Ansible provisioner isn't working with packer
1,958 views
Skip to first unread message
rick turner
Oct 11, 2017, 12:00:44 AM10/11/17
to Packer
Description:
-----------------
I am trying to execute a ansible playbook in my base.json but it's throwing me permission related errors:
Error:
-------
amazon-ebs: fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "module_stderr": "sudo: a password is required\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
site.yml:
------------
---
- hosts: localhost
become: yes
roles:
- tomcat
base.json:
--------------
{
"provisioners": [{
"type": "shell",
"inline": [
"sleep 5"
]
},
{
"type": "ansible",
"playbook_file": "./ansible/site.yml"
}
],
"builders": [{
"type": "amazon-ebs",
"access_key": "",
"secret_key": "",
"region": "***********",
"subnet_id": "***********",
"vpc_id": "***********",
"source_ami": "**********",
"instance_type": "t2.micro",
"ssh_username": "ec2-user",
"ami_name": "tomcat {{timestamp}}",
"ssh_pty": "true",
"security_group_ids": ["***********", "***********"]
}]
}
Thanks in advance
-----------------
I am trying to execute a ansible playbook in my base.json but it's throwing me permission related errors:
Error:
-------
amazon-ebs: fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "module_stderr": "sudo: a password is required\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
site.yml:
------------
---
- hosts: localhost
become: yes
roles:
- tomcat
base.json:
--------------
{
"provisioners": [{
"type": "shell",
"inline": [
"sleep 5"
]
},
{
"type": "ansible",
"playbook_file": "./ansible/site.yml"
}
],
"builders": [{
"type": "amazon-ebs",
"access_key": "",
"secret_key": "",
"region": "***********",
"subnet_id": "***********",
"vpc_id": "***********",
"source_ami": "**********",
"instance_type": "t2.micro",
"ssh_username": "ec2-user",
"ami_name": "tomcat {{timestamp}}",
"ssh_pty": "true",
"security_group_ids": ["***********", "***********"]
}]
}
Thanks in advance
Rickard von Essen
Oct 11, 2017, 12:27:24 AM10/11/17
to packe...@googlegroups.com
Seems like your user is not allowed to do sudo without password.
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/da34e3b5-6a3d-4392-9728-bd9817ba0e09%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
rick turner
Oct 11, 2017, 12:34:22 AM10/11/17
to Packer
yes you are right Essen
but the thing is i am not sure what user shall i use as the ami i am using is rhel7 and by default ec2-user has sudo previleges.
Not sure about with what user does packer executes all these things. weird thing is if i put sudo in shell provisioner, it works fine but in ansible i am using become: yes, it's not helping out.
I have also tried using like:
{
"type": "ansible",
"user": "ec2-user",
"playbook_file": "./ansible/site.yml"
}
Still No luck
but the thing is i am not sure what user shall i use as the ami i am using is rhel7 and by default ec2-user has sudo previleges.
Not sure about with what user does packer executes all these things. weird thing is if i put sudo in shell provisioner, it works fine but in ansible i am using become: yes, it's not helping out.
I have also tried using like:
{
"type": "ansible",
"user": "ec2-user",
"playbook_file": "./ansible/site.yml"
}
Still No luck
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.
Rickard von Essen
Oct 11, 2017, 1:01:02 AM10/11/17
to packe...@googlegroups.com
"user" is not important.
Packer connects and runs ansible with the ssh_username user. The best way to troubleshoot this is to step back launch a ec2 manually run ansible-playbook with a simple playbook using -u <ssh_username>. Verify that it works, if not read http://docs.ansible.com/ansible/latest/become.html
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/b3648f66-fa95-4f30-b8b6-12c99ad94718%40googlegroups.com.
rick turner
Oct 11, 2017, 1:27:31 AM10/11/17
to Packer
It's working fine with ec2-user
I kept everything same.
rick turner
Oct 11, 2017, 1:54:43 AM10/11/17
to Packer
But still not working with packer
Rickard von Essen
Oct 11, 2017, 2:22:52 AM10/11/17
to packe...@googlegroups.com
Then add -vvvv as extra args to ansible and rerun packer with PACKER_LOG=1. If you don't find the problem try posting the log here.
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/83f02563-ff45-4423-b5bf-6ff3b152c24c%40googlegroups.com.
rick turner
Oct 11, 2017, 3:09:24 AM10/11/17
to Packer
LOGS
amazon-ebs output will be in this color.
==> amazon-ebs: Prevalidating AMI Name...
amazon-ebs: Found Image ID: ami-10bb2373
==> amazon-ebs: Creating temporary keypair: packer_59ddc18b-e38a-b6c5-a0f5-1c57755439ee
==> amazon-ebs: Launching a source AWS instance...
amazon-ebs: Instance ID: i-0dd39cfd346ea053f
==> amazon-ebs: Waiting for instance (i-0dd39cfd346ea053f) to become ready...
