heavytobi
heavytobi5mo ago

Ansible not usable

Hey all, I am not sure what I messed up but I can’t run Ansible Playbooks for some reason.. once I try to hit Test I get this error here: error during execution of the script:\nNot found: Couldn't find ansible-playbook at /usr/local/bin/ansible-playbook. This probably means that you are not using the windmill-full image. Please use the image windmill-full for your instance in order to run rust jobs. However Googling and asking ChatGPT didn’t get me to some windmill-full images but only to some photographs of some old rusty windmills… any idea on what I can do? I have used the quick start docker compose guide… Thanks in advance
10 Replies
rubenf
rubenf5mo ago
Look at the image name that you're using, add -full to it
heavytobi
heavytobiOP5mo ago
Injustice tried in .env: For Enterprise Edition, use: WM_IMAGE=ghcr.io/windmill-labs/windmill-ee:main WM_IMAGE=ghcr.io/windmill-labs/windmill-full:main but in the end I get this: /home/docker-projects/windmill # docker compose up -d WARN[0000] /home/docker-projects/windmill/docker-compose.yml: version is obsolete [+] Running 3/4 ✘ windmill_worker Error context canceled 1.5s ✘ windmill_server Error manifest unknown 1.5s ✘ windmill_worker_native Error context canceled 1.5s ⠼ lsp Pulling 1.5s Error response from daemon: manifest unknown Nevermind, replacing :main with :latest seems to made it work, thanks
rubenf
rubenf5mo ago
Are you on the ee ? The image you need is ghcr.io/windmill-labs/windmill-ee-full:main or ghcr.io/windmill-labs/windmill-full:main if not on ee
heavytobi
heavytobiOP5mo ago
I am not… I am on community edition, should be enough for home lab use 😉 but windmill-full:main will lead to manifest unknown so I had to use the :latest tag… but turns out even though I can execute Ansible now it’s not of use as I only get Host key verification failed error and I have no idea how to teach windmill which host keys it should accept for ansible… (I should mention before everyone makes fun of me that I never used Ansible or Windmill before)
beastman.kojak
beastman.kojak4mo ago
Hi @heavytobi, I was having similar issues with ansible and found your question. Here's what I did to solve it. For my setup, I have an ssh key that I generated specifically for windmill and added that in the authorized_keys file on the target host.
1. add some settings to the inventory file 
[my_lab]
my_lab_vm

[my_lab:vars]
ansible_host=192.168.1.100 #ip address of target machine
ansible_user=bkojak
ansible_ssh_private_key_file=ssh_key #This will get copied from our secrets
ansible_ssh_common_args='-o StrictHostKeyChecking=no' #this fixes the host key verification error
[my_lab]
my_lab_vm

[my_lab:vars]
ansible_host=192.168.1.100 #ip address of target machine
ansible_user=bkojak
ansible_ssh_private_key_file=ssh_key #This will get copied from our secrets
ansible_ssh_common_args='-o StrictHostKeyChecking=no' #this fixes the host key verification error
2. Copy the private key into a secret varialble. NOTE: There MUST be a newline at the end of the file, otherwise you will get other errors. 
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----
3. In the ansible script, create a file for the ssh key: 
# File resources will be written in the relative `target` location before
# running the playbook
files:
  - variable: u/beastman/windmill_private_key
    target:  ./ssh_key
# File resources will be written in the relative `target` location before
# running the playbook
files:
  - variable: u/beastman/windmill_private_key
    target:  ./ssh_key
4. Set the proper permissions on the private key file before connecting to the remote host. You will get an error if the permissions are not correct. 
---
- name: Set up private key
  hosts: localhost
  tasks:
  - name: chmod ssh key
    ansible.builtin.file:
      path: ssh_key
      mode: '0600'

- name: Deploy Stack
  hosts: my_lab
...
---
- name: Set up private key
  hosts: localhost
  tasks:
  - name: chmod ssh key
    ansible.builtin.file:
      path: ssh_key
      mode: '0600'

