-
-
Save adarobin/2f02b8b993936233e15d76f6cddb9e00 to your computer and use it in GitHub Desktop.
from __future__ import (absolute_import, division, print_function) | |
__metaclass__ = type | |
from ansible.plugins.connection.ssh import Connection as SSHConnection | |
DOCUMENTATION = ''' | |
connection: packer | |
short_description: ssh based connections for powershell via packer | |
description: | |
- This connection plugin allows ansible to communicate to the target packer machines via ssh based connections for powershell. | |
author: Packer | |
version_added: na | |
options: | |
host: | |
description: Hostname/ip to connect to. | |
default: inventory_hostname | |
vars: | |
- name: ansible_host | |
- name: ansible_ssh_host | |
host_key_checking: | |
description: Determines if ssh should check host keys | |
type: boolean | |
ini: | |
- section: defaults | |
key: 'host_key_checking' | |
- section: ssh_connection | |
key: 'host_key_checking' | |
version_added: '2.5' | |
env: | |
- name: ANSIBLE_HOST_KEY_CHECKING | |
- name: ANSIBLE_SSH_HOST_KEY_CHECKING | |
version_added: '2.5' | |
vars: | |
- name: ansible_host_key_checking | |
version_added: '2.5' | |
- name: ansible_ssh_host_key_checking | |
version_added: '2.5' | |
password: | |
description: Authentication password for the C(remote_user). Can be supplied as CLI option. | |
vars: | |
- name: ansible_password | |
- name: ansible_ssh_pass | |
ssh_args: | |
description: Arguments to pass to all ssh cli tools | |
default: '-C -o ControlMaster=auto -o ControlPersist=60s' | |
ini: | |
- section: 'ssh_connection' | |
key: 'ssh_args' | |
env: | |
- name: ANSIBLE_SSH_ARGS | |
ssh_common_args: | |
description: Common extra args for all ssh CLI tools | |
ini: | |
- section: 'ssh_connection' | |
key: 'ssh_common_args' | |
version_added: '2.7' | |
env: | |
- name: ANSIBLE_SSH_COMMON_ARGS | |
version_added: '2.7' | |
vars: | |
- name: ansible_ssh_common_args | |
ssh_executable: | |
default: ssh | |
description: | |
- This defines the location of the ssh binary. It defaults to `ssh` which will use the first ssh binary available in $PATH. | |
- This option is usually not required, it might be useful when access to system ssh is restricted, | |
or when using ssh wrappers to connect to remote hosts. | |
env: [{name: ANSIBLE_SSH_EXECUTABLE}] | |
ini: | |
- {key: ssh_executable, section: ssh_connection} | |
yaml: {key: ssh_connection.ssh_executable} | |
#const: ANSIBLE_SSH_EXECUTABLE | |
version_added: "2.2" | |
vars: | |
- name: ansible_ssh_executable | |
version_added: '2.7' | |
sftp_executable: | |
default: sftp | |
description: | |
- This defines the location of the sftp binary. It defaults to ``sftp`` which will use the first binary available in $PATH. | |
env: [{name: ANSIBLE_SFTP_EXECUTABLE}] | |
ini: | |
- {key: sftp_executable, section: ssh_connection} | |
version_added: "2.6" | |
vars: | |
- name: ansible_sftp_executable | |
version_added: '2.7' | |
scp_executable: | |
default: scp | |
description: | |
- This defines the location of the scp binary. It defaults to `scp` which will use the first binary available in $PATH. | |
env: [{name: ANSIBLE_SCP_EXECUTABLE}] | |
ini: | |
- {key: scp_executable, section: ssh_connection} | |
version_added: "2.6" | |
vars: | |
- name: ansible_scp_executable | |
version_added: '2.7' | |
scp_extra_args: | |
description: Extra exclusive to the ``scp`` CLI | |
vars: | |
- name: ansible_scp_extra_args | |
env: | |
- name: ANSIBLE_SCP_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: scp_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
sftp_extra_args: | |
description: Extra exclusive to the ``sftp`` CLI | |
vars: | |
- name: ansible_sftp_extra_args | |
env: | |
- name: ANSIBLE_SFTP_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: sftp_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
ssh_extra_args: | |
description: Extra exclusive to the 'ssh' CLI | |
vars: | |
- name: ansible_ssh_extra_args | |
env: | |
- name: ANSIBLE_SSH_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: ssh_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
retries: | |
# constant: ANSIBLE_SSH_RETRIES | |
description: Number of attempts to connect. | |
default: 3 | |
type: integer | |
env: | |
- name: ANSIBLE_SSH_RETRIES | |
ini: | |
