MAAS Terraform Ansible Integration

Today, I will introduce the MAASTA project for integrating MAAS, Terraform and Ansible tools together for achieving an end to end automation in the DevOps lifecycle. Before continuing, let me explain some concepts, describe what the problem was and what MAASTA does to solve that dead-end job. Let’s get the ball rolling with concepts.

What is an End to End Automation?

In the DevOps lifecycle, each step has a semantic connection with the previous and the next step. In each one, we use different tools that may not connect directly with others. For example, in Deployment, we may use several tools like Terraform and Ansible that don’t have any direct connections. Even though there is no direct connection between Terraform and Ansible, but in the real world, the Terraform is used to provision cloud instances, Bare-metals, VMs, etc., and the Ansible is used to configure systems that are provisioned by the Terraform in the previous step. The big question is how Ansible can discover those machines to configure them when there is no way to connect the output of the Terraform to the input of the Ansible to introduce them to Ansible.

The traditional way is to run the Terraform to provision machines, write the Ansible inventory of those machines manually, and run the Ansible to configure those ones, but in the end to end automation, the edge of the independent tools are connected in an automated manner. So to speak, the end to end automation is an approach to develop the DevOps lifecycle exactly all in an automated way, without any human interaction or manual process. all works should be done automatically.

Terraform and Ansible Integration on the public clouds:

End to End Automation is not a new topic in DevOps! So, for integrating tools like Terraform and Ansible to achieve an end to end automation, several tools are developed nowadays, but all of them is used to integrate the Terraform and Ansible for instances that are provisioned by the Terraform on public clouds like AWS, GCP, etc. For integration in such environments, search “Terraform Ansible Integration” on Google.

End to End Automation in on-premises:

In on-premises environments that we use our infrastructures, Bare-metals, VMs, etc., we have to use a tool to turn them into a cloud-like environment. We should do that to continue the next steps in a standard fashion because the standard ways are some things that are created based on the best practices. Moreover, we may want to migrate our infrastructure to the public clouds in future, and in such situations, we should be able to migrate the whole system with minimal changes in structures, technologies, etc.

MAAS Terraform Ansible Integration:

One of the tools that we use to turn our on-premises infrastructure into the cloud is MAAS. MAAS is an ideal tool to create a Bare-metals, VMs cloud in on-premises environments. I chose it because it has a provider for Terraform. With the Terraform MAAS provider, you can provision instances without any direct human interactions. After that, it’s time to configure instances that are provisioned previously by the Terraform, but how Ansible can discover those instances, machines. THE BIG PROBLEM!!!

As I said previously, for public clouds instances, there are several tools find to discover instances that are provisioned by the Terraform to create an Ansible inventory for them, but for instances that are provisioned by the MAAS, no solution found just till now. Welcome to MAASTA.

GitHub - ssbostan/maasta: MAAS Terraform Ansible

MAASTA is a tool to generate Ansible inventory for MAAS instances that are provisioned by the Terraform. With MAASTA, you can integrate MAAS, Terraform, and Ansible together to achieve an end to end automation in your on-premises environments. With the aid of the MAASTA and these tools, the DevOps lifecycle creation becomes sweeter.

Get started from Zero to Full Automation:

Before start, you need the following requirements:

• MAAS 2.9+ installed environment with some READY machines.
• A workstation machine with access to the MAAS server.

Step 1: Configuring the Workstation machine:

The workstation machine should have the following requirements:

• OpenSSH + Private/Public key
• Python 3+ (python3-pip should be installed)
• Terraform 1+
• Ansible 2.7+

Step 2: Configuring the MAAS:

Open up the MAAS dashboard, add the SSH public key of your workstation machine, and create a new API key for Terraform provider.

MAAS with some READY machines.

Upload your SSH public key to the MAAS.

Create new API key for the Terraform.

Step 3: Installing the MAASTA:

On the workstation machine run the following command:

sudo pip install git+https://github.com/ssbostan/maasta.git

Step 4: Writing a Terraform file (IaC):

You can find some examples in the MAASTA project repository.

The following example is found here.

terraform {
  required_providers {
    maas = {
      source = "suchpuppet/maas"
      version = "~> 3.1.3"
    }
  }
}
variable "MAAS_API_KEY" {
  type = string
}
variable "MAAS_API_URL" {
  type = string
  default = "http://192.168.10.2:5240/MAAS"
}
provider "maas" {
  api_version = "2.0"
  api_key = var.MAAS_API_KEY
  api_url = var.MAAS_API_URL
}
resource "maas_instance" "docker" {
  release_erase = false
  release_erase_quick = true
}

Step 5: Writing an Ansible playbook (IaC):

You can find some examples in the MAASTA project repository.

The following example is found here.

---
  - hosts: docker
    vars:
      docker_old_packages:
        - docker
        - docker-engine
        - docker.io
        - containerd
        - runc
docker_required_packages:
        - apt-transport-https
        - ca-certificates
        - curl
        - gnupg
        - lsb-release
docker_new_packages:
        - docker-ce
        - docker-ce-cli
        - containerd.io
tasks:
      - name: update apt cache and upgrade system
        apt:
          update_cache: yes
          upgrade: yes
- name: remove old packages
        apt:
          name: "{{ docker_old_packages }}"
          state: absent
- name: install required packages
        apt:
          name: "{{ docker_required_packages }}"
          state: present
- name: adding docker repository key
        apt_key:
          url: https://download.docker.com/linux/ubuntu/gpg
          state: present
- name: adding docker package repository
        apt_repository:
          repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_facts.lsb.codename }} stable
- name: install docker
        apt:
          name: "{{ docker_new_packages }}"
          state: present

Step 6: Start the party!

The above example, Terraform and Ansible, will provision a new MAAS machine with Terraform, and the Ansible installs the Docker on machines that are in the docker group. Let’s get started.

export MAAS_API_URL=http://YOUR-MAAS-API-URL:5240/MAAS
export MAAS_API_KEY=YOUR-MAAS-API-KEY
export TF_VAR_MAAS_API_URL=$MAAS_API_URL
export TF_VAR_MAAS_API_KEY=$MAAS_API_KEY
terraform init
terraform plan
terraform apply -auto-approve
# Wait for Terraform to complete...
terraform show -json | python -m maasta
# The above command creates the inventory.yaml file.
ansible-playbook -i inventory.yaml -b playbook.yaml

The final conclusion:

The end to end automation is a great approach, but sometimes it’s so difficult to achieve that in a standard path. For public clouds, various tools are found, but for on-premises, not enough tools and ways are found! The MAASTA is the first movement for achieving an end to end automation. We should create standard paths! Don’t hesitate! Your contribution is necessary to make a better world. Good luck.

Follow my LinkedIn https://www.linkedin.com/in/ssbostan