==> amazon-ebs: Waiting for SSH to become available...
==> amazon-ebs: Connected to SSH!
==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell547732734
==> amazon-ebs: Provisioning with Ansible...
amazon-ebs: Using /etc/ansible/ansible.cfg as config file
amazon-ebs: Loaded callback default of type stdout, v2.0
amazon-ebs: 1 plays in /tmp/packertest/ansible/site.yml
amazon-ebs:
amazon-ebs: PLAY ***************************************************************************
amazon-ebs:
amazon-ebs: TASK [setup] *******************************************************************
amazon-ebs: ESTABLISH LOCAL CONNECTION FOR USER: ricky
amazon-ebs: 127.0.0.1 EXEC ( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603 )" )
amazon-ebs: 127.0.0.1 PUT /tmp/tmp_fuAmB TO /home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/setup
amazon-ebs: 127.0.0.1 EXEC /bin/sh -c 'sudo -H -S -n -u root /bin/sh -c '"'"'echo BECyasOME-SUCCESS-gyhhqcipomahfdamglgevccqwzrfdvno; LANG=en_IN LC_ALL=en_IN LC_MESSAGES=en_IN /usr/bin/python /home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/setup; rm -rf "/home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/" > /dev/null 2>&1'"'"''
amazon-ebs: fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "setup"}, "module_stderr": "sudo: a password is required\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
amazon-ebs:
amazon-ebs: NO MORE HOSTS LEFT *************************************************************
amazon-ebs:
amazon-ebs: PLAY RECAP *********************************************************************
amazon-ebs: localhost : ok=0 changed=0 unreachable=0 failed=1
amazon-ebs:
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Error executing Ansible: Non-zero exit status: exit status 2
==> Some builds didn't complete successfully and had errors:
--> amazon-ebs: Error executing Ansible: Non-zero exit status: exit status 2
==> Builds finished but no artifacts were created.
amazon-ebs output will be in this color.
==> amazon-ebs: Prevalidating AMI Name...
amazon-ebs: Found Image ID: ami-10bb2373
==> amazon-ebs: Creating temporary keypair: packer_59ddc18b-e38a-b6c5-a0f5-1c57755439ee
==> amazon-ebs: Launching a source AWS instance...
amazon-ebs: Instance ID: i-0dd39cfd346ea053f
==> amazon-ebs: Waiting for instance (i-0dd39cfd346ea053f) to become ready...
==> amazon-ebs: Waiting for SSH to become available...
==> amazon-ebs: Connected to SSH!
==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell547732734
==> amazon-ebs: Provisioning with Ansible...
amazon-ebs: Using /etc/ansible/ansible.cfg as config file
amazon-ebs: Loaded callback default of type stdout, v2.0
amazon-ebs: 1 plays in /tmp/packertest/ansible/site.yml
amazon-ebs:
amazon-ebs: PLAY ***************************************************************************
amazon-ebs:
amazon-ebs: TASK [setup] *******************************************************************
amazon-ebs: ESTABLISH LOCAL CONNECTION FOR USER: ricky
amazon-ebs: 127.0.0.1 EXEC ( umask 22 && mkdir -p "$( echo $HOME/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603 )" && echo "$( echo $HOME/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603 )" )
amazon-ebs: 127.0.0.1 PUT /tmp/tmp_fuAmB TO /home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/setup
amazon-ebs: 127.0.0.1 EXEC /bin/sh -c 'sudo -H -S -n -u root /bin/sh -c '"'"'echo BECyasOME-SUCCESS-gyhhqcipomahfdamglgevccqwzrfdvno; LANG=en_IN LC_ALL=en_IN LC_MESSAGES=en_IN /usr/bin/python /home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/setup; rm -rf "/home/ricky/.ansible/tmp/ansible-tmp-1507705298.16-248053420755603/" > /dev/null 2>&1'"'"''
amazon-ebs: fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "setup"}, "module_stderr": "sudo: a password is required\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
amazon-ebs:
amazon-ebs: NO MORE HOSTS LEFT *************************************************************
amazon-ebs:
amazon-ebs: PLAY RECAP *********************************************************************
amazon-ebs: localhost : ok=0 changed=0 unreachable=0 failed=1
amazon-ebs:
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Error executing Ansible: Non-zero exit status: exit status 2
==> Some builds didn't complete successfully and had errors:
--> amazon-ebs: Error executing Ansible: Non-zero exit status: exit status 2
==> Builds finished but no artifacts were created.
rick turner
Oct 11, 2017, 3:44:59 AM10/11/17
to Packer
This is when i am disabling become: yes in playbook
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
amazon-ebs output will be in this color.
