Having spent time on and off today looking at this and comparing the output
of the ansible log as well as the console I think the ssh method described
is correct. The issue appears to be that the key required is not being
installed. The ansible script in question uses override JSON file to allow
per user override of the keys to be installed with the user. It appears
that running ansible via vagrant results in the -e option not being passed
through.
In my VagrantFile I now have
ansible.raw_arguments = ["-e '@overridden_variables.json'"]
On the console output when vagrant provision is called I see
PYTHONUNBUFFERED=1 ANSIBLE_FORCE_COLOR=true ANSIBLE_HOST_KEY_CHECKING=false
ANSIBLE_SSH_ARGS='-o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o
ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s' ansible-playbook
--connection=ssh --timeout=30 --limit="demo_server" --inventory-file=/home/
ismith/work/vagrant/demo/.vagrant/provisioners/ansible/inventory -v -e
'@overridden_variables.json' add_deployment_user.yml
But if I look at the output in the ansible.log file I don't see the keys
defined in the override_variables.json file present - implying that the
parameter has been ignored.
On Monday, October 10, 2016 at 2:25:03 PM UTC+1, Ian Smith wrote:
>
> Hi Gilles,
>
> I *think* I see where you are going with this but it ends up with the
> following error message " UNREACHABLE! => {"changed": false, "msg": "Failed
> to connect to the host via ssh.", "unreachable": true}"
>
> Running ansible directly the following commands work
>
> ansible-playbook -v -e "@overridden_variables.json" -i inventories/demo.hosts
> -u ubuntu --ask-become-pass add_deployment_user.yml
>
>
> ansible-playbook -v -e "@overridden_variables.json" -i inventories/demo.hosts
> -u ansible_user demo.yml
>
> Therefore if I assume that the vagrant user is the same as my initial
> ubuntu user and that the first playbook creates the user "ansible_user"
> then I believe that the following should work in the same way on vagrant
> 1.8.5
>
> Vagrant.require_version ">= 1.7.0"
>
>
> Vagrant.configure(2) do |config|
>
>
> config.vm.box = "ubuntu/trusty64"
>
>
> # Disable the new default behavior introduced in Vagrant 1.7, to
> # ensure that all Vagrant machines will use the same SSH key pair.
> # See https://github.com/mitchellh/vagrant/issues/5005
> config.ssh.insert_key = false
>
>
> # Setup the user first
> config.vm.provision "deployuser", type: "ansible" do |ansible|
> ansible.verbose = "v"
> ansible.playbook = "add_deployment_user.yml"
> ansible.sudo = true
> ansible.raw_arguments = ["-e '@overridden_variables.json'"]
> end
>
>
> config.vm.provision "demo", type: "ansible" do |ansible|
> ansible.verbose = "v"
> ansible.playbook = "demo.yml"
> ansible.raw_arguments = ["-e '@overridden_variables.json'", "-u
> ansible_user"]
> remote_user = "ansible_user"
> ansible.raw_ssh_args = ['-o ForwardAgent=yes','-o ControlMaster=auto','-o
> ControlPersist=5m']
> ansible.force_remote_user = false
> end
> end
>
> However it doesn't. Now one of the things in the override_variables is a
> list of keys which includes my public key which is different to the
> insecure_private_key used by vagrant. So in the case of the second ssh what
> key is used?
>
> On Monday, October 10, 2016 at 7:30:06 AM UTC+1, Gilles Cornu wrote:
>>
>> Hi Ian,
>>
>> As of Vagrant 1.8+ the Ansible remote user is forced by default.
>> Therefore your use case requires to set the "force_remote_user" option to
>> *false*.
>>
>> See:
>>
>> -
>> https://www.vagrantup.com/docs/provisioning/ansible.html#force_remote_user
>> - https://github.com/mitchellh/vagrant/pull/6348
>>
>> Hope it helps... Best regards,
>> Gilles
>>
>>
>> Le samedi 8 octobre 2016 12:00:08 UTC+2, Ian Smith a écrit :
>>>
>>> Hi,
>>>
>>> Probably a daft question but I'm looking at using vagrant to automate
>>> bring up of machines created using ansible scripts. I've hit an issue in
>>> that the existing playbook uses two play calls. One to the account that
>>> already exists, so in this case vagrant and that all works. However the
>>> first playbook creates a user called "ansible_user" and then the second
>>> playbook call then uses -u ansible_user to indicate that the playbook is
>>> run as that new user.
>>>
>>> What I've found is that in the second case with vagrant the playbook is
>>> still run as the vagrant user. Even though in the output I can see that the
>>> added -u ansible_user can be seen it seems that under Vagrant it has no
>>> effect.
>>>
>>> So what I have for the playbook provisioning in my VagrantFile is the
>>> following
>>>
>>> config.vm.provision "demotest1", type: "ansible" do |ansible|
>>>
>>> ansible.verbose = "vvv"
>>>
>>> ansible.playbook = "demo.yml"
>>>
>>> ansible.raw_arguments = ["-e '@overridden_variables.json'", "-u
>>> ansible_user"]
>>>
>>> ansible.raw_ssh_args = ['-o ForwardAgent=yes','-o
>>> ControlMaster=auto','-o ControlPersist=5m']
>>> end
>>>
>>> But I can see that with the verbose on there is an attempt to create a
>>> file in /home/ansible_user not as ansible_user which I have indicated but
>>> as vagrant which fails due to permission issues.
>>>
>>> What am I missing in the config to make this all work?
>>>
>>> Kind regards, Ian
>>>
>>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups
"Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vagrant-up/328ec6fc-2065-489b-9443-ad24a7b89c92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
