Last active
February 28, 2021 16:36
-
-
Save koziolku/114cb5a66e754dd08d0c8971b7def24b to your computer and use it in GitHub Desktop.
Dive into Ansible - Vagrantfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vagrant.configure("2") do |config| | |
# Default Vagrant box - Ubuntu 20.04 from roboxes.org | |
config.vm.box = "generic/ubuntu2004" | |
# Suitable hostname - if you see it in your prompt, then you're in containers' host VM | |
config.vm.hostname = "diveinto" | |
# Some VirtualBox configuration. | |
config.vm.provider "virtualbox" do |v| | |
# GUI - no need to change it until you want GUI to be shown on startup. | |
# You may want to access GUI in order to log into Docker host's console. | |
# Credentials: vagrant/vagrant. | |
v.gui = false | |
# Use network interface which is assumed to be faster (as per Vagrant/VB documentation). | |
v.default_nic_type = "virtio" | |
# Lower if you cannot allocate memory; raise if you cannot run containers. | |
v.memory = 4096 | |
# Change virtual CPU amount. | |
v.cpus = 4 | |
# Disabled audio, as there may be some issues if it's enabled. | |
v.customize ["modifyvm", :id, "--audio", "none"] | |
end | |
# Comment below line if you wish to access Docker host using the 'vagrant ssh' command. | |
# You can still use VirtualBox GUI and credentials of vagrant/vagrant. | |
config.ssh.extra_args = ["-t", "ssh -o StrictHostKeyChecking=no -i /home/vagrant/.ssh/id_rsa -p 2221 -l ansible localhost"] | |
# Below are all the provisionioning steps. You can comment/uncomment any section if necessary. | |
# If you'd want revert the lab to its initial state, you can use the 'vagrant provision' command. | |
config.vm.provision "shell", | |
inline: "echo 'Removing SSH keypairs that may remain after previous provisioning...' && \ | |
find /home/vagrant/.ssh -maxdepth 1 -iname 'known_hosts' -type f -exec rm -rf {} + && \ | |
find /home/vagrant/.ssh -maxdepth 1 -iname 'id_*' -type f -exec rm -rf {} +" | |
config.vm.provision "shell", | |
inline: "echo 'Installing needed software...' && \ | |
sudo apt-get install \ | |
wget \ | |
curl \ | |
git \ | |
sshpass \ | |
-qq" | |
config.vm.provision "shell", | |
inline: "echo 'Installing Docker...' && \ | |
sudo apt-key adv --fetch-keys https://download.docker.com/linux/ubuntu/gpg && \ | |
sudo add-apt-repository -y \ | |
\"deb [arch=amd64] https://download.docker.com/linux/ubuntu \ | |
$(lsb_release -cs) \ | |
stable\" && \ | |
sudo apt-get install docker-ce -qq" | |
config.vm.provision "shell", | |
inline: "echo 'Installing docker-compose...' && \ | |
sudo apt-get install python3-pip -qq && \ | |
sudo pip3 install --upgrade --quiet docker-compose" | |
config.vm.provision "shell", | |
inline: "echo 'Configuring firewall and necessary Docker privileges...' && \ | |
sudo systemctl disable --now ufw && \ | |
sudo usermod -aG docker vagrant" | |
config.vm.provision "shell", | |
inline: "echo 'Cloning lab git repository...' && \ | |
find /home/vagrant -maxdepth 1 -iname 'diveintoansible-lab' -type d -exec rm -rf {} + && \ | |
git clone -q https://github.com/spurin/diveintoansible-lab.git" | |
config.vm.provision "shell", | |
inline: "echo 'Changing .env variables and owning some resources...' && \ | |
sed -i 's%/Users/james/%/home/vagrant/%g' ~vagrant/diveintoansible-lab/.env && \ | |
sudo chown vagrant:vagrant -R ~vagrant/diveintoansible-lab" | |
config.vm.provision "shell", | |
inline: "echo 'Starting working on containters...' && \ | |
cd /home/vagrant/diveintoansible-lab/ && \ | |
echo 'Starting containers for the first time...' && \ | |
docker-compose up -d --quiet-pull && \ | |
echo 'Removing containers in case of previous provisioning possible failure...' && \ | |
docker-compose rm -s -f -v" | |
config.vm.provision "shell", | |
inline: "echo 'Preparing key pair for connecting with ubuntu-c container...' && \ | |
cd /home/vagrant/diveintoansible-lab/ && \ | |
ssh-keygen -f /home/vagrant/.ssh/id_rsa -t rsa -b 2048 -N '' -q && \ | |
sudo chown vagrant:vagrant /home/vagrant/.ssh/id_* && \ | |
