You did good my friend. Short videos is how you get and maintain your audience. Bravo +++ Terraform with Ansible remote-exec and local-exec the secret sauce 4:36
Yep, Lovin the content. Here are some ideas - Tools 1. ELK on AWS 2. If you know Kafka + Spark + AWS with Golang or Python, then content on it. 3. Istio on AWS Concepts 1. Scaling, Performance, High Availability, Fault Tolerant architectures with DevOps. 2. Monitoring, Instrumentation and Observability. 3. Test automation framework. What do you have in mind? Would love to hear back from you :)
Thank you, I appreciate your feedback. I will finish terraform aws networking + EKS this week. I have another request for next week's - Terraform Tutorial for Beginners. I am well aware of the tools and concepts that you listed. I will try to push it to a week after.
@@JackReacher1 Are you interested in Spark Streaming or batch? We switched to Flink a year ago so, if you are interested I can do some tutorials on Flink as well :)
Блин... Слушаю и не понимаю, почему речь такая четкая и внятная, в отличие от других видео на английском. Посмотрел название канала и всё понял)) (thankyou|дякую|спасибо) за видосы, Антон) Наткнулся случайно на видос, но видимо это судьба-подписка.
this video helped me understand really good with an example, can you do a video with the sample example of how we can use Jenkins to do the CI.. i just wanted to understand the flow Terraform Code check in GIT, Jenkins CI to push the code to artifacts , Terrform provisions infrastructure, Ansible deploys.. i just know this theoritically but want to try this practically with your help!!
This is all good but when I change the configration management code for ansible and do "tf apply", the terraform destroys the old instance and creates a new one. Only after then it applys the changed playbook. I don't want to create a new instance every time I change the playbook. Any solutions for that?
In general, it's against the best practice to use any provisioners (local or remote) with terraform including ansible. You have two options: 1. Set up ansible separately (for example ansible tower) 2. Use immutable infrastructure, bake all the software, and config into the image itself.
@@AntonPutra I tried creating a custom ami with a flask app running in development mode but the app does not seem to start when I launch an instance with the ami. Basically the app should start after reboot, but I am having a hard time figuring it out. How can I create custom ami in such a way that the app starts as soon as I launch an instance with that ami?
Thank for the knowledge share. Can we have more on this course please? . l will like to use ansible to manage docker volumes for terraform AWS . Any ideas of video or study materials
Thank you for the feedback. The best place to learn ansible, just search for specific modules (such as systemctl or docker) and use one of the provided examples. I will defiantly create more videos on this topic in the future.
You can use this code to create eks from scratch without modules - github.com/antonputra/tutorials/tree/main/lessons/154/terraform This one the same but with terraform modules - github.com/antonputra/tutorials/tree/main/lessons/125
Hi, thank you for this video, can you please explain how did you get the vpc_id and the subnet_id in your main.trf? where can i find them in the AWS account?
Thank you Nahum, you can open AWS console and in the search bar type "VPC", then on the left-hand side you will see "Your VPCs" and the second link will be "Subnets". Under "Your VPCs" you will find vpc_id and under "Subnets" you will find sunet_id. Also, I started a new series explaining how to create AWS VPC with public and private subnets using terraform, it may help you as well.
@@AntonPutra Hi Anton, I used your lab tutorial in order to run it on my' n and i've got an error, and i thought you know this issue: (my code syntax is like the one you have, only difference is, i'm running on windows. This is the error i get when i trigger: terraform plan: PS C:\Terraform\Ansible_Aws oles ginx\tasks> .\terraform.exe plan Error: "0.0.0.0./0" is not a valid CIDR block: invalid CIDR address: 0.0.0.0./0 on main.tf line 16, in resource "aws_security_group" "nginx": 16: resource "aws_security_group" "nginx" { Error: Invalid function argument on main.tf line 63, in resource "aws_instance" "nginx": 63: private_key = file(local.private_key_path) |---------------- | local.private_key_path is "C:\\Terraform\\Terraform\\main-key.pem" Invalid value for "path" parameter: no file exists at C:\Terraform\Terraform\main-key.pem; this function works only with files that are distributed as part of the configuration source code, so if this file will be created by a resource in this configuration you must instead obtain this result from an attribute of that resource. if you'll have the time to assist i'll be very greatfull.