- name: Deploy Stack
  hosts: my_lab
...
There are security implications for turning off strict host key checking. As an alternative, you could probably add the target host to the known hosts in step 4 when you set the file permissions, but I haven't tested that.
Julian @ 42 N.E.R.D.S.
Julian @ 42 N.E.R.D.S.4mo ago
Hi, I'm really looking forward to using ansible with windmill. But I have a showstopper for us to use it: When I read your code correct, you hardcoded the inventory file name https://github.com/windmill-labs/windmill/blob/c194e124dac3b9cf261f7f504dcbc306c37ea4f4/backend/parsers/windmill-parser-yaml/src/lib.rs#L237 with an .ini extension. This makes your ansible implementation unusable with dynamic inventory plugins. 
dependencies:
  galaxy:
    collections:
      - name: hetzner.hcloud
  python:
    - hcloud
dependencies:
  galaxy:
    collections:
      - name: hetzner.hcloud
  python:
    - hcloud
in this setup i want to use an inventory file which ist not in ini format. 
# hcloud.yml
---
plugin: hetzner.hcloud.hcloud
# hcloud.yml
---
plugin: hetzner.hcloud.hcloud
then you call this locally with for example 
$  ansible-inventory -i hcloud.yml --graph
@all:
  |--@ungrouped:
  |--@hcloud:
  |  |--node-1
  |  |--node-2
$  ansible-inventory -i hcloud.yml --graph
@all:
  |--@ungrouped:
  |--@hcloud:
  |  |--node-1
  |  |--node-2
this works locally but not in windmill, as I get: 
[WARNING]:  * Failed to parse /tmp/windmill/wk-default-
fd0172ad9b40-bFAfZ/019354e4-7358-5833-262a-026b281a13d2/inventory.ini with ini
plugin: Invalid host pattern '---' supplied, '---' is normally a sign this is a
YAML file.
[WARNING]: Unable to parse /tmp/windmill/wk-default-
fd0172ad9b40-bFAfZ/019354e4-7358-5833-262a-026b281a13d2/inventory.ini as an
inventory source
[WARNING]:  * Failed to parse /tmp/windmill/wk-default-
fd0172ad9b40-bFAfZ/019354e4-7358-5833-262a-026b281a13d2/inventory.ini with ini
plugin: Invalid host pattern '---' supplied, '---' is normally a sign this is a
YAML file.
[WARNING]: Unable to parse /tmp/windmill/wk-default-
fd0172ad9b40-bFAfZ/019354e4-7358-5833-262a-026b281a13d2/inventory.ini as an
inventory source
Please note: I added a custom inventory source type of plain text format yaml Did I miss something? Any chance the inventory: parameter will accept something like inventory_type: yaml or (better) infer the file extension from the resource type extension and not hardcoded?
GitHub
windmill/backend/parsers/windmill-parser-yaml/src/lib.rs at c194e12...
Open-source developer platform to power your entire infra and turn scripts into webhooks, workflows and UIs. Fastest workflow engine (13x vs Airflow). Open-source alternative to Retool and Temporal...
rubenf
rubenf4mo ago
@wendrul ^
wendrul
wendrul4mo ago
Hi @Julian @ 42 N.E.R.D.S., I'm not very familiar with dynamic inventories in ansible, but we can look into implementing it. That being said, you can add a name for the inventory file like this: 
inventory:
- resource_type: ansible_dynamic_inventory # you can create this resource type for example
  name: hcloud.yml
inventory:
- resource_type: ansible_dynamic_inventory # you can create this resource type for example
  name: hcloud.yml
It will be written as hcloud.yml and read by the ansible-playbook command. If you could try and see if this is sufficient to make dynamic inventories work that would be great, we could add the steps in the documentation. Otherwise, we will add this to backlog and work the additional features in when we get the chance.
Julian @ 42 N.E.R.D.S.
Julian @ 42 N.E.R.D.S.3mo ago
@wendrul oh yeah \o/, this is what I overlooked. That name-Parameter seems to solve the issue. I just gave it a try. I will look further into this the next days. Pretty awesome support, thanks a lot.
wendrul
wendrul3mo ago
That's great! Let us know if it all works for you and we'll add this info in the docs

Did you find this page helpful?