==> amazon-ebs: Prevalidating AMI Name...
amazon-ebs: Found Image ID: ami-10bb2373
==> amazon-ebs: Creating temporary keypair: packer_59ddcb29-4190-0891-7cf4-1d75fcfc4223
==> amazon-ebs: Launching a source AWS instance...
amazon-ebs: Instance ID: i-0dc93665fbb502fe1
==> amazon-ebs: Waiting for instance (i-0dc93665fbb502fe1) to become ready...
==> amazon-ebs: Waiting for instance (i-0dc93665fbb502fe1) to become ready...
==> amazon-ebs: Waiting for SSH to become available...
==> amazon-ebs: Connected to SSH!
==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell364699989
==> amazon-ebs: Provisioning with Ansible...
amazon-ebs:
amazon-ebs: PLAY ***************************************************************************
amazon-ebs:
amazon-ebs: TASK [setup] *******************************************************************
amazon-ebs:
amazon-ebs: TASK [setup] *******************************************************************
amazon-ebs: ok: [localhost]
amazon-ebs:
amazon-ebs: TASK [tomcat : Download tomcat] ************************************************
amazon-ebs: ok: [localhost]
amazon-ebs:
amazon-ebs: TASK [tomcat : Extract tomcat] *************************************************
amazon-ebs: ok: [localhost]
amazon-ebs:
amazon-ebs: TASK [tomcat : Download tomcat extras libralies] *******************************
amazon-ebs: failed: [localhost] => (item={u'name': u'catalina-jmx-remote.jar', u'dir': u'lib'}) => {"failed": true, "item": {"dir": "lib", "name": "catalina-jmx-remote.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/lib/catalina-jmx-remote.jar not writable"}
amazon-ebs: failed: [localhost] => (item={u'name': u'tomcat-juli-adapters.jar', u'dir': u'lib'}) => {"failed": true, "item": {"dir": "lib", "name": "tomcat-juli-adapters.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/lib/tomcat-juli-adapters.jar not writable"}
amazon-ebs: failed: [localhost] => (item={u'name': u'tomcat-juli.jar', u'dir': u'bin'}) => {"failed": true, "item": {"dir": "bin", "name": "tomcat-juli.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/bin/tomcat-juli.jar not writable"}
amazon-ebs:
amazon-ebs: TASK [tomcat : Download tomcat] ************************************************
amazon-ebs: ok: [localhost]
amazon-ebs:
amazon-ebs: TASK [tomcat : Extract tomcat] *************************************************
amazon-ebs: ok: [localhost]
amazon-ebs:
amazon-ebs: TASK [tomcat : Download tomcat extras libralies] *******************************
amazon-ebs: failed: [localhost] => (item={u'name': u'catalina-jmx-remote.jar', u'dir': u'lib'}) => {"failed": true, "item": {"dir": "lib", "name": "catalina-jmx-remote.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/lib/catalina-jmx-remote.jar not writable"}
amazon-ebs: failed: [localhost] => (item={u'name': u'tomcat-juli-adapters.jar', u'dir': u'lib'}) => {"failed": true, "item": {"dir": "lib", "name": "tomcat-juli-adapters.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/lib/tomcat-juli-adapters.jar not writable"}
amazon-ebs: failed: [localhost] => (item={u'name': u'tomcat-juli.jar', u'dir': u'bin'}) => {"failed": true, "item": {"dir": "bin", "name": "tomcat-juli.jar"}, "msg": "Destination /opt/apache-tomcat-8.0.23/bin/tomcat-juli.jar not writable"}
amazon-ebs:
amazon-ebs: PLAY RECAP *********************************************************************
amazon-ebs: localhost : ok=3 changed=0 unreachable=0 failed=1
rick turner
Oct 11, 2017, 6:27:23 AM10/11/17
to Packer
It's working with `ansible-local` provisioner but not with `ansible` provisioner
Rickard von Essen
Oct 12, 2017, 12:52:02 AM10/12/17
to packe...@googlegroups.com
It's really hard for me to help much more without a full repro case. The general advice I can give is to use a existing ssh_keypair that you have access to and run with --on-error=ask and wait for ansible to fail, jump into the instance and troubleshoot (check syslog and auth logs).
Just to give you something to compare with here is a working example:
{
"builders": [
{
"type": "amazon-ebs",
"region": "eu-west-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "CentOS Linux 7 x86_64 HVM EBS*",
"root-device-type": "ebs"
},
"owners": ["410186602215"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "centos",
"ssh_pty": "true",
"ami_name": "packer-demo-{{timestamp}}"
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"echo Hi"
]
},
{
"type": "ansible",
"playbook_file": "./playbook.yml"
}
]
}
playbook.yml:
---
- hosts: all
become: yes
tasks:
- name: Debug
debug: msg=Hi
- name: Shelling
shell: id
On 11 October 2017 at 12:27, rick turner <yashvind...@opstree.com> wrote:
It's working with `ansible-local` provisioner but not with `ansible` provisioner
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/9a2c15fb-cde3-41bb-be47-e4d45feacad7%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages