I'm new to Ansible and I'm trying to create a package to deploy to a Windows client running Chocolatey. I have all the winrm connections working between my ansible server and my windows client, but I am struggling to understand how to define and create packages.
As an example:
I want to install Notepad++ on the Windows client. I do not want it to connect to the internet to download the installer executable. Instead, I want the ansible server to push the exe to the client, then have the client execute it locally.
Can anyone explain and/or provide an example of a playbook to handle this? I know this is more easily achievable on windows via other products like SCCM, but for these purposes ansible is required.
The ansible playbook call you would look to make would look like such:
- name: Install notepadplusplus.install
win_chocolatey:
name: notepadplusplus.install
version: '8.4.5'
source: https:/YourInternalNuGetV2Repo
state: present
You would look to host the Chococlatey package on an internal NuGet V2 Repository
I think the part here that's missing is that you don't have a packages repository for Chocolatey to pull from. If you want to deploy a package with Chocolatey, it needs to get it from somewhere; the Ansible playbooks don't allow you to create packages directly and push them to machines, they mostly just allow you to setup Chocolatey and run Chocolatey commands.
If you want to build a Chocolatey package directly on the Ansible server, the Ansible modules for Chocolatey specifically don't have that functionality built in. You could potentially use other Ansible modules to construct the necessary script and zip files for the Chocolatey package, bundle in a targeted installer .exe, and upload it to the client. Not sure exactly how you'd do that, Ansible is generally for the deployment itelf moreso than packaging things for deployment.
Then, you could have the client instructed to install it by first adding the local folder that the package was uploaded to as a Chocolatey source:
win_chocolatey_source:
name: local
state: present
source: C:\\packages_folder
win_chocolatey:
name: package_name
source: local
state: latest
Instead, I want the ansible server to push the exe to the client, then have the client execute it locally.
If that is all you want then you don't need Chocolatey. Use win_copy to copy the EXE over from the server to the client and use something like win_command to execute it.
There are some caveats to it. You will need the command line arguments to make it run silently and headless. You'll need to test it all as some installers return immediately (and so control would return immediately to your playbook) even though they are still installing.
If you need to use Chocolatey then the other answers here are what you are looking for.
Related
I managed to create playbooks to backup an existing running Wordpress server by installing a VM backup server on Debian, so using APT package manager in Ansible.
Now I would like to be able to use the same playbooks but for installing at the same time the backup on an Alpine linux server.
Is there a more generic way than using APT or APK modules ?
If not what would you recommend me ?
Regards,
FB
Yes, and it's called package module, check https://docs.ansible.com/ansible/2.9/modules/package_module.html
Package names, however, might be different from distro to distro, and you still will have to provide distro-specific instructions. Quoting doc:
Package names also vary with package manager; this module will not "translate" them per distro. For example libyaml-dev, libyaml-devel.
The usual way to avoid it is to create distro-specific subtasks for different os families, or distro-specific variables, which are included with some condition.
I have seen a number of sites that explain how to install a role from a tar.gz file using ansible-galaxy, and they all seem to say the same thing.
In my case I have downloaded the following role file from ansible galaxy :
dsglaser-cis_security-1.2.0.tar.gz
Then I tried to install the role:
ansible-galaxy collection install dsglaser-cis_security-1.2.0.tar.gz
which gives me the warning :
[WARNING]: - collection was NOT installed successfully: Failed to get data from the API server (https://galaxy.ansible.com/api/): Failed to connect to galaxy.ansible.com at port 443: [Errno 104] Connection reset by peer
This is correct, because this machine is not, and never will be connected to the internet.
Another attempt :
ansible-galaxy install dsglaser-cis_security-1.2.0.tar.gz
results in another warning:
[WARNING]: - dsglaser-cis_security-1.2.0.tar.gz was NOT installed successfully: the specified roles path exists and is not a directory.
Also tried using the -p option to indicate where I want the role to be installed, with and without the directory present, but every attempt resulted in the last warning.
I'm not doing this as root...
Ansible version is 2.8.13
Just discovered that the command
ansible-galaxy install dsglaser-cis_security-1.2.0.tar.gz -p ./bla
does work, but only as root. And that's not what I want...
What am I doing wrong ?
I have been banging my head against the wall on this one for a while. I found that the collections I am trying to install have dependencies, that are not included in the tar.gz file.
This makes galaxy go out to download the files not found.
The way to get around this is by using another machine with ansible (2.10+) and transferring the files over.
Once you have ansible installed on a machine with internet use the following command
ansible-galaxy collection download {{ name of collection, if multiple use space as a separator }}
i.e.
ansible-galaxy collection download cisco.ios cisco.asa
This will create a folder in your current working directory with a tar.gz of the collection and its dependencies, as well as a requirements.yml file.
Note: with the requirements.yml file, if you re-run the download command, it will overwrite this, so if you have multiple collections use the single line command above.
Then it's just a matter of copying that folder over to the offline ansible server (2.9+), cd to that directory, and run:
ansible-galaxy collection install -r requirements.yml
Bobs your uncle.
