Commit Graph

192 Commits

Author SHA1 Message Date
Gilles Cornu 3842a1f710 provisioners/ansible: provide ssh identities via ANSIBLE_SSH_ARGS (when necessary)
When provisioning multiple machines in sequence (the default vagrant
behaviour), it doesn't make sense to require to provide the private ssh
key(s) via the custom ansible inventory script/file.

To align with the handling of multiple ssh keys per machine, we won't
rely any longer on `--private-key` command line argument, but only pass
the keys via `ANSIBLE_SSH_ARGS` environment variable.

Note that when vagrant generates the ansible inventory and that only one
key is associated to a VM, this step would be redundant, and therefore
won't be applied.

This change fixes the breaking change introduced by 3d62a91.
2015-07-10 08:51:17 +02:00
Luis Pabón f0718d620d provisioners/ansible: Put ssh key in the inventory
Vagrant 1.7.1 creates and injects new ssh keys for each virtual machine.
When it started ansible with the "parallel provisioning trick",
it would only send the ssh key of the targeted virtual machine.
With this change, vagrant now stores the ssh key for each virtual
machines directly in the generated ansible inventory, and thus allow
ansible parallelism.

Note that this change is not sufficient, as it would break vagrant
configuration based on a custom inventory (file or script). This issue
will be addressed in a next commit.

Signed-off-by: Luis Pabón <lpabon@redhat.com>
2015-07-10 08:39:49 +02:00
Nicholas Randon eb6aa2ac8c Allow Ansible provisioner to run reliably in parallel
The Ansible Vagrant provisioner has a race where the inventory file is
updated every time the provisioner runs unless a file is provided.

Therefore if Ansible attempts to provision two nodes in parallel, you
may see the following race:
   * System A writes the inventory file and calls Ansible.
   * System B starts to provision and truncates the file before
     creating a new one.
   * Ansible on system A now attempts to read the inventory
     file, which is blank. Ansible bombs out with "ERROR: provided
     hosts list is empty".

To fix this, we only allow Vagrant to update the inventory file if
it needs to.
2015-07-10 00:53:59 +02:00
Gilles Cornu 839a2e6fa6 provisioners/ansible: show ansible-playbook only when the verbose option is enabled
Revert 1c884fa4e5 which introduced the
following bug:

Instead of allowing to dump the `ansible-playbook` command details when
VAGRANT_LOG=debug was defined, it was then impossible to disable this
console output when VAGRANT_LOG was undefined (in such case,
``@logger.debug? systematically returns `true`)

In order to keep things simple and focused, it is preferable to drop the
bad idea to mix Ansible verbosity and Vagrant log level.

Fix #5803
2015-07-07 22:37:06 +02:00
Seth Vargo b92d4b21a1 Add UI::Interface#color? 2015-06-01 11:49:09 -04:00
Gilles Cornu f7894d9c8c provisioners/ansible: fix broken colorized output
After #5532 (e745436df3), it was no longer
possible to enable ansible colorized output. Even though
`ANSIBLE_NOCOLOR` has no effect *at the moment* in vagrant+ansible
integration, I agree to keep it for clarity and consistence.

The new `--no-color` behaviour (bug fix #5531) is now covered by a unit
test.

//cc @marsam, @sethvargo
2015-06-01 08:36:09 +02:00
Mario Rodas e745436df3 provisioners/ansible: disable color if Vagrant has no color [GH-5531] 2015-03-28 19:05:54 -05:00
Gilles Cornu cdd5d54208 provisioners/ansible: fix a typo in a comment
[ci skip]
2015-01-13 18:52:47 +01:00
Gilles Cornu 28e0646dc2 Fix typo error in CHANGELOG
Close #4860

[ci skip]
2015-01-12 10:59:07 +01:00
Gilles Cornu 2ecad8bb93 provisioners/ansible: increase connection timeout
This change helps to avoid troubles like reported in #5018 and #4860.

Note that for sake of configuration simplicity, no new `ansible.timeout`
option has been added. The users who want to set a different value can
rely on `ansible.raw_arguments`.
2015-01-12 10:54:01 +01:00
Gilles Cornu c3cae3d235 provisioners/ansible: add `IdentitiesOnly=yes`
This SSH option is always set, except when Vagrant is running from an
operating system fo the Solaris-family, as this parameter is not
supported by SunSSH. Logic taken from
bed1f8335f/lib/vagrant/util/ssh.rb (L116-L121)

Fix #5017
2015-01-12 08:58:29 +01:00
Gilles Cornu 118e223c33 provisioners/ansible: use Docker proxy when needed
Close #4071

Credits and best thanks to @jabclab
2014-12-08 21:43:21 +01:00
Gilles Cornu 3800103228 provisioners/ansible: improve comment wording
Get rid of the Joker, thanks to @maspwr :)
2014-12-07 22:34:19 +01:00
Gilles Cornu f96636587a provisioners/ansible: don't read/write known_hosts
Like Vagrant's default SSH behaviors (e.g ssh or ssh-config commands),
the Ansible provisioner should by default not modify or read the user
known host file (e.g. ~/.ssh/known_hosts).

