Explain provisioner ansible please

Pr71Dph · December 15, 2023, 2:10pm

I’m completely at a loss here …

I come from an organisation where we deployed VM’s with pxe boot, kickstarts (or similar) and Satellite or Foreman Katello for repo’s and lifecycle management. I used Ansible for templating kickstarts pre-deployment, creating and booting the VM and for post-deployment and configuration management.

I am in a new organisation where we cannot use pxe boot. I thought I could use Packer to build images, and I have got that working fine. I figured my workflow would be to start an Ansible playbook that generates my kickstarsts, let Packer create the VM and build it, then continue with Ansible to finish the configuration.

I got happy when I read about the Ansible provisioner … but I can’t find the right information on how that is supposed to work? I read Packer starts an SSH server for the guest VM to connect to? I tried the simple example given on the Packer Ansible provisioner docs, but that doesn’t work (httpd is not installed but the deploy finishes without a hitch). It also won’t use other users, uses its own private key …

I am beginning to think that my mindset is wrong and I should be using Packer in a different way.

Can someone explain what workflow should best be used? I think Ansible is perfect for generating kickstarts, heck I could even template HCL and generate Packer templates and spawn 10 packer processes to deploy 10 VM’s at a time. I think Packer can already do that though, but Im lost at how I get 10 kickstarts and how I can finish configuration management.

PS. Our guests are unable to connect back to the Packer host (ie, ansible controller).

Thanks!

hashicorpbro · January 25, 2024, 9:32am

For me:
Packer runs and connects to vSphere.
Creates a VM, powers it on.
Load in a CD with a KS file.
(In the ks I add in ansible-provsioning-user and the encrypted password and wheel group. Then in %post set the password not to expire).
OS is installed.
Packer then connects to the newly created VM via SSH.
Packer then uses a build block to call the ansible provisioner and runs playbook.

HCL looks like this:

source "vsphere-iso" "linux-redhat" {
    ...
}

build {
    sources  =  ["source.vsphere-iso.linux-redhat"]

    provisioner "ansible" {
        user = "ansible-provsioning-user"
        playbook_file = "${path.cwd}/../ansible/playbook.yml"
        ansible_env_vars = [
          "ANSIBLE_CONFIG="${path.cwd}/../ansible/ansible.cfg" 
        ]
        extra_arguments =  [
          "--extra-vars", "ansible_sudo_pass=xyz" 
          "--extra-vars", "ansible_ssh_private_key_file=xyz" 
         #" -vvvv" # Debug: Verbose Mode ;).
        ]
    }
}

Hope that helps!?

steven · April 5, 2024, 2:16pm

That appears a more traditional way to run ansible? The documentation implies that packer creates an ssh server on the controller though, is that how I read it?