Introduction
Ansible is an invaluable tools when it comes to server automation. To make its magic work Ansible commands should be executed on a control machine. As of the time of the writing a Windows computer cannot be used in the role of the control machine.
There is a way to run Ansible with the help of Cygwin or some of its alternatives. One such a way is described here. I prefer to run Ansible (and some of the other tools like Meteor) from a Vagrant VM.
In short, Vagrant simplifies configuring and running local VMs. Such a VM can access the networks and the filesystem of the host providing a handy Linux-on-Windows solution.
Setup
Here are the actual steps to setup Ansible control machine on Vagrant.
Installation
At first install Vagrant on Windows.
In the directory of your choosing run vagrant init
to create a local VM config.
Open the generated Vagrantfile
and change config.vm.box = "base"
to config.vm.box = "ubuntu/trusty32"
. For the sake of simplicity I stick to Ubuntu and the 32-bit image is enough.
Provisioning
Now you need to create the provisioning script that will initialize the VM with all the needed packages. I know you must be thinking that this would be a great job for Ansible. Alas, not this time.
Enable provisioning by including this line in the Vagrantfile
:
config.vm.provision :shell, path: "bootstrap.sh"
Create bootstrap.sh
with the following content:
#!/usr/bin/env bash
apt-get update
apt-get install -y python-pip python-dev
pip install ansible
I prefer to install Ansible using pip
. After all, it is written in Python and PyPI
hosts a fairly recent version.
The keys
Now the SSH keys need to be generated and installed. It is also possible to use password authentication but it doesn't seem to be a common scenario.
Boot up and enter your new VM with vagrant init && vagrant ssh
. For obvious reasons it will take a while the first time.
For simplicity I generate my private keys on the VM. If you want to do the same execute
ssh-keygen -t rsa -C "[email protected]"
By default the keys will be saved in ~/.ssh
so don't forget to take them back to the host or you may lose them! To copy the keys to host execute
cp ~/.ssh/id_rsa ~/.ssh/id_rsa.pub /vagrant
Prepare your inventory file and place in the same folder as Vagrantfile
Change the permissions of the shared directory. Otherwise Ansible will try to execute your inventory file.
Add to Vagrantfile
config.vm.synced_folder ".", "/vagrant",
mount_options: ["dmode=774,fmode=664"]
Exit the Vagrant shell, then do vagrant reload && vagrant ssh
.
By default Ansible will connect to the remote hosts as user vagrant
because you are logged in to the vagrant shell as vagrant
. For the sake of simplicity let's make ansible connect as root. This can be done by providing --remote-user=root
or -u=root
to Ansible commands.
Now the remote hosts need to allow Ansible to connect. Thus for every remote host that you want to control execute
ssh-copy-id [email protected]
and authenticate.
Check
ansible all -m ping -i /vagrant/inventory.i -u root
Troubleshooting
Most of the problems with Ansible are caused by SSH errors. To get a trace and a more meaningful error message run your Ansible command with -vvvv
switch.
Make sure that you can SSH to the problematic host from the vagrant shell using the same authentication method and the credentials as Ansible is using.
Bonus tips
- Mount your project roots to Vagrant filesystem to assist deployment. For example if your static blog is located at
c:/projects/myblog
then write in theVagrantfile
:
config.vm.synced_folder "c:/projects/myblog", "/myblog"
- If you are using a static inventory, place the inventory file in the mounted folder and change the mounted folder`s mode
config.vm.synced_folder "c:/projects/myblog", "/myblog",
mount_options: ["dmode=774,fmode=664"]
Otherwise Ansible will try to treat your inventory file as if it was executable and expect some JSON output from it.
Now you can run your playbook like this
ansible-playbook -i /myblog/inventory.ini my-playbook.yml
- When you later decide to update Ansible to a fresh version execute
sudo pip install ansible --upgrade
- ConEmu is a better alternative to the standard Windows console.
References
A great article on some post-install steps not covered in the official documentation Ansible: Post-Install Setup
Comments
comments powered by Disqus