Given that `UserKnownHostsFile=/dev/null` SSH option is usually combined
with `StrictHostKeyChecking=no`, it seems quite reasonable to bind the
activation/disactivation of both options to `host_key_checking`
provisioner attribute.

For the records, a discussion held in Ansible-Development mailing list
clearly confirmed that there is no short-term plan to adapt Ansible to
offer an extra option or change the behavior of
ANSIBLE_HOST_KEY_CHECKING. For this reason, the current implementation
seems reasonable and should be stable on the long run.

Close #3900

Related References:

- https://groups.google.com/forum/#!msg/ansible-devel/iuoZs1oImNs/6xrj5oa1CmoJ
- https://github.com/ansible/ansible/issues/9442
2014-11-30 09:55:48 +01:00
Gilles Cornu 178942cf27 provisioners/ansible: change arguments arrangement
- force `--connection=ssh` (any other modes like paramiko or smart are not
  supported)
- give the highest priority to `raw_arguments` for sake of simplicity (in
  usage, in code and in documentation)
- fix position of the `--limit` argument (the generated inventory could be
  shadowed by `raw_arguments`, while ansible.limit was able to override
  `raw_arguments`

ref #3396
2014-11-30 09:50:50 +01:00
Gilles Cornu 306c4f7eda provisioners/ansible: force --connection=ssh
When `--connection` argument is not specified, Ansible will use the
'smart' mode, which can either use `ssh` or `paramiko` transports,
depending of the version of OpenSSH available. If OpenSSH version is new
enough to support ControlPersist technology, `ssh` will be used.
See also http://docs.ansible.com/intro_configuration.html#transport.

In order to support some advanced features of Vagrant (e.g. multiple ssh
private key identities or ssh forwarding), the Ansible provisioner
already must force `ssh` connection mode.

Having to deal with the possible fallback to `paramiko` increase the
burden of special cases that Ansible provisioner must handle, without
any added value, as Vagrant is based on OpenSSH and its users are
usually using modern operating systems.

With this change, the Ansible provisioner will officially only support
`ssh`. It will still be possible to switch to another connection mode
via `raw_arguments`, but it will breach the "contract", and no
(community) support can be expected in such use case.