You need to download a public key and provide path to it in your terraform code. Here - github.com/antonputra/tutorials/blob/main/lessons/014/main.tf#L6
@@AntonPutra why you do not include this step in your tutorial ?? Are you using a pre-build image with an ansible in it? I want to install ansible via "sudo apt install ansible" but before this, we must do "sudo apt update" while update is failing intermittently. - doing this via remote-exec.
If you were running this through azure devops pipelines, would you run it on a self-hosted agent so it has access to an ansible control node on the production network? I am missing that piece of information after that I think I understand how this will work in an enterprise environment
Hi Thanks for your great video. I would like to do the same thing with a windows instance on aws. But I'm struggling with the WinRM connection. Can you help with that? I know there's a way to install open_ssh a user_data script and use it with an ssh connection block. Thanks
@@AntonPutra So what do you suggest for a windows ec2 instance. The problem is that the password is known after the instance is created. I've a wait resource to have enough of time to grap it. But it didn't work
@@fopingn Unfortunately, I don't have a lot of experience with Windows EC2 instances.. Is there a way to use a private/public key to ssh to the instance? (for example create a key pair and use a public key for ansible to ssh) Also, right now I'm exploring AWS Session manager that allows you to ssh without uploading your public key on the first place. Not sure if it can be used with ansible/terraform..
Question for who might know, I already created my EC2 instance as test using Terraform, what is the best way to configure it , I want to add the Apache server using Ansible...?
It depends, easiest way to install it manually. If you need to reproduce this setup elsewhere, one of the most popular config management tools is Ansible. Also, you can create AMI image with Packer.
you have two options: 1. spin up a dedicated VM for ansible and run it playbooks from there (bastion host) 2. configure VPN, then you can run ansible from your laptop. This can help - czcams.com/video/yaXiAqH-4LE/video.html
Hiya Anton! Super informative video!! Im using terraform+ansible with a gcp instance and when I type in 'host = self.public_ip' I get an error from terraform that 'This object has no argument, nested block, or exported attribute named "public_ip"'. Please can you help me solve this issue? Thank you :)
Most likely you are using "google_compute_instance" terraform resource, you can find all exported attributes in this section - registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#attributes-reference If you have openvpn in your cluster, you may want to use internal IP address - "network_interface.0.network_ip" Or public one - "network_interface.0.access_config.0.nat_ip". Try to get all possible variables from "network_interface" exported block
Hi Thanks for your great video. I follow your video until the end... but i can access my ec2 via public IP, i have a errror "This site can’t be reached18.189.29.139 refused to connect." Can you help me fix it. Thank you very much
First of all, try to ssh to the instance and check if nginx is up and running by running "sudo systemctl status ngninx". You can also check if the port is open on the target machine by running from your machine "nc -vz 80"
@@AntonPutra Hi Anton, tks for your response, but i know the problem come to I can create web server Nginx. When create manual by ansible, everything ok, but when i combine terraform and ansible, i can access my instance ec2
@@AntonPutra when i was login instance and check service nginx, and i have the message "Unit ngninx.service could not be found." And when i check port via command "nc -vz 80" and the message "nc: connect to port 80 (tcp) failed: Connection refused "
Thanks Anton for this nice explanation! However, an error shows up when ansible script runs: aws_instance.nginx (local-exec): fatal: [xxx]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'xxx' (ECDSA) to the list of known hosts. Received disconnect from xxx port 22:2: Too many authentication failures Disconnected from xxx port 22", "unreachable": true}
Looks like "This is usually caused by inadvertently offering multiple ssh keys to the server. The server will reject any key after too many keys have been offered." I found couple article that explain how to fix it 1. superuser.com/questions/187779/too-many-authentication-failures-for-username 2. www.tecmint.com/fix-ssh-too-many-authentication-failures-error/
@@AntonPutra Thanks for the tip! the solution was adding Host * IdentitiesOnly=yes to my ssh/config file! Keep up with your great videos and thanks again for sharing your knowledge!
