OlegGorj

based on blog "how to use ansible with terraform"

Recently, I’ve started using Terraform for creating a cloud test rig and it’s pretty dope. In a matter of a few days, I went from “never used AWS” to the “I have a declarative way to create an isolated infrastructure in the cloud”. I’m spinning a couple of instances in a dedicated subnet inside a VPC with a security group and dedicated SSH keypair and all of this is coded in a mere few hundred lines.

It’s all nice and dandy but after creating an instance from some basic AMI I need to provision it. My go-to tool for this is Ansible but, unfortunately, Terraform doesn’t support it natively as it does for Chef and Salt. This is unlike Packer that has ansible (remote) and ansible-local. Do we really need provisioning in the cloud? Instead of using the empty AMIs you could bake your own AMI and skip the whole provisioning part completely but I see a giant flaw in this setup. Every change, even a small one, requires recreation of the whole instance. If it’s a ch

OlegGorj

Running Docker Commands Docker, Machine, and iOS Builds > Running Docker Commands

This document explains how to build Docker images for deploying elsewhere or for further testing and how to start services in remote docker containers in the following sections:

Overview Specifications Example Docker version Separation of Environments

OlegGorj

The variable name is ansible_ssh_private_key_file .

One should set it at 'vars' level:

• in the inventory file:

myHost ansible_ssh_private_key_file=~/.ssh/mykey1.pem
myOtherHost ansible_ssh_private_key_file=~/.ssh/mykey2.pem

OlegGorj

boot2docker VM can exist on some other IP, for example if you delete and init/run a new boot2docker, you'll get .104

docker@boot2docker:~$ ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 08:00:27:AA:BB:CC
          inet addr:192.168.59.104  Bcast:192.168.59.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:feaa:bbcc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:366709 errors:0 dropped:0 overruns:0 frame:0
 TX packets:55677 errors:0 dropped:0 overruns:0 carrier:0

OlegGorj

Instead of putting raw bash commands we can write a reusable Ansible role invoke it from the playbook that will be used inside Docker container to provision it.

This is how I do it

FROM debian:9

# Bootstrap Ansible via pip
RUN apt-get update && apt-get install -y wget gcc make python python-dev python-setuptools python-pip libffi-dev libssl-dev libyaml-dev
RUN pip install -U pip

OlegGorj

More complicated if-else-statements

The approach above works well if you are creating different types of resources in the if and else clauses, but what if you wanted to create two different versions of the same resource? For example, let’s say that when you first created your microservice module, all the microservices ran the same shell script in User Data script when booting:

resource "aws_instance" "example" {
  ami = "${var.ami}"
  instance_type = "${var.instance_type}"
  user_data = "${data.template_file.user_data_shell.rendered}"
 tags {

OlegGorj

The solution is to jump through my NAT instances to hit and provision private subnet boxes with Terraform. If your security groups are set up correctly it does work.

/* VPC creation */
resource "aws_vpc" "vpc_poc" {
  cidr_block = "10.200.0.0/16"
}

OlegGorj

{
    "builders": [{
        "type": "amazon-ebs",
        "access_key": "",
        "secret_key": "",
        "region": "us-east-1",
        "source_ami": "ami-de0d9eb7",
        "instance_type": "m1.large",

OlegGorj

Deploy Jenkins with Docker and Ansible

Ansible roles for deploying a Jenkins instance on Debian within a Docker container behind nginx.

Install Docker

Use ansible's apt module to install the Docker engine as a system service:

- name: Add Docker Group

OlegGorj

#!groovy
# Best of Jenkinsfile
# `Jenkinsfile` is a groovy script DSL for defining CI/CD workflows for Jenkins
node {
}