ref #3900, #3396
2014-11-30 09:50:50 +01:00
Gilles Cornu 1c884fa4e5 provisioners/ansible: Show Ansible command when VAGRANT_LOG=debug 2014-11-25 08:12:43 +01:00
Gilles Cornu 1e324093a5 provisioners/ansible: spare machine.ssh_info calls
As a result of #4670 and the safe decision to not memoize
machine.ssh_info (see 89a4a29d65 and
5036d16461), it is preferable to store the
ssh_info hashes and avoid multiple function calls when generating the
ansible inventory.
2014-10-23 22:58:01 +02:00
Veres Lajos 4ef996dca9 typofixes - https://github.com/vlajos/misspell_fixer 2014-08-25 20:12:25 +01:00
Kalman Hazins bb052366f7 Change symbols inside hashes to 1.9 JSON-like syntax 2014-05-22 12:35:12 -04:00
Gilles Cornu 52a44de10c provisioners/ansible: show ansible-playbook in use
Motivation:
By printing out the ansible command used behind the scene, we can ease
the support effort to very quickly identify whether a problem is due to
Vagrant provisioner or Ansible itself.
2014-05-04 22:54:12 +02:00
jjshoe 7ef8477e43 provisioners/ansible: Don't run with two --limits
Conflicts:
	test/unit/plugins/provisioners/ansible/provisioner_test.rb
2014-04-26 11:55:59 +02:00
Emilien Kenler b77bd3e6bb Unit test + vault password file existence check 2014-04-21 13:56:16 -07:00
Emilien Kenler dd06dffe85 Ansible Vault support
Add the following options to the Ansible provisioner:
- ask_vault_pass
- vault_password_file
2014-04-21 13:56:15 -07:00
Gilles Cornu 7ed17ae9ed provisioners/ansible: use strict boolean options
With this change, the ansible provisioner fully complies with
the current user documentation.
2014-04-12 13:48:15 +02:00
Gilles Cornu 0098b7604d provisioners/ansible: refer to inventory directory
By referring the directory that contains the generated inventory file,
users can easily provide more settings with additional files stored in
the same directory.
2014-04-11 08:20:32 +02:00
Mitchell Hashimoto 5a3a501455 provisioners/ansible: request SSH info within provisoin [GH-3111] 2014-03-11 09:03:23 -07:00
Gilles Cornu 1d09fc4a79 provisioners/ansible: add new option raw_ssh_args
Since the Ansible provisioner now potentially exports ANSIBLE_SSH_ARGS
variable, it is fair to allow to extend the content of this environment
variable (`ssh_args` parameters from ansible.cfg file have lower
priority)
2014-03-09 22:47:24 +01:00
Gilles Cornu 1c0bc20d21 Ansible: Re-enable ControlPersist defaults when ANSIBLE_SSH_ARGS is used
Solve problem discussed in [GH-2952]
2014-03-09 22:41:36 +01:00
Gilles Cornu 1d328f7021 provisioners/ansible: Disable host key checking
Close #3060
2014-03-06 23:55:08 +01:00
Gilles Cornu cf8bfb2347 Ansible: Refactor handling of SSH vars/attributes
Avoid repetitions by using (sometimes lazy loaded) instance attributes
2014-02-28 09:07:52 +01:00
Gilles Cornu db490c5da5 Ansible: force 'ssh' connection only when needed
Remain in 'smart' mode, unless Multiple SSH identities or SSH-Forwarding
are in use.
2014-02-28 09:07:51 +01:00
Bryan Hunt 9480edf05a Ansible: Support SSH-Forwarding
Credits: Problem was originally reported in
dba02f3526
by @picsolvebryan
2014-02-28 09:07:51 +01:00
Gilles Cornu ca1e30d405 Ansible: Support multiple private keys
Note that this feature requires to force `--connection=ssh`. This is not
a big deal as `paramiko` mode is deprecated and in most cases `smart`
mode enables `ssh` mode.
2014-02-28 09:07:51 +01:00
Gilles Cornu a62d28fd7f provisioners/ansible: remove an unused variable
Sorry, I missed that point in GH-2991 review.

[ci skip]
2014-02-28 09:00:05 +01:00
Gilles Cornu 1cd2fe56a0 ansible: generate inventory in .vagrant/... 2014-02-24 16:52:38 +01:00
Gilles Cornu 709f3f4e6f provisioners/ansible: Change --limit behaviours
- The implicit default limit is always set
- ansible.limit as an empty string won't disable the default limit, but
  will be passed as "--limit=" argument and ansible-playbook will return
  an error (provided host list is empty)
2014-02-16 11:39:15 +01:00
Gilles Cornu c2663f5d30 provisioners/ansible: Fix Group Management
- Support arbitrary depth of "groups of groups of ... groups"
- Skip ':vars' suffix, but allow group names with ':' (yes, Ansible
  accepts this character)
- Like for groups of machines, groups of groups can result "empty", but
  it is not an issue for Ansible. Recursive filter on the group tree is
  a bit hard to implement, and don't brind real added value at Vagrant
  level.
2014-02-16 11:20:00 +01:00
Gilles Cornu 466cf58476 ansible generated inventory: skip group variables
Except ':children' for groups of groups, it is safer to avoid generating
':suffix' blocks. At the moment Ansible only supports (but doesn't
recommend) group variables (:vars), and the Vagrant Ansible provisioner
won't support this way to define variables.
2014-02-02 23:28:04 +01:00
Gilles Cornu f564bf7410 Ansible Groups: Accept single item as String
Syntax errors in `ansible.groups` definition are not well handled:
Error returned: undefined method `each' for "machine1":String (NoMethodError)

Being tolerant here doesn't hurt and may avoid people get
confused/annoyed.
2014-02-02 23:21:06 +01:00
Gilles Cornu 84308964e2 ansible generated inventory: deal with orphan VMs
env.active_machines can potentiall return 'invalid' machines:
- Ignore machines that are not declared in current Vagrantfile
- Warn when machines are missing (it usually occurs when the VM is
  removed without `vagrant destroy` and some orphan metadata remains
  in .vagrant/machines/...)
2014-02-02 23:06:27 +01:00
Mark Aaron Shirley 3bf5032d4b Update Ansible provisioner to only create a single inventory file
The Ansible provisioner will now only create a single inventory file named,
"vagrant_ansible_inventory". All defined Vagrant machines will be added to
this inventory file. Provisioning will now include a "--limit=#{machine}"
option to scope Ansible provisioning tasks to just the current machine. Setting
the Ansible provisioner's "limit" config option will override the new default
limit. Ansible provisioning scripts will now have access to all other defined
machines and what groups they reside in.
2014-02-01 13:04:20 -08:00
Gilles Cornu e5f45e2b79 Ansible: Fix a bug in `raw_arguments` option
Without this change, it is not possible to pass more than one "raw"
argument, which was not the expected behavior. In addition to Array
format, String (for a single argument) is still accepted (for sake of
"backward compatibility" and ease of use).