I hope this saves someone time.
Thanks goes to this reddit post on the same topic
https://www.reddit.com/r/ansible/comments/lh1do0/ansible_newbie_trying_to_install_an_ansible/
AFAIK, installation from archives was never support for roles but was supported for collections.
For roles you are stuck with installation from git URLs.
This alone is a good-enough reason for me to avoid using old standalone roles, especially as support for them in galaxy is minimal, no new features being added (like install from tar archives).
I've been trying to create a playbook to do an unattended install of Ubuntu server 18.04.2 using an iso on VmWare.
The playbook will actually create the instance but stops and waits for user input to select the language, keyboard config, etc.
How can I get ansible/vmware to use a preseed.cfg file to set those options so I can create an unattended install?
Thanks!
You might be starting with the wrong tool.
Eventually, you will use Ansible, but calling it from Packer.
Start here: https://github.com/geerlingguy/packer-boxes
I want to use Jenkins for creating RPM packages to deploy code and scripts onto a Linux redhat machine(s)
So the applications are a mix of technologies (no compiling needed) i just need to package up the applications deploy them to the correct location restart apache
Would anybody have some instructions on how to do these steps for a total Newbie:
Some questions:
Do i need to install jenkins on a local linux machine if im going to be creating RPM's that will be deployed on to linux redhat machine (i was hoping to install jenkins on windows)
Does anybody have a example of creating a package out of a local folder (no source control for the moment)
I want to just specify the directory of where to take the code from and specify where to deploy the code to on a machine the rpm is installed on
On the destination machine i want to run something like
yum -install mypackage-version12.rpm
and it will install the code/scripts to the specified directory and restart apache
i need an example of this also.
Thanks
You can install Jenkins on a different machine, but you generally must have a Jenkins "node", "slave", "agent" installed on a machine that can generate RPM packages.
Running each step of the RPM package setup is putting all the steps to build within Jenkins. It works much better if you extend your build system to build the RPM, and have Jenkins do what it does best, manage the build (schedule, etc), not micro-manage the build (do the steps).
Depending on what you currently have as your build system, this might include ant directives to setup the rpm build tree, copy in the .spec file, and a executable call to rpmbuild.
Jenkins can easily call a post-build task to do this, or you might want to configure a mini "fake" project that does the update, depending on tastes.
As an aside, for a yum command to work without using the --localinstall option, you will need to have a web server set up, the new RPM copied to the right folder on the web server, and the indexing files rebuilt (repobuild is the script to do so, if I recall correctly).
On the client machine (where the package will be installed), you will need to have a yum configuration that directs the client machine to include the web server as one of the known yum repositories.
Why not use an Docker images to build the RPM inside it though a dedicated stage ?
Your code needs to provide /rpm/SPEC files and inside the Docker (Jenkins) you can have a Jenkinsfile like :
mkdir -p ./rpm/BUILD && cd ./rpm/ && for f in ./SPECS/*; do rpmbuild --define \"_topdir \$(pwd)/\" --define \"_builddir \$(pwd)/BUILD\" -bb \$f;
And you are done.
We have several build machines, each running a single TeamCity build agent. Each machine is very strong, and we'd like to run several build agents on the same machine.
Is this possible, without using virtualization? Are there quality alternatives to TeamCity that support this?
Yes, it's possible:
Several agents can be installed on a single machine. They function as separate agents and TeamCity works with them as different agents, not utilizing the fact that they share the same machine.
After installing one agent you can install additional one, providing the following conditions are met:
the agents are installed in the separate directories
they have distinctive work and temp directories
buildAgent.properties is configured to have different values for name and ownPort properties
Make sure, there are no build configurations that have absolute checkout directory specified (alternatively, make sure such build configurations have "clean checkout" option enabled and they cannot be run in parallel).
Under Windows, to install additional agents as services, modify [agent dir]\launcher\conf\wrapper.conf
to change the properties to have distinct name within the computer:
wrapper.console.title
wrapper.ntservice.name
wrapper.ntservice.displayname
wrapper.ntservice.description
You could also take a look at this blog post for Step-by-step guide
http://handcraftsman.wordpress.com/2010/07/20/multiple-teamcity-build-agents-on-one-server/
The top answer is the correct method, but if you want to complete this more easily you can use the TeamCityAgent Chocolatey package and supply the agent name, the agent folder and the port as --params and it will handle setting up the config files as well as pulling in the required version of Java via the server-jre package.
The one caveat to this is you need to use --force on any installs after the first agent as Chocolatey doesn't currently understand installing the same application with a different configuration as a "new" installation.
You will also need to use --version 2.0.1-beta-05 since this is still in a testing phase, but should make it out of beta soon.
Full install example for a second agent:
choco install teamcityagent --force -y --params 'serverUrl=http://teamcity.local:8111 agentName=AgentUno agentDir=C:\buildAgentUno ownPort=9091' --version 2.0.1-beta-05