run.
Close#3900
Related References:
- https://groups.google.com/forum/#!msg/ansible-devel/iuoZs1oImNs/6xrj5oa1CmoJ
- https://github.com/ansible/ansible/issues/9442
- force `--connection=ssh` (any other modes like paramiko or smart are not
supported)
- give the highest priority to `raw_arguments` for sake of simplicity (in
usage, in code and in documentation)
- fix position of the `--limit` argument (the generated inventory could be
shadowed by `raw_arguments`, while ansible.limit was able to override
`raw_arguments`
ref #3396
When `--connection` argument is not specified, Ansible will use the
'smart' mode, which can either use `ssh` or `paramiko` transports,
depending of the version of OpenSSH available. If OpenSSH version is new
enough to support ControlPersist technology, `ssh` will be used.
See also http://docs.ansible.com/intro_configuration.html#transport.
In order to support some advanced features of Vagrant (e.g. multiple ssh
private key identities or ssh forwarding), the Ansible provisioner
already must force `ssh` connection mode.
Having to deal with the possible fallback to `paramiko` increase the
burden of special cases that Ansible provisioner must handle, without
any added value, as Vagrant is based on OpenSSH and its users are
usually using modern operating systems.
With this change, the Ansible provisioner will officially only support
`ssh`. It will still be possible to switch to another connection mode
via `raw_arguments`, but it will breach the "contract", and no
(community) support can be expected in such use case.
ref #3900, #3396
This separates the truly basic pieces of Chef (like install url and
log_level) from the runner pieces of Chef (like provisioning_path). This
is necessary because the Chef Apply provisioner does not actually need
most of the Chef configuration options.
As a result of #4670 and the safe decision to not memoize
machine.ssh_info (see 89a4a29d65 and
5036d16461), it is preferable to store the
ssh_info hashes and avoid multiple function calls when generating the
ansible inventory.
This upgrade shouldn't be part of the docker setup process. If an
upgrade is needed, it should be done independently of the docker setup.
Do it to your base image, or if needed, as a shell provisioner step.
The main manifest may be a single file or a directory of .pp files.
docs.puppetlabs.com/puppet/latest/reference/dirs_manifest.html#with-puppet-master
https://github.com/mitchellh/vagrant/issues/4039
This addresses the error "chef is not part of the bundle" when the chef-client provisioner attempts to delete the node or client from the Chef Server. While this fixes the specific issue on my system, its likely that it does not account for all system configurations like RVM.
The Bundler.with_clean_env should probably be moved internally to Subprocess.execute, but that's a riskier change and I'd like to get some feedback before even attempting that size of change.
As this is nested in a powershell variable $command, it must be escaped
otherwise it is evaluated when the variable is created, giving an error that
"The term 'True' is not recognized as the name of a cmdlet, function,
script". This prevented using a puppet.working_directory on Windows.
Powershell doesn't understand the unix-style ENV=thing command syntax, the old vagrant-windows plugin monkey patched the provisioner to put semicolons between statements to set the variables before running puppet - this fixes the issue inside a windows? block leaving the normal non-windows code path working - therefore works for me on both unix and windows provisions with a facter block in place
Motivation:
By printing out the ansible command used behind the scene, we can ease
the support effort to very quickly identify whether a problem is due to
Vagrant provisioner or Ansible itself.
This commit adds two new options to the salt provisioner:
- `colorize`: controls color output. Defaults to no-color (present behavior).
- `log_level`: controls log level. Defaults to `debug` (present behavior).
Docs included!
Even when preforming config only, the install flags (i.e. -M, -S, -N),
are used by the bootstrap to determine which configs to copy.
This should help with #3542 and should supersede #3548.
There's very little difference between the command building on Linux and Windows other than path formatting. All Chef provisioners support the --no-color argument now.
Added unit tests to verify changes.
CommandBuilderWindows would not include the Chef binary in the command when the binary_path was specified in the config.
Backfilled unit tests for CommandBuilderWindows
By referring the directory that contains the generated inventory file,
users can easily provide more settings with additional files stored in
the same directory.
Since the Ansible provisioner now potentially exports ANSIBLE_SSH_ARGS
variable, it is fair to allow to extend the content of this environment
variable (`ssh_args` parameters from ansible.cfg file have lower
priority)
Note that this feature requires to force `--connection=ssh`. This is not
a big deal as `paramiko` mode is deprecated and in most cases `smart`
mode enables `ssh` mode.
This reverts feb748f488 and 7cd7077467. `bootstrap_options` is
meant for flag options such as `-D`. This is demonstrated in the
example Vagrantfile from the original plugin:
github.com/saltstack/salty-vagrant/blob/develop/example/complete/Vagrantfile
Flag options must be appended to the options string before install
args such as `install_type` and `install_args`.
- The implicit default limit is always set
- ansible.limit as an empty string won't disable the default limit, but
will be passed as "--limit=" argument and ansible-playbook will return
an error (provided host list is empty)
- Support arbitrary depth of "groups of groups of ... groups"
- Skip ':vars' suffix, but allow group names with ':' (yes, Ansible
accepts this character)
- Like for groups of machines, groups of groups can result "empty", but
it is not an issue for Ansible. Recursive filter on the group tree is
a bit hard to implement, and don't brind real added value at Vagrant
level.
Pull up encrypted data bag secret management into the base classes, thus
also unifying the functionality.
Especially this complements the issues:
* Upload the secret to provisioning path also with chef-solo [GH-1246]
* Delete the secret also with chef-client [GH-2712]
* Remove the secret before uploading also with chef-client [GH-1111]
of `args` itself and as an element inside of an `args` array. Added validation
around passing in arrays for arguments. Just knowing that it is an array is not
enough, because arrays can contain any other type.
Except ':children' for groups of groups, it is safer to avoid generating
':suffix' blocks. At the moment Ansible only supports (but doesn't
recommend) group variables (:vars), and the Vagrant Ansible provisioner
won't support this way to define variables.
Syntax errors in `ansible.groups` definition are not well handled:
Error returned: undefined method `each' for "machine1":String (NoMethodError)
Being tolerant here doesn't hurt and may avoid people get
confused/annoyed.
env.active_machines can potentiall return 'invalid' machines:
- Ignore machines that are not declared in current Vagrantfile
- Warn when machines are missing (it usually occurs when the VM is
removed without `vagrant destroy` and some orphan metadata remains
in .vagrant/machines/...)
The Ansible provisioner will now only create a single inventory file named,
"vagrant_ansible_inventory". All defined Vagrant machines will be added to
this inventory file. Provisioning will now include a "--limit=#{machine}"
option to scope Ansible provisioning tasks to just the current machine. Setting
the Ansible provisioner's "limit" config option will override the new default
limit. Ansible provisioning scripts will now have access to all other defined
machines and what groups they reside in.