Note: Due to low/expert usage of this option, I think that it is not
necessary to add more robust validation on this parameter (e.g. Array
of String type checking or argument syntax pattern matching). Use it at
your own risk ;-)
2013-12-16 21:20:10 +01:00
Mark Aaron Shirley 906579d25a Add ability to use Ansible groups in generated inventory. Fixes #2551. 2013-12-08 23:08:03 -08:00
Mitchell Hashimoto cd106986b4 provisioners/ansible: use the first private key
/cc @gildegoma - Does Ansible support multiple private keys? Vagrant
now does, so this isn't exactly safe.
2013-11-26 10:07:52 -08:00
Mitchell Hashimoto cc57933675 update changelog 2013-11-24 21:29:04 -08:00
Gilles Cornu 5aff4a1f20 Ansible: Improvements for 'extra_vars' argument
`extra_vars` argument can now:
- contains a hierarchical set of parameters (instead of flat Key-Value Pairs)
- alternatively refers to a configuration file (instead of embedded Hash)

See Ansible Documentation for version requirement details:
http://www.ansibleworks.com/docs/playbooks_variables.html#passing-variables-on-the-command-line
2013-10-12 00:29:39 +02:00
Matthew Johnson b514f0c321 remove extra alias for vvv verbosity 2013-10-04 15:32:10 -04:00
Matthew Johnson e5a2f1e8b7 fix ansible-playbook runs when verbosity is not specified 2013-10-04 02:58:49 -04:00
egghead 4f1a65f74b fixing default verbosity 2013-10-02 02:28:55 +00:00
jabclab c51952a68d Resolving #2194 (Ansible buffering output if run as subprocess) 2013-09-26 10:13:44 +01:00
Mitchell Hashimoto 36bd52713b provisioners/ansible: convert extra vars to strings [GH-2244] 2013-09-20 21:16:50 -07:00
Mitchell Hashimoto ee9fc00a04 provisioners/ansible: default output level is verbose [GH-2194] 2013-09-16 21:02:22 -07:00
Matthew Johnson 131ce4fc97 add ansible.host_key_checking configuration parameter 2013-09-13 22:48:12 -04:00
Gilles Cornu ce4f2824f4 Ansible: Support three available verbosity levels 2013-09-07 15:17:43 +02:00
Gilles Cornu 8a925e3461 Ansible: code cleanup and documentation update
Clean Up (code logic is kept unmodified):
* Remove repetition around `ansible.limit` option (merge conflict issue)
* Re-add missing comments from GH-1697 (merge conflict issue)
* Reorder instructions

Documentation for following changes:
* [GH-1697] add more options
* [GH-1979] extra verbosity option
2013-09-07 14:49:12 +02:00
Mitchell Hashimoto f82711259c provisioners/all: report proper invalid keys [GH-2117] 2013-09-04 16:57:15 -07:00
Mitchell Hashimoto 89ecb7850f Merge branch 'more_ansible_options' of https://github.com/gildegoma/vagrant into gildegoma-more_ansible_options
Conflicts:
	plugins/provisioners/ansible/provisioner.rb
2013-09-02 15:30:49 -07:00
Mitchell Hashimoto 949416c76c provisioners/ansible: use proper config name [GH-2104] 2013-08-31 21:48:41 -07:00
Mitchell Hashimoto 9e476330f4 provisioners/ansible: execute ansible with cwd of root_path [GH-2051] 2013-08-29 11:55:58 -07:00
Mitchell Hashimoto adb72b07d5 plugins/provisioners: put generated inventory file in vagrantfile dir 2013-08-28 16:54:44 -07:00
Mitchell Hashimoto 8445308830 Merge branch 'generate_ansible_hosts' of https://github.com/commandtab/vagrant into commandtab-generate_ansible_hosts
Conflicts:
	plugins/provisioners/ansible/provisioner.rb
2013-08-28 16:52:13 -07:00
Mitchell Hashimoto 02399a145c provisioners/ansible: allow verbose :extra to be string 2013-08-28 16:46:04 -07:00
Mitchell Hashimoto 99a51a1ba8 Merge pull request #1979 from bmabey/patch-1
provisioners/ansible: adds extra verbosity option
2013-08-28 16:45:04 -07:00
Ben Mabey bb3609e6b2 adds extra verbosity option to ansible provisioner 2013-08-12 09:31:54 -06:00
Gilles Cornu b061e02bc8 Add support for "ansible.skip_tags" attribute 2013-08-12 09:41:18 +02:00
Mitchell Hashimoto d237bc0657 provisioners/ansible: properly quote vars with spaces [GH-1984] 2013-08-09 11:51:36 -07:00
Mitchell Hashimoto 269f7c2cc6 Merge pull request #2007 from ches/ansible-exit-status
provisioners/ansible: Fix Ansible provisioner exit code reporting
2013-08-09 11:17:52 -07:00
Mitchell Hashimoto 17ecd05c5f plugins/provisioners/ansible: rename inventory_file to inventory_path
/cc @ches
2013-08-09 11:06:02 -07:00
Mitchell Hashimoto ac8b2c5047 plugins/provisioners/ansible: use exist? check
/cc @ches
2013-08-09 11:04:35 -07:00
Ches Martin c38855f8c1 Ansible inventory can be a directory, not just a file
It is an under-documented feature that one can specify a directory as
the Ansible inventory source, not just a single file. In that case,
Ansible merges the contents of flat files and any executable inventory
plugins found in the directory.

