Thursday, 18 March 2021

Deploying Azure Resource Group with Ansible Play Book Using Custom Ubuntu 18.04 VM

In a previous post we have discussed how to setup Ansible on Azure Ubuntu 18.04 VM. We can start using Ansible and execute play books to deploy Infrastructure on Azure cloud. Let’s look at how we can get started with deploying resources to Azure using an Ansible playbook, on the VM we created with Ansible as explained in the post “Install Ansible to Use Python3 on Azure Ubuntu 18.04 VM”.

To create resources on Azure we need to add the Azure modules for ansible. We can do that with the command below.

pip3 install ansible[azure]


However, notice the warning below which might cause a problem later on. Let’s face problems and fix them step by step and get our Ubuntu 18.04 Ansible VM ready for Azure infra as code deployments.

WARNING: ansible 3.0.0 does not provide the extra 'azure'

Let’s create a folder and use vim to create a playbook file with below content to support creating a resource group in Azure.

---
- hosts: localhost
   connection: local
   tasks:
     - name: Creating resource group - "{{ name }}"
       azure_rm_resourcegroup:
         name: "{{ name }}"
         location: "{{ location }}"
         client_id: "{{ spnclientid }}"
         secret: "{{ spnsecret }}"
         subscription_id: "{{ spnsubscription}}"
         tenant: "{{ spntenant }}"
       register: rg
     - debug:
         var: rg


Now we can try to execute the playbook with below command supplying all the required parameters. Note that we are passing even the Azure Service Principal details as parameters to the playbook file. We have the option to setup it in the VM so that we can skip, supplying them. But for this example let’s pass the SPN information as parameters.

ansible-playbook create_rg.yml --extra-vars "name=rg-chansible-try location=eastus spnclientid=yourspnappid spnsecret=yourspnsecret spnsubscription=yourazuresubscriptionid spntenant=yourazuretenantid"

You may encounter an error as shown below.


An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ModuleNotFoundError: No module named 'msrest'

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (msrestazure) on vm-chansible-dev's Python /usr/bin/python3. Please read the module documentation and install it in the appropriate location. If the required library is installed, but Ansible is using the wrong Pythoninterpreter, please consult the documentation on ansible_python_interpreter"}

GitHub issue here discusses the same issue on Azure cloud shell. Based on that discussion we can run below install commands to ensure the required libraries are setup in our VM.

pip3 install azure

pip3 install msrest

pip3 install msrestazure

Next attempt to execute fails with below error.


An exception occurred during task execution. To see the full traceback, use -vvv . The error was: ModuleNotFoundError: No module named 'azure.mgmt.privatedns' fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (ansible[azure] (azure >= 2.0.0)) on vm-chansible-dev's Python /usr/bin/python3. Please read the module documentation and install it in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}

This is related to the warning mentioned in the first step.

WARNING: ansible 3.0.0 does not provide the extra 'azure'

As per instructions here the extras for Azure are no longer getting installed with pip3 install ansible[azure]. We have to run below command to get the required modules setup to work with Azure using Ansible.

curl -O https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt

pip3 install -r requirements-azure.txt

rm requirements-azure.txt

ansible-galaxy collection install azure.azcollection

With that we can run the playbook and our resource group get created in Azure. Running the playbook again executes fine without any issues and report the existence of resource group.


Let’s explore more Azure IaC with Ansible in coming posts.

No comments:

Popular Posts