Vagrant: provision vms and containers with Ansible


0.00 avg. rating (0% score) - 0 votes

In the last post, I talked about how to manage Docker and VirtualBox with Vagrant. This post follows the last one, with the integration of Ansible as a provisioner. Once again, I’m using it for the Smash project.

With Ansible, I made several “group_vars” files containing custom and common information related to the used environment (dev, uat, staging…). This helps to setup different kind of environment easily. Vagrant will help to build images with Ansible deployed inside. Also it will construct on the fly a list of inventory hosts that will be used by Ansible. Let’s see what you can get and how!

First, we’re taking back the Vagrantfile (like the previous post), but you’ll notice some differences due to Ansible:

This part include the environment I want to deploy, the provider to use and the Vagrant image box I need to use to launch my VM.

The provider part is simple for VirtualBox as nothing has to be done with most of boxes you can find on Atlas (ex Vagrant Cloud). However, for the Docker provider, you have to be sure that an SSH server is present, started and a Vagrant key is present for the root user (as no Vagrant user exist by default). The Vagrant part should looks like this:

For the Docker part, I’m using a Dockerfile which looks like this to start SSH server (required for Ansible):

Regarding the definition of the VM, you need to forward your SSH agent to make it work with Ansible:

As we’re talking about forwarding agent, I had an issue with sudo usage. My goal was to clone a private repository on GitHub. But the agent wasn’t forwarded when I was using sudo command. That’s why, I got an Ansible playbook rule for it configuring the sudoers file:

This line export the environment var “SSH_AUTH_SOCK” with sudo. That means, my personal SSH key is forwarded to the VM with Vagrant (with vagrant user) and then is used with root user with the help of sudo. And that’s not finished! We have to play with the Ansible provisioner as well to force the key forwarding:

I’m using sudo for the VirtualBox part and require a vagrant user for Docker. I also don’t want to check the host key. The following things related to Ansible should remind you something if you’re familiar with it. Regarding the Ansible groups, here is how to help Vagrant to build on the fly the inventory. You have to define your groups and define which server belongs to which group in your default YAML file. Extra vars are used to force Vagrant user to be used and the ForwardAgent to be used (still to clone private repository requiring your private key).

We also need to activate sudo (even with root user) in the Ansible playbook configuration (site.yml):

The complete Vagrantfile looks like this:

I hope you’ll win a lot of time, because I’ll loose too much IMO :-p

Author: Deimos

I'm a passionate DevOps. I love transmit my skills and I love working on high availability infrastructures/technologies.

Laisser une réponse