Thanks, I liked and subscribed! I get an error during the terraform apply, after creating the instance I get this: Error: Error connecting to SSH_AUTH_SOCK: dial unix /run/user/1000/keyring/ssh: connect: permission denied Do you maybe know how I solve this?
Hi, Anton you are fantastic teacher. I really admire your work. I want you suggestion if I have a case that i create suppose 3 VM's use for_each then how to use ansible playbook for each VM in one go to install nginx on all VM's. Thanks in advance.
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
short and simple, this is always the type of video that i need. Thank you !
Thanks!
Clear and straight to the point, thank you.
Thanks
You did good my friend. Short videos is how you get and maintain your audience. Bravo +++ Terraform with Ansible remote-exec and local-exec the secret sauce 4:36
Thank you Don-Pierre😊
Excellent tutorial Anton ! Clear , concise and explained very well.Thank You very much for you efforts !
Glad it was helpful!
Hi from India 🇮🇳🙏.....super good explanation
Thank you, Bharath :)
Thank you very much for the small straight to the point and nice video !
Thank you for your feedback!
In this video, you can learn how to create AWS *VPC* and *EKS* cluster with *Terraform* - czcams.com/video/SJoDqR2VuuM/video.html
🔴UPDATED🔴: Terraform Ansible Integration - czcams.com/video/wVq5fwx1OQU/video.html
Available on December 20th
Yep, Lovin the content.
Here are some ideas -
Tools
1. ELK on AWS
2. If you know Kafka + Spark + AWS with Golang or Python, then content on it.
3. Istio on AWS
Concepts
1. Scaling, Performance, High Availability, Fault Tolerant architectures with DevOps.
2. Monitoring, Instrumentation and Observability.
3. Test automation framework.
What do you have in mind?
Would love to hear back from you :)
Thank you, I appreciate your feedback. I will finish terraform aws networking + EKS this week. I have another request for next week's - Terraform Tutorial for Beginners.
I am well aware of the tools and concepts that you listed. I will try to push it to a week after.
@@AntonPutra You can also do Kafka + Spark instead of just Kafka that would be amazing
@@JackReacher1 Are you interested in Spark Streaming or batch? We switched to Flink a year ago so, if you are interested I can do some tutorials on Flink as well :)
@@AntonPutra Streaming with Spark + Kafka. I dunno Flink. I'd prefer Spark + Kafka because they are more popular and so one can gain knowledge fast.
Awesome Manual . Thank you Anton you saved my training day :)
Thanks :)
Thank you very much, this is exactly the tutorial I was looking for a school project 👍
You’re welcome 😊
Thanks for the video! it is very helpful
Thanks for the feedback!
👉 How to Manage Secrets in Terraform - czcams.com/video/3N0tGKwvBdA/video.html
👉 Terraform Tips & Tricks - czcams.com/video/7S94oUTy2z4/video.html
👉 ArgoCD Tutorial - czcams.com/video/zGndgdGa1Tc/video.html
Where have you installed ansible?? On windows??
Awesome tutorial! Direct and what i needed. Thank you :)
Thanks!
Thanks Anton, very clear and helpful!
Great to hear!
Блин... Слушаю и не понимаю, почему речь такая четкая и внятная, в отличие от других видео на английском.
Посмотрел название канала и всё понял))
(thankyou|дякую|спасибо) за видосы, Антон) Наткнулся случайно на видос, но видимо это судьба-подписка.
spasibo =)
Excellent!!!
