IBM Cloud Docs
Ansible

Ansible

Answers to common questions about the IBM Cloud Schematics actions are classified into following section.

Are Classic VSIs supported for use with actions?

Classic VSI environments are not supported with actions. Only IBM Cloud VPC VSIs have been tested and are supported with actions.

What network configuration is suggested for use with actions?

It is your responsibility as a user to ensure that suitable network policies and a bastion host configuration is in place for the cloud environment to allow Schematics to connect through SSH to your environment. See Schematics firewall, allowed IPs for details of the IP addresses Schematics uses and must be allowed access. When using a bastion host, SSH forwarding is used to connect to the target VSIs. To validate access the command ssh -J bastion-ip vsi-ip.

Example as-is IBM Cloud® VPC configurations with bastion hosts are available in the Cloud-Schematics repo. Follow the tutorial Discover best-practice VPC configuration for application deployment for guidance on creating a suitable network configuration.

Why does the SSH connection fail with static inventory files?

Defining target hosts using short form host names is not supported for VSIs on a private network without public IP addresses. The connection fails with the message Could not resolve hostname. Review the actions docs for supported configurations.

ansible-playbook run | fatal: [worker-0]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host through ssh: ssh: Could not resolve hostname toraz3-worker-0001: Name or service not known", "unreachable": true}
2023/08/24 12:15:47 ansible-playbook run | fatal: [grid-man-0]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host through ssh: ssh: Could not resolve hostname toraz3-grid-man-01: Name or service not known", "unreachable": true}

Why does my action job display a DEPRECATION WARNING message?

In the action settings page you, need to set the input variable as ansible_python_interpreter = auto as shown in the screen capture to avoid DEPRECATION WARNING message.

Configuring input variable to silence warning message
Configuring input variable to silence warning message

How can I resolve that might not run action error while provisioning WinRM by using Schematics action?

Error: 2021/12/06 10:15:49 Terraform apply | Error: Error running command 'ANSIBLE_FORCE_COLOR=true ansible-playbook ansible.yml --inventory-file='inventory.yml' --extra-vars='{"ansible_connection":"winrm","ansible_password":"password","ansible_user":"administrator","ansible_winrm_server_cert_validation":"ignore"}' --forks=15 --user='root' --ssh-extra-args='-p 22 -o ConnectTimeout=120 -o ConnectionAttempts=3 -o StrictHostKeyChecking=no'': exit status 2. Output:
 2021/12/06 10:15:49 Terraform apply | PLAY [Please wait and have a coffee! The show is about to begin....] ***********
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:49 Terraform apply | TASK [Gathering Facts] *********************************************************
 2021/12/06 10:15:49 Terraform apply | fatal: [161.156.161.7]: FAILED! => {"msg": "winrm or requests is not installed: No module named 'winrm'"}
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:49 Terraform apply | PLAY RECAP *********************************************************************
 2021/12/06 10:15:49 Terraform apply | 161.156.161.7              : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:49 Terraform apply |   with null_resource.schematics_for_windows,
 2021/12/06 10:15:49 Terraform apply |   on schematics.tf line 2, in resource "null_resource" "schematics_for_windows":
 2021/12/06 10:15:49 Terraform apply |    2:   provisioner "ansible" {
 2021/12/06 10:15:49 Terraform apply |
 2021/12/06 10:15:50 Terraform APPLY error: Terraform APPLY errorexit status 1
 2021/12/06 10:15:50 Could not execute action

WinRM is not supported by Schematics Terraform Ansible provisioner. Alternatively you can use the Schematics actions to run the Ansible playbooks with WinRM. The Schematics actions support WinRM.

When are new Terraform and Ansible versions added to Schematics?

After new Terraform and Ansible versions are released by the community, the IBM team begins hardening and testing the release for Schematics. Availability of new versions depends on the results of these tests, community updates, security patches, and technology changes between versions. Make sure that your Terraform templates and Ansible playbooks are compatible with one of the supported versions so that you can run them in Schematics. For more information, see Upgrading the Terraform template version and Schematics runtime tools.

Can I run Ansible playbooks with Schematics?

Yes, you can run Ansible playbooks against your IBM Cloud by using the Schematics actions or Ansible provisioner in your Terraform configuration file. For example, use the Ansible provisioner to deploy software on IBM Cloud resources or set actions against your resources, such as shutting down a virtual server instance. For more information, see sample Ansible playbook templates for Schematics actions.