Using Jenkins to Trigger Ansible Run's

I’m fairly new to using Ansible and I’ve been asking myself the question of “how can I trigger an Ansible run from a new node that has just been provisioned?” Even better is there anything I already have in my infrastructure? and that’s where I thought it would be fun to try and use Jenkins!

Background

I’ve been learning about Ansible for the past couple of months now and just started using it for some projects. If you are not already familiar with Ansible I suggest reading through the docs.

I’m also coming from a background of using Puppet for configuration management. With a typical Puppet deployment being pull based (master/agent), I aim to make the first Puppet run bring the node into a production ready state.

However since, the primary way to run Ansible is pushed based we need some way to trigger an Ansible run.

This also becomes more important in the cloud when you have an auto scaling group of nodes coming up, needing to be provisioned and added to any upstream services, so we need something to contact and say “hey configure me.”

Note: there are various other methods I’ll talk about in part II

Jenkins

I take it you have a Jenkins server sitting somewhere within your infrastructure like I do, so let’s try to take advantage of it to invoke some Ansible runs!

There are a couple prerequisites for the Jenkins master

• ansible installed download link

• git SCM Plugin download link

• have SSH keys setup for all the servers you want to manage

Let’s get started…

1. create a job called “ansible-callback-web”

2. the job should be a “Paramiterized build”

   • add a string parameter called FQDN

3. configure the SCM tool to point to the demo repository (or your real playbooks)

   • https://github.com/dmichel1/ansible-examples.git
   • set “Local subdirectory for repo” to ansible-examples

4. Set a token to allow the build to be triggered remotely

   • WARNING: this post isn’t going to dive into how to properly secure Jenkins

5. Under “Build” select “Execute Shell” and paste in…

#!/bin/bash

echo "Running Ansible against: $FQDN"

# http://www.ansibleworks.com/docs/gettingstarted.html#a-note-about-host-key-checking 
export ANSIBLE_HOST_KEY_CHECKING=False

pushd ansible-examples/nginx
  ansible-playbook -i inventory.py main.yml
popd

Below is an example of the Playbook that will run against your new web node

  ---
  - hosts: web

    vars:
      http_port: 80

    user: root

    tasks:
    - name: install nginx
      yum: name=nginx state=present

    - name: ensure nginx is running
      service: name=nginx state=running

    - name: wait for nginx to be running
      wait_for: port={{ http_port  }} delay=3

Stick the curl command below in your kickstart, rc.local, or ec2-run-instances –user-data docs config.

** The web node should be reachable from the Jenkins master by it’s FQDN or IP. In the example below it’s using the hosts FQDN.**

curl -X POST http://jenkins.demo.local/job/ansible-callback-web/buildWithParameters -d FQDN=`hostname -f` -d token=safetoken123

If you did’t receive any errors back, congratulations! Check the build history of the job, you should have just triggered an Ansible run via Jenkins.