0

Here is the problem statement:

Suppose I am on an EC2 instance A, and run an Ansible script which does the following tasks:

1. Create an EC2 instance B
2. SSH into it
3. Trigger an Ansible script which is on B, with the simple `ansible-playbook <pb_on_B>.yml` [B is being provisioned from an AMI]

So, what will happen if the instance A gets terminated after task 3 gets started?

Will the Ansible script which is triggered in B, finish to completion?

Dawny33
  • 10,543
  • 21
  • 82
  • 134

3 Answers3

3

[W]hat will happen if the instance A gets terminated after task 3 gets started?

Will the Ansible script which is triggered in B, finish to completion?

  • You can't tell what would happen with 100% certainty.

    It depends on the shell configuration (for example TMOUT in bash), SSH daemon configuration (TCPKeepAlive, ClientAliveInterval parameters), timing, network conditions and whether A will close the session with (FIN) or drop without notifying A.

  • Most likely the playbook execution would get interrupted.

    If SSH daemon on B cannot contact the SSH client on A (for example to print out Ansible execution log) and it gets the TCP RST packet, it will drop the session killing the SSH session's child processes, including the shell and ansible-playbook. However the session might also remain active until timeout and the playbook might finish before it occurs.

  • If ansible-playbook executable was be called through the nohup command (or in a screen or tmux session), it won't be interrupted upon SSH session disconnect (and shell session closure).

    Note: when you use nohup the standard output will be redirected to a file nohup.out. Refer to the answers under this question to learn the options.

    Also check this answer on Unix.SE which describes the technicalities behind the command.

Community
  • 1
  • 1
techraf
  • 64,883
  • 27
  • 193
  • 198
  • Thank you techraf. Always helpful :) . However, when I do `command: "nohup ansible-playbook -vvv /home/ec2-user/demo_provision.yml"`, I am getting a `failed to run command ‘ansible-playbook’: No such file or directory",` error. So, is there someway I can run an ansible playbook with `nohup`? Or am I using the `command` module wrong? – Dawny33 Feb 28 '17 at 05:46
  • `which ansible-playbook` then try with full path. – techraf Feb 28 '17 at 06:08
  • Worked. Thank you :) – Dawny33 Feb 28 '17 at 09:54
2

Can Ansible task provisioned from Ansible run on a remote host without SSH?

Yes, with ansible-pull:

Should you want to invert the architecture of Ansible, so that nodes check in to a central location, instead of pushing configuration out to them, you can.

The ansible-pull is a small script that will checkout a repo of configuration instructions from git, and then run ansible-playbook against that content.

Community
  • 1
  • 1
Konstantin Suvorov
  • 65,183
  • 9
  • 162
  • 193
1

If the idea is to preserve an SSH session in instance B, without worrying about the life/death of instance A, you could try and run your ansible plays in tmux on instance B. Your workflow will be modified like this

  1. Create an EC2 instance B
  2. SSH into it
  3. Instal tmux - apt-get install tmux
  4. Start a tmux session tmux new -s ansible
  5. Trigger an Ansible script which is on B, with the simple ansible-playbook <pb_on_B>.yml
Manas Ranjan Kar
  • 491
  • 4
  • 9