Thanks!
Hi Anton I watched terraform eks series. That was great.
Good to hear!
Short and helpful. Thank you
You're welcome!
❤
Nice job. Thank you for this
Thanks John!
thanks a lot sir . Really appreciate it.
You are most welcome
Nice Video, what happens if we change instance count to = 2, will the ansible-playbook run on both hosts ?
Yes, since this provisioner is part of the terraform resource. If you change to 2 it will create 2 resources and run provisioner with each of them.
Excellent..Thank you
Welcome!
this video helped me understand really good with an example, can you do a video with the sample example of how we can use Jenkins to do the CI.. i just wanted to understand the flow Terraform Code check in GIT, Jenkins CI to push the code to artifacts , Terrform provisions infrastructure, Ansible deploys.. i just know this theoritically but want to try this practically with your help!!
Thank you Prasad, I'll put it in my list.
great demo!
Thanks!
fantastic, but to me did not work, was necesseraly add an "sg_attachment" to SG work properly
thanks for the feedback
Thanks a lot for the tutorial and its really so much helpful. BTW don't we need to install ansible on the ubuntu VM first?
Welcome, no on the target system (ubuntu) you only need python to run ansible
Anton you should share this video/your channel on the odysee, too.
Thanks, maybe later:)
ty for useful video)
Are u from Russia or other slavic countries?
Best regards from your new subscriber)))
Thank you:) yes, I'm originally from Russia.
@@AntonPutra тогда ещё раз спасибо) Привет с Украины
@@notdeadpunk3615 pojaluyasta:)
This is all good but when I change the configration management code for ansible and do "tf apply", the terraform destroys the old instance and creates a new one. Only after then it applys the changed playbook.
I don't want to create a new instance every time I change the playbook.
Any solutions for that?
In general, it's against the best practice to use any provisioners (local or remote) with terraform including ansible.
You have two options:
1. Set up ansible separately (for example ansible tower)
2. Use immutable infrastructure, bake all the software, and config into the image itself.
@@AntonPutra I tried creating a custom ami with a flask app running in development mode but the app does not seem to start when I launch an instance with the ami.
Basically the app should start after reboot, but I am having a hard time figuring it out. How can I create custom ami in such a way that the app starts as soon as I launch an instance with that ami?
very clean and clear, do you have the same setup in gcp??
Thank you, about to make one in a week or two.
Thank for the knowledge share. Can we have more on this course please? . l will like to use ansible to manage docker volumes for terraform AWS . Any ideas of video or study materials
Thank you for the feedback. The best place to learn ansible, just search for specific modules (such as systemctl or docker) and use one of the provided examples. I will defiantly create more videos on this topic in the future.
Hi Anthon, Great video !!!!! I am do you have any info on integrating "Terraform + VM(of Vmware)"
Thanks, yes just use VMware vSphere Provider - registry.terraform.io/providers/hashicorp/vsphere/latest/docs
Great work, than you! :)
welcome :)
Can you start Terraform tutorial for beginners...request
Thank you for your feedback Bharath, I planning to finish the terraform aws vpc/eks tutorial this week and start on your request the week after.
@@AntonPutra thank you very much sir ...big bow 🙇♂️
@@letsspeakbharath you're welcome😊
Hi Anton. There 3 terraform playlis. Some are the same, some not. Please, can you take a look and put in order.
You can use this code to create eks from scratch without modules - github.com/antonputra/tutorials/tree/main/lessons/154/terraform
This one the same but with terraform modules - github.com/antonputra/tutorials/tree/main/lessons/125
Good job
Thanks
Hi, thank you for this video, can you please explain how did you get the vpc_id and the subnet_id in your main.trf? where can i find them in the AWS account?
Thank you Nahum, you can open AWS console and in the search bar type "VPC", then on the left-hand side you will see "Your VPCs" and the second link will be "Subnets". Under "Your VPCs" you will find vpc_id and under "Subnets" you will find sunet_id. Also, I started a new series explaining how to create AWS VPC with public and private subnets using terraform, it may help you as well.