This is useful, for instance, to put localhost in your inventory for use
with `local_action` even if your entire infrastructure is otherwise on
EC2 or some other dynamic inventory source. I also use a flat file to
create aliases for host groups automatically generated from the EC2 API,
like "staging" for `tag_Environment_staging`.
2013-08-09 01:26:04 +07:00
Ches Martin d937cca495 Fix Ansible provisioner exit code reporting
In eb70c0d6bb we were trying to compare a Subprocess::Result to a
Fixnum, resulting in Vagrant always reporting failure regardless of
Ansible's exit code.
2013-07-30 19:25:15 +07:00
Mitchell Hashimoto eb70c0d6bb Show an error message if ansible fails to run [GH-1699] 2013-07-20 00:07:09 -04:00
Mitchell Hashimoto 8379d0e20e Don't forcibly output newlines for provisioners 2013-07-19 23:38:25 -04:00
Collin Allen f67938249d Generate ansible_hosts file if one is not provided 2013-07-06 23:47:37 -07:00
Gilles Cornu 8d5b614231 protected not private 2013-05-14 05:26:26 +02:00
Gilles Cornu f2e9562e5f Add support for "ansible.start_at_task" attribute 2013-05-14 05:25:28 +02:00
Gilles Cornu cc4734dfc1 Fix typo error (single dash: -vv not --vv) 2013-05-07 16:57:13 +02:00
Gilles Cornu 96fb28dcf9 Support different verbosity levels with 'ansible.verbose' 2013-05-06 23:01:27 +02:00
Gilles Cornu 66715de2ae Add a Joker to pass raw options to ansible-playbook call 2013-05-06 22:28:20 +02:00
Gilles Cornu 7bc6dd8a33 Add support for "ansible.tags" attribute 2013-05-06 21:17:45 +02:00
Mitchell Hashimoto d7990721a0 s/not/!/ in ansible provisioner config 2013-04-05 09:43:56 -07:00
Collin Allen d783b33fe2 Validate that extra_vars is a hash 2013-04-05 09:40:32 -07:00
Collin Allen c2b43787c5 Make Ansible extra_vars a hash instead of a string 2013-04-05 08:43:45 -07:00
Mitchell Hashimoto 1957efb4e1 Nicer error if ansible-playbook is not installed on the host 2013-04-04 14:01:26 -07:00
Mitchell Hashimoto 896db2f190 Ansible provisioner support CHANGELOG 2013-04-04 13:48:58 -07:00
Collin Allen 2aa96fc550 Enable Ansible color output 2013-04-04 11:31:27 -07:00
Collin Allen b52d4dcd58 Add config.rb newline 2013-04-04 00:24:14 -07:00
Collin Allen bbe08744a2 Use Vagrant::Util::Subprocess.execute instead of SafeExec 2013-04-04 00:07:59 -07:00
Collin Allen 28f4a4c890 Update 'require' calls to resemble shell provisioner 2013-04-04 00:07:30 -07:00
Collin Allen 5a052874b4 Improve ansible provisioner error checks 2013-04-03 23:07:07 -07:00
Collin Allen a1ad1207bd Add ansible provisioner 2013-04-03 22:56:32 -07:00