-
-
Save adarobin/2f02b8b993936233e15d76f6cddb9e00 to your computer and use it in GitHub Desktop.
from __future__ import (absolute_import, division, print_function) | |
__metaclass__ = type | |
from ansible.plugins.connection.ssh import Connection as SSHConnection | |
DOCUMENTATION = ''' | |
connection: packer | |
short_description: ssh based connections for powershell via packer | |
description: | |
- This connection plugin allows ansible to communicate to the target packer machines via ssh based connections for powershell. | |
author: Packer | |
version_added: na | |
options: | |
host: | |
description: Hostname/ip to connect to. | |
default: inventory_hostname | |
vars: | |
- name: ansible_host | |
- name: ansible_ssh_host | |
host_key_checking: | |
description: Determines if ssh should check host keys | |
type: boolean | |
ini: | |
- section: defaults | |
key: 'host_key_checking' | |
- section: ssh_connection | |
key: 'host_key_checking' | |
version_added: '2.5' | |
env: | |
- name: ANSIBLE_HOST_KEY_CHECKING | |
- name: ANSIBLE_SSH_HOST_KEY_CHECKING | |
version_added: '2.5' | |
vars: | |
- name: ansible_host_key_checking | |
version_added: '2.5' | |
- name: ansible_ssh_host_key_checking | |
version_added: '2.5' | |
password: | |
description: Authentication password for the C(remote_user). Can be supplied as CLI option. | |
vars: | |
- name: ansible_password | |
- name: ansible_ssh_pass | |
ssh_args: | |
description: Arguments to pass to all ssh cli tools | |
default: '-C -o ControlMaster=auto -o ControlPersist=60s' | |
ini: | |
- section: 'ssh_connection' | |
key: 'ssh_args' | |
env: | |
- name: ANSIBLE_SSH_ARGS | |
ssh_common_args: | |
description: Common extra args for all ssh CLI tools | |
ini: | |
- section: 'ssh_connection' | |
key: 'ssh_common_args' | |
version_added: '2.7' | |
env: | |
- name: ANSIBLE_SSH_COMMON_ARGS | |
version_added: '2.7' | |
vars: | |
- name: ansible_ssh_common_args | |
ssh_executable: | |
default: ssh | |
description: | |
- This defines the location of the ssh binary. It defaults to `ssh` which will use the first ssh binary available in $PATH. | |
- This option is usually not required, it might be useful when access to system ssh is restricted, | |
or when using ssh wrappers to connect to remote hosts. | |
env: [{name: ANSIBLE_SSH_EXECUTABLE}] | |
ini: | |
- {key: ssh_executable, section: ssh_connection} | |
yaml: {key: ssh_connection.ssh_executable} | |
#const: ANSIBLE_SSH_EXECUTABLE | |
version_added: "2.2" | |
vars: | |
- name: ansible_ssh_executable | |
version_added: '2.7' | |
sftp_executable: | |
default: sftp | |
description: | |
- This defines the location of the sftp binary. It defaults to ``sftp`` which will use the first binary available in $PATH. | |
env: [{name: ANSIBLE_SFTP_EXECUTABLE}] | |
ini: | |
- {key: sftp_executable, section: ssh_connection} | |
version_added: "2.6" | |
vars: | |
- name: ansible_sftp_executable | |
version_added: '2.7' | |
scp_executable: | |
default: scp | |
description: | |
- This defines the location of the scp binary. It defaults to `scp` which will use the first binary available in $PATH. | |
env: [{name: ANSIBLE_SCP_EXECUTABLE}] | |
ini: | |
- {key: scp_executable, section: ssh_connection} | |
version_added: "2.6" | |
vars: | |
- name: ansible_scp_executable | |
version_added: '2.7' | |
scp_extra_args: | |
description: Extra exclusive to the ``scp`` CLI | |
vars: | |
- name: ansible_scp_extra_args | |
env: | |
- name: ANSIBLE_SCP_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: scp_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
sftp_extra_args: | |
description: Extra exclusive to the ``sftp`` CLI | |
vars: | |
- name: ansible_sftp_extra_args | |
env: | |
- name: ANSIBLE_SFTP_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: sftp_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
ssh_extra_args: | |
description: Extra exclusive to the 'ssh' CLI | |
vars: | |
- name: ansible_ssh_extra_args | |
env: | |
- name: ANSIBLE_SSH_EXTRA_ARGS | |
version_added: '2.7' | |
ini: | |
- key: ssh_extra_args | |
section: ssh_connection | |
version_added: '2.7' | |
retries: | |
# constant: ANSIBLE_SSH_RETRIES | |
description: Number of attempts to connect. | |
default: 3 | |
type: integer | |
env: | |
- name: ANSIBLE_SSH_RETRIES | |