- section: connection | |
key: retries | |
- section: ssh_connection | |
key: retries | |
vars: | |
- name: ansible_ssh_retries | |
version_added: '2.7' | |
port: | |
description: Remote port to connect to. | |
type: int | |
default: 22 | |
ini: | |
- section: defaults | |
key: remote_port | |
env: | |
- name: ANSIBLE_REMOTE_PORT | |
vars: | |
- name: ansible_port | |
- name: ansible_ssh_port | |
remote_user: | |
description: | |
- User name with which to login to the remote server, normally set by the remote_user keyword. | |
- If no user is supplied, Ansible will let the ssh client binary choose the user as it normally | |
ini: | |
- section: defaults | |
key: remote_user | |
env: | |
- name: ANSIBLE_REMOTE_USER | |
vars: | |
- name: ansible_user | |
- name: ansible_ssh_user | |
pipelining: | |
default: ANSIBLE_PIPELINING | |
description: | |
- Pipelining reduces the number of SSH operations required to execute a module on the remote server, | |
by executing many Ansible modules without actual file transfer. | |
- This can result in a very significant performance improvement when enabled. | |
- However this conflicts with privilege escalation (become). | |
For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts, | |
which is why this feature is disabled by default. | |
env: | |
- name: ANSIBLE_PIPELINING | |
#- name: ANSIBLE_SSH_PIPELINING | |
ini: | |
- section: defaults | |
key: pipelining | |
#- section: ssh_connection | |
# key: pipelining | |
type: boolean | |
vars: | |
- name: ansible_pipelining | |
- name: ansible_ssh_pipelining | |
private_key_file: | |
description: | |
- Path to private key file to use for authentication | |
ini: | |
- section: defaults | |
key: private_key_file | |
env: | |
- name: ANSIBLE_PRIVATE_KEY_FILE | |
vars: | |
- name: ansible_private_key_file | |
- name: ansible_ssh_private_key_file | |
control_path: | |
description: | |
- This is the location to save ssh's ControlPath sockets, it uses ssh's variable substitution. | |
- Since 2.3, if null, ansible will generate a unique hash. Use `%(directory)s` to indicate where to use the control dir path setting. | |
env: | |
- name: ANSIBLE_SSH_CONTROL_PATH | |
ini: | |
- key: control_path | |
section: ssh_connection | |
vars: | |
- name: ansible_control_path | |
version_added: '2.7' | |
control_path_dir: | |
default: ~/.ansible/cp | |
description: | |
- This sets the directory to use for ssh control path if the control path setting is null. | |
- Also, provides the `%(directory)s` variable for the control path setting. | |
env: | |
- name: ANSIBLE_SSH_CONTROL_PATH_DIR | |
ini: | |
- section: ssh_connection | |
key: control_path_dir | |
vars: | |
- name: ansible_control_path_dir | |
version_added: '2.7' | |
sftp_batch_mode: | |
default: 'yes' | |
description: 'TODO: write it' | |
env: [{name: ANSIBLE_SFTP_BATCH_MODE}] | |
ini: | |
- {key: sftp_batch_mode, section: ssh_connection} | |
type: bool | |
vars: | |
- name: ansible_sftp_batch_mode | |
version_added: '2.7' | |
scp_if_ssh: | |
default: smart | |
description: | |
- "Prefered method to use when transfering files over ssh" | |
- When set to smart, Ansible will try them until one succeeds or they all fail | |
- If set to True, it will force 'scp', if False it will use 'sftp' | |
env: [{name: ANSIBLE_SCP_IF_SSH}] | |
ini: | |
- {key: scp_if_ssh, section: ssh_connection} | |
vars: | |
- name: ansible_scp_if_ssh | |
version_added: '2.7' | |
use_tty: | |
version_added: '2.5' | |
default: 'yes' | |
description: add -tt to ssh commands to force tty allocation | |
env: [{name: ANSIBLE_SSH_USETTY}] | |
ini: | |
- {key: usetty, section: ssh_connection} | |
type: bool | |
vars: | |
- name: ansible_ssh_use_tty | |
version_added: '2.7' | |
''' | |
class Connection(SSHConnection): | |
''' ssh based connections for powershell via packer''' | |
transport = 'packer' | |
has_pipelining = True | |
become_methods = [] | |
allow_executable = False | |
module_implementation_preferences = ('.ps1', '') | |
def __init__(self, *args, **kwargs): | |
super(Connection, self).__init__(*args, **kwargs) |
update
Now it just hangs
Please ignore the above
I discovered the core of the issue
Hi Strijd,
Please can you help me with the scripts you have used....I am using Windows 2016 AMI , Packer 1.3.3 , Ansible 2.7 .