@@AntonPutra
Hi Anton,
I used your lab tutorial in order to run it on my' n and i've got an error, and i thought you know this issue:
(my code syntax is like the one you have, only difference is, i'm running on windows.
This is the error i get when i trigger: terraform plan:
PS C:\Terraform\Ansible_Aws
oles
ginx\tasks> .\terraform.exe plan
Error: "0.0.0.0./0" is not a valid CIDR block: invalid CIDR address: 0.0.0.0./0
on main.tf line 16, in resource "aws_security_group" "nginx":
16: resource "aws_security_group" "nginx" {
Error: Invalid function argument
on main.tf line 63, in resource "aws_instance" "nginx":
63: private_key = file(local.private_key_path)
|----------------
| local.private_key_path is "C:\\Terraform\\Terraform\\main-key.pem"
Invalid value for "path" parameter: no file exists at
C:\Terraform\Terraform\main-key.pem; this function works only with files that
are distributed as part of the configuration source code, so if this file will
be created by a resource in this configuration you must instead obtain this
result from an attribute of that resource.
if you'll have the time to assist i'll be very greatfull.
@@nahum35 quick zoom call? (me@antonputra.com)
@@AntonPutra do you have a zoon id number to me send to make the call?
@@nahum35 us04web.zoom.us/j/78574511003?pwd=WGtjSlRGV0VWRyt5Q1RLY3FnQ2pydz09
Hai bro please make a video on view table using terraform gcp
What do you mean view table?
@@AntonPutra make a video using module in gcp terraform
Hi Anton
could you please tell me how to create and configure EC2 with LEMP stack using Terraform and Ansible in one go.
Well, just use ansible as a terraform local provisioner
Hi Anton,thanks for you time.i am facing the following error Error: Failed to read ssh private key: no key found
plese help on this
You need to download a public key and provide path to it in your terraform code. Here - github.com/antonputra/tutorials/blob/main/lessons/014/main.tf#L6
@sir, you have not installed ansible on Ubuntu machine.? But directly ansible working .do I missed any thing here.
Any how nice video ..🙏
You can install ansible with the following command "python -m pip install --user ansible"
@@AntonPutra why you do not include this step in your tutorial ?? Are you using a pre-build image with an ansible in it? I want to install ansible via "sudo apt install ansible" but before this, we must do "sudo apt update" while update is failing intermittently. - doing this via remote-exec.
It's nice how we can get into the video worflow
thanks!
Thank you!
Hello @Anton Putra
Can you please show us same for cloudwatch agent
Cloudwatch agent? CloudFormation?
If you were running this through azure devops pipelines, would you run it on a self-hosted agent so it has access to an ansible control node on the production network? I am missing that piece of information after that I think I understand how this will work in an enterprise environment
Yes, you would use cloud based IAM policies/roles with self hosted agents. It's more secure than hard coding them in the pipeline.
what ide are you using to handle yaml, tf etc
I'm using visual studio code. In the extensions section, you can find almost all existing file formats.
Hi Thanks for your great video. I would like to do the same thing with a windows instance on aws. But I'm struggling with the WinRM connection. Can you help with that? I know there's a way to install open_ssh a user_data script and use it with an ssh connection block. Thanks
Hi Nicanor, I'll help you but it will take a little bit of time.
@@AntonPutra So what do you suggest for a windows ec2 instance. The problem is that the password is known after the instance is created. I've a wait resource to have enough of time to grap it. But it didn't work
@@fopingn Unfortunately, I don't have a lot of experience with Windows EC2 instances.. Is there a way to use a private/public key to ssh to the instance? (for example create a key pair and use a public key for ansible to ssh) Also, right now I'm exploring AWS Session manager that allows you to ssh without uploading your public key on the first place. Not sure if it can be used with ansible/terraform..