echo 'Starting containers for actual provisioning...' && \ | |
docker-compose up -d --quiet-pull && \ | |
sleep 5s && \ | |
echo 'Copying public key to ubuntu-c container...' && \ | |
sshpass -p password \ | |
ssh-copy-id \ | |
-i /home/vagrant/.ssh/id_rsa \ | |
-o StrictHostKeyChecking=no \ | |
-p 2221 \ | |
ansible@localhost && \ | |
echo 'Creating SSH keypair on ubuntu-c...' && \ | |
ssh \ | |
-i /home/vagrant/.ssh/id_rsa \ | |
-o StrictHostKeyChecking=no \ | |
-p 2221 \ | |
-l ansible \ | |
localhost \ | |
\"ssh-keygen \ | |
-f /home/ansible/.ssh/id_rsa \ | |
-t rsa \ | |
-b 2048 \ | |
-N '' -q\" && \ | |
echo 'Copying SSH public key from ubuntu-c around the rest of lab hosts...' && \ | |
for p in {2..7}; \ | |
do \ | |
sshpass -p password \ | |
ssh \ | |
-o StrictHostKeyChecking=no \ | |
-p 222${p} \ | |
-l ansible \ | |
localhost \ | |
\"mkdir ~/.ssh && \ | |
chmod 700 ~/.ssh && \ | |
touch ~/.ssh/authorized_keys && \ | |
chmod 600 ~/.ssh/authorized_keys && \ | |
echo $(ssh \ | |
-i /home/vagrant/.ssh/id_rsa \ | |
-p 2221 \ | |
-l ansible \ | |
localhost \ | |
cat ~ansible/.ssh/id_rsa.pub \ | |
) >~ansible/.ssh/authorized_keys\"; \ | |
done && \ | |
echo 'Repairing access mode for /shared folder in containers...' && \ | |
for c in \ | |
ubuntu-c \ | |
centos1 \ | |
centos2 \ | |
centos3 \ | |
ubuntu1 \ | |
ubuntu2 \ | |
ubuntu3 \ | |
; \ | |
do \ | |
docker exec --privileged ${c} chown ansible /shared; \ | |
done && \ | |
echo 'Cloning course git repository on ubuntu-c...' && \ | |
ssh \ | |
-i /home/vagrant/.ssh/id_rsa \ | |
-p 2221 \ | |
-l ansible \ | |
localhost \ | |
'git clone -q https://github.com/spurin/diveintoansible.git'" | |
# You may leave below step uncommented if you do want to mitigate initial SSH host connection warning. | |
# config.vm.provision "shell", | |
# inline: "echo 'Polishing SSH connection between ubuntu-c and rest of hosts...' && \ | |
# ssh \ | |
# -i /home/vagrant/.ssh/id_rsa \ | |
# -p 2221 \ | |
# -l ansible \ | |
# localhost \ | |
# 'for h in \ | |
# centos1 \ | |
# centos2 \ | |
# centos3 \ | |
# ubuntu1 \ | |
# ubuntu2 \ | |
# ubuntu3 \ | |
# ; \ | |
# do \ | |
# ssh -o StrictHostKeyChecking=no ${h} \"echo Successfuly connected to lab host ${h}.\"; \ | |
# done'" | |
# Below step runs on every VM spin to ensure that containers are actually running. | |
config.vm.provision "shell", | |
run: "always", | |
inline: "echo 'Ensuring that containers are started...' && \ | |
cd /home/vagrant/diveintoansible-lab/ && \ | |
docker-compose up -d --quiet-pull" | |
# Enabling port forwarding for accessing portal and lab containers directly. | |
config.vm.network "forwarded_port", guest: 22, host: 2200, id: 'ssh' | |
config.vm.network "forwarded_port", guest: 1000, host: 1000, id: 'portal' | |
config.vm.network "forwarded_port", guest: 2221, host: 2221, id: 'ubuntuc_ssh' | |
config.vm.network "forwarded_port", guest: 2222, host: 2222, id: 'ubuntu1_ssh' | |
config.vm.network "forwarded_port", guest: 2223, host: 2223, id: 'ubuntu2_ssh' | |
config.vm.network "forwarded_port", guest: 2224, host: 2224, id: 'ubuntu3_ssh' | |
config.vm.network "forwarded_port", guest: 2225, host: 2225, id: 'centos1_ssh' | |
config.vm.network "forwarded_port", guest: 2226, host: 2226, id: 'centos2_ssh' | |
config.vm.network "forwarded_port", guest: 2227, host: 2227, id: 'centos3_ssh' | |
config.vm.network "forwarded_port", guest: 7681, host: 7681, id: 'ubuntuc_tty' | |
config.vm.network "forwarded_port", guest: 7682, host: 7682, id: 'ubuntu1_tty' | |
config.vm.network "forwarded_port", guest: 7683, host: 7683, id: 'ubuntu2_tty' | |
config.vm.network "forwarded_port", guest: 7684, host: 7684, id: 'ubuntu3_tty' | |
config.vm.network "forwarded_port", guest: 7685, host: 7685, id: 'centos1_tty' | |
config.vm.network "forwarded_port", guest: 7686, host: 7686, id: 'centos2_tty' | |
config.vm.network "forwarded_port", guest: 7687, host: 7687, id: 'centos3_tty' | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is fantastic! Thanks @koziolku