3

I'm trying to setup packer and ansible-remote to create an AMI based on my pre-existing ansible scripts. I run into one of two issues.

First I had a problem with SSH where I received SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh. I added the connection: local in my ansible config and it seems to have resolved that.

Now I am running into an issue sudo: a password is required from Ansible. I'm unclear why as the user I am specifying has sudo access with NOPASSWD and I've verified this by connecting using the temp key's setup by packer. I receive the following error and have tried passing in ansible_become_user and ansible_become_pass as vars through packer with no luck. It seems like maybe it's trying to sudo against my local connection now but needs the password? Any ideas how to set this up properly.

Packer:

{
  "variables": {
    "aws_access_key": "",
    "aws_secret_key": ""
  },
  "builders": [{
    "type": "amazon-ebs",
    "access_key": "{{user `aws_access_key`}}",
    "secret_key": "{{user `aws_secret_key`}}",
    "region": "us-east-1",
    "subnet_id": "subnet-56343453",
    "source_ami": "ami-61bbf104",
    "instance_type": "t2.micro",
    "ssh_username": "centos",
    "ssh_pty" : true,
    "ami_name": "packer-example {{timestamp}}"
  }],
  "provisioners": [
    {
      "type": "shell",
      "inline": ["sudo sed -i 's/requiretty/!requiretty/' /etc/sudoers"]
    },
    {
      "type": "ansible",
      "playbook_file": "../config/site/packer.yml",
      "user": "centos",
      "ansible_env_vars": [ "ansible_become_user=centos", "ansible_become_pass=packer", "ANSIBLE_HOST_KEY_CHECKING=False", "ANSIBLE_SSH_ARGS='-o ForwardAgent=yes -o ControlMaster=auto -o ControlPersist=60s'" ]
    }
  ]
}

Ansible:

---
  - name: run base centos playbooks
    hosts: all
    connection: local
    become: true
    roles:
     - base_centos7
tweeks200
  • 1,837
  • 5
  • 21
  • 33
  • May be misreading this, but it appears as `connection: local` would run the playbook locally where `packer` was run, not on the provisioned instance. – Matthias Winkelmann Oct 12 '16 at 20:10
  • Hey, how did you fix this? I'm now running into the exact same error at the gathering facts step. Data could not be send to remote host 127.0.0.1. I tried connection:local as MattW says and he's right. But without it doesnt work – straykiwi Aug 23 '17 at 21:52

3 Answers3

1
SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh

This error is fixed by using ansible_python_interpreter=/usr/bin/python3

Because packer generates the inventory file, the best way is to create a [ubuntu16] ansible group and in group_vars set ansible_python_interpreter to /usr/bin/python3

It's unfortunate that it looks like a connection issue. Because it just took me a few hours to fix this.

straykiwi
  • 538
  • 6
  • 23
0

The sudo password issue will depend entirely on your source AMI ("source_ami": "ami-61bbf104").

If the AMI is self managed, you will need to ensure the user you are using 'centos' has the ability to sudo and providing you have other security in place (ssh keys), you could remove the password. Alternatively you could use the flag '--ask-become-pass' when running ansible, I'm not sure how well this would work with Packer though.

If the AMI is an AWS managed image, I'd suggest using 'ec2-user' with Packer, which would then configure users on the image with a common role and apply configurations with the relevant users using 'become_user'.

useful links:

Matt Childs
  • 149
  • 1
  • 1
  • 7
-1

I don't think you need the user centos there, since you are already connected as centos user.

Alvaro

kikitux
  • 64
  • 2