github.com/rahart/packer@v0.12.2-0.20161229105310-282bb6ad370f/website/source/docs/provisioners/ansible.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Ansible Provisioner" 4 description: |- 5 The `ansible` Packer provisioner allows Ansible playbooks to be run to provision the machine. 6 --- 7 8 # Ansible Provisioner 9 10 Type: `ansible` 11 12 The `ansible` Packer provisioner runs Ansible playbooks. It dynamically creates 13 an Ansible inventory file configured to use SSH, runs an SSH server, executes 14 `ansible-playbook`, and marshals Ansible plays through the SSH server to the 15 machine being provisioned by Packer. 16 17 ## Basic Example 18 19 This is a fully functional template that will provision an image on 20 DigitalOcean. Replace the mock `api_token` value with your own. 21 22 ```json 23 { 24 "provisioners": [ 25 { 26 "type": "ansible", 27 "playbook_file": "./playbook.yml" 28 } 29 ], 30 31 "builders": [ 32 { 33 "type": "digitalocean", 34 "api_token": "6a561151587389c7cf8faa2d83e94150a4202da0e2bad34dd2bf236018ffaeeb", 35 "image": "ubuntu-14-04-x64", 36 "region": "sfo1" 37 } 38 ] 39 } 40 ``` 41 42 ## Configuration Reference 43 44 Required Parameters: 45 46 - `playbook_file` - The playbook to be run by Ansible. 47 48 Optional Parameters: 49 50 - `command` (string) - The command to invoke ansible. 51 Defaults to `ansible-playbook`. 52 53 - `groups` (array of strings) - The groups into which the Ansible host 54 should be placed. When unspecified, the host is not associated with any 55 groups. 56 57 - `empty_groups` (array of strings) - The groups which should be present in 58 inventory file but remain empty. 59 60 - `host_alias` (string) - The alias by which the Ansible host should be known. 61 Defaults to `default`. 62 63 - `ssh_host_key_file` (string) - The SSH key that will be used to run the SSH 64 server on the host machine to forward commands to the target machine. Ansible 65 connects to this server and will validate the identity of the server using 66 the system known_hosts. The default behavior is to generate and use a 67 onetime key. Host key checking is disabled via the 68 `ANSIBLE_HOST_KEY_CHECKING` environment variable if the key is generated. 69 70 - `ssh_authorized_key_file` (string) - The SSH public key of the Ansible 71 `ssh_user`. The default behavior is to generate and use a onetime key. If 72 this key is generated, the corresponding private key is passed to 73 `ansible-playbook` with the `--private-key` option. 74 75 - `local_port` (string) - The port on which to attempt to listen for SSH 76 connections. This value is a starting point. The provisioner will attempt 77 listen for SSH connections on the first available of ten ports, starting at 78 `local_port`. A system-chosen port is used when `local_port` is missing or 79 empty. 80 81 - `sftp_command` (string) - The command to run on the machine being provisioned 82 by Packer to handle the SFTP protocol that Ansible will use to transfer 83 files. The command should read and write on stdin and stdout, respectively. 84 Defaults to `/usr/lib/sftp-server -e`. 85 86 - `use_sftp` (boolean) - Whether to use SFTP. When false, 87 `ANSIBLE_SCP_IF_SSH=True` will be automatically added to `ansible_env_vars`. 88 Defaults to false. 89 90 - `extra_arguments` (array of strings) - Extra arguments to pass to Ansible. 91 Usage example: 92 93 ``` 94 "extra_arguments": [ "--extra-vars", "Region={{user `Region`}} Stage={{user `Stage`}}" ] 95 ``` 96 97 - `ansible_env_vars` (array of strings) - Environment variables to set before 98 running Ansible. 99 Usage example: 100 101 ``` 102 "ansible_env_vars": [ "ANSIBLE_HOST_KEY_CHECKING=False", "ANSIBLE_SSH_ARGS='-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s'", "ANSIBLE_NOCOLOR=True" ] 103 ``` 104 105 - `user` (string) - The `ansible_user` to use. Defaults to the user running 106 packer. 107 108 ## Limitations 109 110 ### Redhat / CentOS 111 112 Redhat / CentOS builds have been known to fail with the following error due to `sftp_command`, which should be set to `/usr/libexec/openssh/sftp-server -e`: 113 114 ``` 115 ==> virtualbox-ovf: starting sftp subsystem 116 virtualbox-ovf: fatal: [default]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh", "unreachable": true} 117 ``` 118 119 ### winrm communicator 120 121 Windows builds require a custom Ansible communicator and a particular configuration. Assuming a directory named `connection_plugins` is next to the playbook and contains a file named `packer.py` whose contents is 122 123 ``` 124 from __future__ import (absolute_import, division, print_function) 125 __metaclass__ = type 126 127 from ansible.plugins.connection.ssh import Connection as SSHConnection 128 129 class Connection(SSHConnection): 130 ''' ssh based connections for powershell via packer''' 131 132 transport = 'packer' 133 has_pipelining = True 134 become_methods = [] 135 allow_executable = False 136 module_implementation_preferences = ('.ps1', '') 137 138 def __init__(self, *args, **kwargs): 139 super(Connection, self).__init__(*args, **kwargs) 140 ``` 141 142 This template should build a Windows Server 2012 image on Google Cloud Platform: 143 144 ``` 145 { 146 "variables": {}, 147 "provisioners": [ 148 { 149 "type": "ansible", 150 "playbook_file": "./win-playbook.yml", 151 "extra_arguments": [ 152 "--connection", "packer", 153 "--extra-vars", "ansible_shell_type=powershell ansible_shell_executable=None" 154 ] 155 } 156 ], 157 "builders": [ 158 { 159 "type": "googlecompute", 160 "account_file": "{{user `account_file`}}", 161 "project_id": "{{user `project_id`}}", 162 "source_image": "windows-server-2012-r2-dc-v20160916", 163 "communicator": "winrm", 164 "zone": "us-central1-a", 165 "disk_size": 50, 166 "winrm_username": "packer", 167 "winrm_use_ssl": true, 168 "winrm_insecure": true, 169 "metadata": { 170 "sysprep-specialize-script-cmd": "winrm set winrm/config/service/auth @{Basic=\"true\"}" 171 } 172 } 173 ] 174 }