Verified Commit eddbacdb authored by Renato Alves's avatar Renato Alves 🌱
Browse files

Avoid connecting with ansible before VM is ready by using a dummy remote-exec step

parent a836528a
......@@ -17,9 +17,19 @@ Application Credentials are tokens that can be used as an alternative to logging
On EMBL's de.NBI OpenStack cloud visit the [Application Credentials](https://denbi.cloud.embl.de/dashboard/identity/application_credentials/) interface and create a new application credential providing only a name.
You will then be presented with an `ID` and a `Secret` which you should use to configure terraform.
Variables can be passed to terraform directly in the command-line or through environment variables.
Variables can be passed to terraform directly in the command-line or through environment variables.
For convenience we'll be using environment variables.
### SSH Authentication
As a final step in the process of creating a VM, terraform will connect to it via SSH and, once successful, will start ansible, that will also connect via SSH.
For this process to work, you should have an `ssh-agent` running and `ssh-add` the private key that matches the public key specified in then `SSH_KEY` variable (see below for details).
Both terraform and ansible will automatically use the ssh-agent to authenticate.
If this process doesn't work for you, make sure your `ssh-agent` doesn't have too many identities loaded.
Consider retrying after deleting all identities (`ssh-add -D`) and `ssh-add` the specific private key.
### Required variables
In addition to application credentials, the following variables need to be defined for terraform.
......
......@@ -118,6 +118,19 @@ resource "openstack_compute_floatingip_associate_v2" "floating_ip_1" {
floating_ip = var.FLOATING_IP
instance_id = "${openstack_compute_instance_v2.instance_1.id}"
# This dummy remote-exec will ensure that by the time we run ansible in the next
# local-exec provisioner, the machine is already up and responsive
provisioner "remote-exec" {
inline = ["uname -a"]
connection {
host = self.floating_ip
type = "ssh"
user = "${var.IMAGE_ID.username}"
agent = true
}
}
provisioner "local-exec" {
command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --verbose -u '${var.IMAGE_ID.username}' -i '${self.floating_ip},' 'ansible/instance.yaml'"
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment