Packer: Ansible, WinRM, shell-local and IP address
Packer 1.3.1, Ansible 2.6.4. Appropriate packer.py connection code for Ansible version. Tried both on Amazon Linux 1 and macOS 10.13.6.
Not sure if this is a feature request or merely me misunderstanding. :)
I tried to get an win_package installation working for MS SQL SSAS with become_user: System and become_method: runas which ultimately failed with The error was: KeyError: u'runas'. Talking with @jborean93 he mentioned there is a flaw with the way Packer handles the Ansible/WinRM connection. Based on his suggestion I switched to using a shell-local provider.
My latest attempt is this command:
"ansible-playbook -vv --connection=winrm --extra-vars='ansible_shell_type=powershell ansible_shell_executable=None packer_build_name={{ user `build_name` }} ansible_user={{ user `winrm_username` }} ansible_password={{ .WinRMPassword }} ansible_host={{ `echo $PACKER_HTTP_ADDR` }} ansible_port={{ user `winrm_port` }}' -i 127.0.0.1,default provisioners/ansible/ssas-core-windows-2016.yaml"
This fails with:
amazon-ebs: fatal: [default]: UNREACHABLE! => {"changed": false, "msg": "ssl: HTTPSConnectionPool(host='echo', port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x1099616d0>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known',))", "unreachable": true}
Unfortunately it doesn't seem like the IP address that amazon-ebs automatically picks up is fully exposed in shell-local. I thought #6452 would have addressed this and maybe I have not correctly used the functionality above. Given the output above, the environment variable seems to an empty string. So did I simply miss something or is this not exposed?
ashemedai
All 8 comments
ansible_host={{
echo $PACKER_HTTP_ADDR}}
Is incorrect, PACKER_HTTP_ADDR exposes the host http server configured with http_directory which amazon-ebs doesn't have.
-i 127.0.0.1,default
This assumes that your target is either localhost or default which is neither correct.
rickard-von-essen
on 20 Sep 2018
There is a solution for doing this documented in this thread on the mailing list: https://groups.google.com/d/msg/packer-tool/AXZSY6UoBNo/x2rFMlg5BgAJ
rickard-von-essen
on 20 Sep 2018
@ashemedai sorry that's my bad for suggesting that one I should have read it closer.
@rickard-von-essen are you open to exposing the host's IP/DNS name to the shell-local like was recently done with {{ .WinRMPassword }}. It seems like that is the last link to allow people to use Ansible natively without a lot of complexity.
Otherwise are you still against having a flag added to the ansible provisioner that controls whether the traffic is routed to Packer and it handles the connection or have Ansible handle all the traffic and connection in the provisioning side?
jborean93
on 20 Sep 2018
@jborean93 see https://github.com/hashicorp/packer/issues/6746#issuecomment-423281253
rickard-von-essen
on 20 Sep 2018
Thanks @rickard-von-essen, I've subscribed to that issue to see what comes out of it.
jborean93
on 20 Sep 2018
No problem, @jborean93. It is always hard to properly explain the situation with all factors while trying to be concise on IRC. Like I mentioned, I already appreciated your help.
@rickard-von-essen Your pointer helped. For some reason I focused too hard on the local aspect of shell-local and thought it did some special redirection. Once I realised that it simply meant delegating the runner aspect to the local system, stuff clicked together. This is what I came up with to make my case working:
{
"type": "powershell",
"inline": "(Invoke-WebRequest -UseBasicParsing http://169.254.169.254/latest/meta-data/public-ipv4).Content | Out-File -Append -Encoding utf8 C:/Windows/Temp/ip-address"
},
{
"type": "file",
"direction": "download",
"source": "C:/Windows/Temp/ip-address",
"destination": "./ansible/hosts"
},
{
"type": "shell-local",
"inline": [
"IP=`cut -b 4- ansible/hosts`",
"echo \"[default]\\n${IP}\" > ansible/hosts"
]
},
{
"type": "shell-local",
"command": "ansible-playbook -vv -i ./ansible/hosts --connection=winrm --extra-vars='ansible_shell_type=powershell ansible_shell_executable=None packer_build_name={{ user `build_name` }} ansible_user={{ user `winrm_username` }} ansible_password={{ .WinRMPassword }} ansible_port={{ user `winrm_port` }} ansible_winrm_server_cert_validation=ignore' provisioners/ansible/ssas-core-windows-2016.yaml"
}
Closing this issue. I have solved my current problem and while it would be nice if this was available from Packer's provisioner more easily, you can work around it as needed. Hopefully my solution above will help people out.
ashemedai
on 21 Sep 2018
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 30 Mar 2020
Related issues
mwhooker
ยท
3Comments
Nikoos
ยท
3Comments
paulcdejean
ยท
3Comments
PartyImp
ยท
3Comments
Tensho
ยท
3Comments
Most helpful comment
No problem, @jborean93. It is always hard to properly explain the situation with all factors while trying to be concise on IRC. Like I mentioned, I already appreciated your help.
@rickard-von-essen Your pointer helped. For some reason I focused too hard on the local aspect of shell-local and thought it did some special redirection. Once I realised that it simply meant delegating the runner aspect to the local system, stuff clicked together. This is what I came up with to make my case working: