Updated readme, added both local and remote exec methods to code.

scarolan · scarolan · commit 83bf2d834dee · 2018-10-02T15:31:38.000-05:00
diff --git a/README.md b/README.md
@@ -2,9 +2,12 @@
 This repository contains code examples for running Terraform and Ansible together in different configurations.
 
 ## Run Ansible from Terraform
+Use the code examples in the `terraform_gcp` or `terraform_azure` folders to see how this is done. Basically there are two steps. First is a remote exec which forces Terraform to wait until SSH is running to run Ansible. This can be anything, even an `echo "Hello World"` command.
 
 ## Run Terraform from Ansible
+The code example in the `terraform_gcp` directory has code for remote exec commented out. You can comment out the local_exec code and run this to have Ansible run on the remote host. With this method we first copy our playbook to the remote host, then we install and run Ansible locally there.
 
 ## Build System Images with Packer and Ansible
+HashiCorp's Packer tool allows you to use your existing Ansible playbooks to easily build machine images on the cloud or virtualization platform of your choice. Packer uses a JSON file for configuration, and is run from the command line. 
 
 ## Integrate HashiCorp Vault with Ansible
diff --git a/ansible/httpd.yml b/ansible/httpd.yml
@@ -3,6 +3,8 @@
   become: yes
   become_user: root
   tasks:
+    - name: Install firewalld
+      yum: name=firewalld
     - name: Stop firewalld
       service: name=firewalld state=stopped
     - name: Install the httpd package
diff --git a/packer/packer.json b/packer/packer.json
@@ -0,0 +1,18 @@
+{
+    "builders": [{
+      "type": "amazon-ebs",
+      "ssh_pty": true,
+      "access_key": "{{user `aws_access_key`}}",
+      "secret_key": "{{user `aws_secret_key`}}",
+      "region": "us-west-2",
+      "instance_type": "t2.medium",
+      "source_ami": "ami-28e07e50",
+      "ssh_username": "ec2-user",
+      "ami_name": "Ansible with Packer Demo - v0.1"
+    }],
+  
+    "provisioners": [{
+      "type": "ansible",
+      "playbook_file": "../ansible/httpd.yml"
+    }]
+  }
diff --git a/terraform_gcp/main.tf b/terraform_gcp/main.tf
@@ -39,20 +39,73 @@ resource "google_compute_instance" "tfansible" {
     scopes = ["userinfo-email", "compute-ro", "storage-ro"]
   }
 
-  provisioner "remote-exec" {
-    inline = ["echo 'Hello World'"]
-
-    connection {
-      type        = "ssh"
-      host        = "${google_compute_instance.tfansible.network_interface.0.access_config.0.assigned_nat_ip}"
-      user        = "${var.ssh_user}"
-      private_key = "${file("${var.private_key_path}")}"
-    }
-  }
-
-  provisioner "local-exec" {
-    command = "ansible-playbook -i '${google_compute_instance.tfansible.network_interface.0.access_config.0.assigned_nat_ip},' --private-key ${var.private_key_path} ../ansible/httpd.yml"
-  }
+  ##############################################################################
+  # This is the 'local exec' method.  
+  # Ansible runs from the same host you run Terraform from
+  ##############################################################################
+  #   provisioner "remote-exec" {
+  #     inline = ["echo 'Hello World'"]
+
+  #     connection {
+  #       type        = "ssh"
+  #       user        = "${var.ssh_user}"
+  #       private_key = "${file("${var.private_key_path}")}"
+  #     }
+  #   }
+
+  #   provisioner "local-exec" {
+  #     command = "ansible-playbook -i '${google_compute_instance.tfansible.network_interface.0.access_config.0.assigned_nat_ip},' --private-key ${var.private_key_path} ../ansible/httpd.yml"
+  #   }
+
+  ##############################################################################
+  # This is the 'remote exec' method.  
+  # Ansible runs on the target host.
+  ##############################################################################
+  #   provisioner "remote-exec" {
+  #     inline = [
+  #       "mkdir /home/${var.ssh_user}/files",
+  #       "mkdir /home/${var.ssh_user}/ansible",
+  #     ]
+
+  #     connection {
+  #       type        = "ssh"
+  #       user        = "${var.ssh_user}"
+  #       private_key = "${file("${var.private_key_path}")}"
+  #     }
+  #   }
+  #   provisioner "file" {
+  #     source      = "../ansible/httpd.yml"
+  #     destination = "/home/${var.ssh_user}/ansible/httpd.yml"
+
+  #     connection {
+  #       type        = "ssh"
+  #       user        = "${var.ssh_user}"
+  #       private_key = "${file("${var.private_key_path}")}"
+  #     }
+  #   }
+  #   provisioner "file" {
+  #     source      = "../files/webapp.sh"
+  #     destination = "/home/${var.ssh_user}/files/webapp.sh"
+
+  #     connection {
+  #       type        = "ssh"
+  #       user        = "${var.ssh_user}"
+  #       private_key = "${file("${var.private_key_path}")}"
+  #     }
+  #   }
+  #   provisioner "remote-exec" {
+  #     inline = [
+  #       "sudo yum -y install ansible",
+  #       "cd ansible; ansible-playbook -c local -i \"localhost,\" httpd.yml",
+  #     ]
+
+  #     connection {
+  #       type        = "ssh"
+  #       user        = "${var.ssh_user}"
+  #       private_key = "${file("${var.private_key_path}")}"
+  #     }
+  #   }
+  # Don't comment out this next line.
 }
 
 resource "google_compute_firewall" "default" {