Hi svcvarma,
Versions:
Ansible: 2.7.6
Packer: 1.3.4
{
"variables": {
"ansible_cfg_path": "../provisioners/ansible",
"ENVIRONMENT": "",
"dotnet_version": "4.5"
},
"builders":[
{
"type":"amazon-ebs",
"profile":"default",
"region":"eu-west-1",
"source_ami":"ami-046ad87f7b7598d2e",
"instance_type":"t2.micro",
"ami_name":"BLUEPRISM-{{ user `ENVIRONMENT` }}-{{timestamp}}",
"user_data_file": "{{template_dir}}/../bootstrap/aws/userdata/bootstrap-aws.txt",
"communicator": "winrm",
"winrm_timeout": "20m",
"winrm_port": 5985,
"winrm_username": "Administrator",
"ami_block_device_mappings": [
{
"volume_type": "gp2",
"device_name": "sdh",
"volume_size": "50"
}
],
"tags":{
"Name": "BLUEPRISM-{{ user `ENVIRONMENT` }}-{{timestamp}}"
}
}
],
"provisioners": [
{
"type": "powershell",
"scripts": [
"{{template_dir}}/../provisioners/powershell/disable-uac.ps1",
"{{template_dir}}/../provisioners/powershell/install-chocolatey.ps1",
"{{template_dir}}/../provisioners/powershell/ConfigureRemotingForAnsible.ps1"
]
},
{
"type": "powershell",
"inline": [
"choco install -y dotnet{{user `dotnet_version`}}",
"Add-WindowsFeature telnet-client -Verbose",
"Add-WindowsFeature SNMP-Service -Verbose"
]
},
{
"type": "powershell",
"scripts": [
"{{template_dir}}/../provisioners/powershell/sysprep-ec2config.ps1",
"{{template_dir}}/../provisioners/powershell/Upgrade-PowerShell.ps1",
"{{template_dir}}/../provisioners/powershell/sysprep-bundleconfig.ps1"
]
},
{
"type": "ansible",
"playbook_file": "{{template_dir}}/../provisioners/ansible/blueprism-server.yml",
"ansible_env_vars": [
"ANSIBLE_HOST_KEY_CHECKING=False",
"ANSIBLE_SSH_ARGS='-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s'",
"ANSIBLE_NOCOLOR=True",
"ANSIBLE_CONFIG={{ user `ansible_cfg_path` }}",
"WINRM_PASSWORD={{.WinRMPassword}}"
],
"extra_arguments": [
"--extra-vars=ansible_user={{ user `winrm_user`}} ansible_password={{ user `winrm_password` }}, ansible_shell_type=powershell ansible_shell_executable=None ENV={{ user `ENVIRONMENT` }}",
"--connection=packer"
]
}
]
}
The folder structure looks as follow:
.
├── bootstrap
│ └── aws
│ └── userdata
│ └── bootstrap-aws.txt
├── provisioners
│ ├── ansible
│ │ ├── ansible.cfg
│ │ ├── blueprism-server.yml
│ │ ├── connection_plugins
│ │ │ └── packer.py
│ │ └── roles
│ │ └── win-blueprism
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── bp-deploy.yml
│ │ │ ├── bp-localdb-config.yml
│ │ │ ├── localdb.yml
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ └── CreateScript.sql
│ │ ├── tests
│ │ │ ├── inventory
│ │ │ └── test.yml
│ │ └── vars
│ │ └── main.yml
│ └── powershell
│ ├── ConfigureRemotingForAnsible.ps1
│ ├── Install-WMF3Hotfix.ps1
│ ├── Upgrade-PowerShell.ps1
│ ├── defrag-c.ps1
│ ├── disable-uac.ps1
│ ├── install-chocolatey.ps1
│ ├── sysprep-bundleconfig.ps1
│ └── sysprep-ec2config.ps1
└── templates
├── aws-blueprism-server.json
├── aws-blueprism-server.json.old
└── azure-blueprism-server.json
I hope this helps.
I had some issues with using win_updates and win_reboot modules. I added these method overrides to get past those. I have been using this for a while and have not experienced any issues but not have been tested well. https://gist.github.com/finarfin/d1547152bc13c84a6eeecb55bd406368/revisions#diff-31df03e59b6b6b41ea747670e2118cb9R276
I updated the my fork of the connection plugin for async support.
Hi @ ichwill100 , All,
I am a bit confused with the ansible.cfg file. how should I configure it?
Here is my directory structure
Ansible\playbook.yml
connections_plugins\packer.py
packer\windows2016.json
scripts\ powershell1.ps1 , powershell2.ps1
This is how I used ansible provisioner.
{
"type": "ansible",
"playbook_file": "../ansible/playbook.yml",
"extra_arguments": [
"--connection", "packer", "-vvv",
"--extra-vars", "winrm_password={{ .WinRMPassword }},ansible_shell_type=powershell ansible_shell_executable=None"
]
}
]
}
Issue:
- I was able to get winrm connection established.
- Powershell scripts from provisioner are running
- Ansbile playbook is failing.
Do I need to configure " ansible.cfg"file? Please help me with the issue.
Hi Strijd
Can you please let me know how this error if fixed ?
amazon-ebs: KeyError: 'runas'
amazon-ebs: fatal: [pmc-1]: FAILED! => {
amazon-ebs: "msg": "Unexpected failure during module execution.",
amazon-ebs: "stdout": ""
I am using ansible 2.7.12
Hi
I'm miserably trying to use ansible provisioner with windows but nothing seems to work.
Can you please post an example
packer version 1.3.3
ansible 2.7.5
packer.py installed
Here is what i tried
my json {{ provisioner part }}
results:
Thanks