ini: | |
- section: connection | |
key: retries | |
- section: ssh_connection | |
key: retries | |
vars: | |
- name: ansible_ssh_retries | |
version_added: '2.7' | |
port: | |
description: Remote port to connect to. | |
type: int | |
default: 22 | |
ini: | |
- section: defaults | |
key: remote_port | |
env: | |
- name: ANSIBLE_REMOTE_PORT | |
vars: | |
- name: ansible_port | |
- name: ansible_ssh_port | |
remote_user: | |
description: | |
- User name with which to login to the remote server, normally set by the remote_user keyword. | |
- If no user is supplied, Ansible will let the ssh client binary choose the user as it normally | |
ini: | |
- section: defaults | |
key: remote_user | |
env: | |
- name: ANSIBLE_REMOTE_USER | |
vars: | |
- name: ansible_user | |
- name: ansible_ssh_user | |
pipelining: | |
default: ANSIBLE_PIPELINING | |
description: | |
- Pipelining reduces the number of SSH operations required to execute a module on the remote server, | |
by executing many Ansible modules without actual file transfer. | |
- This can result in a very significant performance improvement when enabled. | |
- However this conflicts with privilege escalation (become). | |
For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts, | |
which is why this feature is disabled by default. | |
env: | |
- name: ANSIBLE_PIPELINING | |
#- name: ANSIBLE_SSH_PIPELINING | |
ini: | |
- section: defaults | |
key: pipelining | |
#- section: ssh_connection | |
# key: pipelining | |
type: boolean | |
vars: | |
- name: ansible_pipelining | |
- name: ansible_ssh_pipelining | |
private_key_file: | |
description: | |
- Path to private key file to use for authentication | |
ini: | |
- section: defaults | |
key: private_key_file | |
env: | |
- name: ANSIBLE_PRIVATE_KEY_FILE | |
vars: | |
- name: ansible_private_key_file | |
- name: ansible_ssh_private_key_file | |
control_path: | |
description: | |
- This is the location to save ssh's ControlPath sockets, it uses ssh's variable substitution. | |
- Since 2.3, if null, ansible will generate a unique hash. Use `%(directory)s` to indicate where to use the control dir path setting. | |
env: | |
- name: ANSIBLE_SSH_CONTROL_PATH | |
ini: | |
- key: control_path | |
section: ssh_connection | |
vars: | |
- name: ansible_control_path | |
version_added: '2.7' | |
control_path_dir: | |
default: ~/.ansible/cp | |
description: | |
- This sets the directory to use for ssh control path if the control path setting is null. | |
- Also, provides the `%(directory)s` variable for the control path setting. | |
env: | |
- name: ANSIBLE_SSH_CONTROL_PATH_DIR | |
ini: | |
- section: ssh_connection | |
key: control_path_dir | |
vars: | |
- name: ansible_control_path_dir | |
version_added: '2.7' | |
sftp_batch_mode: | |
default: 'yes' | |
description: 'TODO: write it' | |
env: [{name: ANSIBLE_SFTP_BATCH_MODE}] | |
ini: | |
- {key: sftp_batch_mode, section: ssh_connection} | |
type: bool | |
vars: | |
- name: ansible_sftp_batch_mode | |
version_added: '2.7' | |
scp_if_ssh: | |
default: smart | |
description: | |
- "Prefered method to use when transfering files over ssh" | |
- When set to smart, Ansible will try them until one succeeds or they all fail | |
- If set to True, it will force 'scp', if False it will use 'sftp' | |
env: [{name: ANSIBLE_SCP_IF_SSH}] | |
ini: | |
- {key: scp_if_ssh, section: ssh_connection} | |
vars: | |
- name: ansible_scp_if_ssh | |
version_added: '2.7' | |
use_tty: | |
version_added: '2.5' | |
default: 'yes' | |
description: add -tt to ssh commands to force tty allocation | |
env: [{name: ANSIBLE_SSH_USETTY}] | |
ini: | |
- {key: usetty, section: ssh_connection} | |
type: bool | |
vars: | |
- name: ansible_ssh_use_tty | |
version_added: '2.7' | |
''' | |
class Connection(SSHConnection): | |
''' ssh based connections for powershell via packer''' | |
transport = 'packer' | |
has_pipelining = True | |
become_methods = [] | |
allow_executable = False | |
module_implementation_preferences = ('.ps1', '') | |
def __init__(self, *args, **kwargs): | |
super(Connection, self).__init__(*args, **kwargs) |
Please ignore the above
I discovered the core of the issue
Hi Strijd,
Please can you help me with the scripts you have used....I am using Windows 2016 AMI , Packer 1.3.3 , Ansible 2.7 .