@@AntonPutra thanks, I ll look for another solution
Question for who might know, I already created my EC2 instance as test using Terraform, what is the best way to configure it , I want to add the Apache server using Ansible...?
It depends, easiest way to install it manually. If you need to reproduce this setup elsewhere, one of the most popular config management tools is Ansible. Also, you can create AMI image with Packer.
How do I use ansible on my VM if it is behind a load balancer and using a private ip?
you have two options:
1. spin up a dedicated VM for ansible and run it playbooks from there (bastion host)
2. configure VPN, then you can run ansible from your laptop. This can help - czcams.com/video/yaXiAqH-4LE/video.html
Hiya Anton! Super informative video!! Im using terraform+ansible with a gcp instance and when I type in
'host = self.public_ip'
I get an error from terraform that 'This object has no argument, nested block, or exported attribute named
"public_ip"'.
Please can you help me solve this issue?
Thank you :)
Most likely you are using "google_compute_instance" terraform resource, you can find all exported attributes in this section - registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#attributes-reference
If you have openvpn in your cluster, you may want to use internal IP address - "network_interface.0.network_ip"
Or public one - "network_interface.0.access_config.0.nat_ip". Try to get all possible variables from "network_interface" exported block
@@AntonPutra You are amazing! Thank you, public one worked just great!
@@mindovermatter859 Thank you :)
Hi Thanks for your great video. I follow your video until the end... but i can access my ec2 via public IP, i have a errror "This site can’t be reached18.189.29.139 refused to connect." Can you help me fix it. Thank you very much
First of all, try to ssh to the instance and check if nginx is up and running by running "sudo systemctl status ngninx". You can also check if the port is open on the target machine by running from your machine "nc -vz 80"
@@AntonPutra Hi Anton, tks for your response, but i know the problem come to I can create web server Nginx. When create manual by ansible, everything ok, but when i combine terraform and ansible, i can access my instance ec2
@@AntonPutra when i was login instance and check service nginx, and i have the message "Unit ngninx.service could not be found."
And when i check port via command "nc -vz 80" and the message "nc: connect to port 80 (tcp) failed: Connection refused
"
Thanks Anton for this nice explanation!
However, an error shows up when ansible script runs:
aws_instance.nginx (local-exec): fatal: [xxx]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'xxx' (ECDSA) to the list of known hosts.
Received disconnect from xxx port 22:2: Too many authentication failures
Disconnected from xxx port 22", "unreachable": true}
Looks like "This is usually caused by inadvertently offering multiple ssh keys to the server. The server will reject any key after too many keys have been offered."
I found couple article that explain how to fix it
1. superuser.com/questions/187779/too-many-authentication-failures-for-username
2. www.tecmint.com/fix-ssh-too-many-authentication-failures-error/
@@AntonPutra Thanks for the tip! the solution was adding
Host *
IdentitiesOnly=yes
to my ssh/config file!
Keep up with your great videos and thanks again for sharing your knowledge!
Thanks, I liked and subscribed!
I get an error during the terraform apply, after creating the instance I get this: Error: Error connecting to SSH_AUTH_SOCK: dial unix /run/user/1000/keyring/ssh: connect: permission denied
Do you maybe know how I solve this?
Thank you, couldn't find anything meaningful in google regarding this issue
Hi,
While running this code, it is failing with handshake error. How to fix this issue
What kind of error? Check if you are using correct key pair and you may need to update ssh config if you have many pub keys.
I don't think 'become: yes' at the entire playbook level is a wise idea.
Agree, it just makes the development of an ansible-playbook easier but definitely not a best practice.
Hi, Anton you are fantastic teacher. I really admire your work. I want you suggestion if I have a case that i create suppose 3 VM's use for_each then how to use ansible playbook for each VM in one go to install nginx on all VM's. Thanks in advance.
Hi, thank you! I have an example please take a look - github.com/antonputra/tutorials/tree/main/lessons/101