Hi svcvarma,
Versions:
Ansible: 2.7.6
Packer: 1.3.4
{
"variables": {
"ansible_cfg_path": "../provisioners/ansible",
"ENVIRONMENT": "",
"dotnet_version": "4.5"
},
"builders":[
{
"type":"amazon-ebs",
"profile":"default",
"region":"eu-west-1",
"source_ami":"ami-046ad87f7b7598d2e",
"instance_type":"t2.micro",
"ami_name":"BLUEPRISM-{{ user `ENVIRONMENT` }}-{{timestamp}}",
"user_data_file": "{{template_dir}}/../bootstrap/aws/userdata/bootstrap-aws.txt",
"communicator": "winrm",
"winrm_timeout": "20m",
"winrm_port": 5985,
"winrm_username": "Administrator",
"ami_block_device_mappings": [
{
"volume_type": "gp2",
"device_name": "sdh",
"volume_size": "50"
}
],
"tags":{
"Name": "BLUEPRISM-{{ user `ENVIRONMENT` }}-{{timestamp}}"
}
}
],
"provisioners": [
{
"type": "powershell",
"scripts": [
"{{template_dir}}/../provisioners/powershell/disable-uac.ps1",
"{{template_dir}}/../provisioners/powershell/install-chocolatey.ps1",
"{{template_dir}}/../provisioners/powershell/ConfigureRemotingForAnsible.ps1"
]
},
{
"type": "powershell",
"inline": [
"choco install -y dotnet{{user `dotnet_version`}}",
"Add-WindowsFeature telnet-client -Verbose",
"Add-WindowsFeature SNMP-Service -Verbose"
]
},
{
"type": "powershell",
"scripts": [
"{{template_dir}}/../provisioners/powershell/sysprep-ec2config.ps1",
"{{template_dir}}/../provisioners/powershell/Upgrade-PowerShell.ps1",
"{{template_dir}}/../provisioners/powershell/sysprep-bundleconfig.ps1"
]
},
{
"type": "ansible",
"playbook_file": "{{template_dir}}/../provisioners/ansible/blueprism-server.yml",
"ansible_env_vars": [
"ANSIBLE_HOST_KEY_CHECKING=False",
"ANSIBLE_SSH_ARGS='-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s'",
"ANSIBLE_NOCOLOR=True",
"ANSIBLE_CONFIG={{ user `ansible_cfg_path` }}",
"WINRM_PASSWORD={{.WinRMPassword}}"
],
"extra_arguments": [
"--extra-vars=ansible_user={{ user `winrm_user`}} ansible_password={{ user `winrm_password` }}, ansible_shell_type=powershell ansible_shell_executable=None ENV={{ user `ENVIRONMENT` }}",
"--connection=packer"
]
}
]
}
The folder structure looks as follow:
.
├── bootstrap
│ └── aws
│ └── userdata
│ └── bootstrap-aws.txt
├── provisioners
│ ├── ansible
│ │ ├── ansible.cfg
│ │ ├── blueprism-server.yml
│ │ ├── connection_plugins
│ │ │ └── packer.py
│ │ └── roles
│ │ └── win-blueprism
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── bp-deploy.yml
│ │ │ ├── bp-localdb-config.yml
│ │ │ ├── localdb.yml
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ └── CreateScript.sql
│ │ ├── tests
│ │ │ ├── inventory
│ │ │ └── test.yml
│ │ └── vars
│ │ └── main.yml
│ └── powershell
│ ├── ConfigureRemotingForAnsible.ps1
│ ├── Install-WMF3Hotfix.ps1
│ ├── Upgrade-PowerShell.ps1
│ ├── defrag-c.ps1
│ ├── disable-uac.ps1
│ ├── install-chocolatey.ps1
│ ├── sysprep-bundleconfig.ps1
│ └── sysprep-ec2config.ps1
└── templates
├── aws-blueprism-server.json
├── aws-blueprism-server.json.old
└── azure-blueprism-server.json
I hope this helps.
I had some issues with using win_updates and win_reboot modules. I added these method overrides to get past those. I have been using this for a while and have not experienced any issues but not have been tested well. https://gist.github.com/finarfin/d1547152bc13c84a6eeecb55bd406368/revisions#diff-31df03e59b6b6b41ea747670e2118cb9R276
I updated the my fork of the connection plugin for async support.
Hi @ ichwill100 , All,
I am a bit confused with the ansible.cfg file. how should I configure it?
Here is my directory structure
Ansible\playbook.yml
connections_plugins\packer.py
packer\windows2016.json
scripts\ powershell1.ps1 , powershell2.ps1
This is how I used ansible provisioner.
{
"type": "ansible",
"playbook_file": "../ansible/playbook.yml",
"extra_arguments": [
"--connection", "packer", "-vvv",
"--extra-vars", "winrm_password={{ .WinRMPassword }},ansible_shell_type=powershell ansible_shell_executable=None"
]
}
]
}
Issue:
- I was able to get winrm connection established.
- Powershell scripts from provisioner are running
- Ansbile playbook is failing.
Do I need to configure " ansible.cfg"file? Please help me with the issue.
Hi Strijd
Can you please let me know how this error if fixed ?
amazon-ebs: KeyError: 'runas'
amazon-ebs: fatal: [pmc-1]: FAILED! => {
amazon-ebs: "msg": "Unexpected failure during module execution.",
amazon-ebs: "stdout": ""
I am using ansible 2.7.12
update
Now it just hangs