Fedora Infrastructure Ansible Repository
Find a file
2012-11-06 18:22:57 +00:00
action_plugins fix up the plugin and the playbook 2012-10-30 22:31:53 +00:00
files add bashrc to pick up euca keys 2012-11-06 16:50:17 +00:00
handlers add restart_lighttpd 2012-11-02 04:46:35 +00:00
inventory Fix IP address 2012-11-06 18:15:33 +00:00
library add add_host plugin and module to local ansible tree for use until 0.9 is out 2012-10-30 21:55:42 +00:00
playbooks Add a test persistent host 2012-11-06 18:00:07 +00:00
scripts add note about terminate-instances 2012-11-06 18:22:57 +00:00
tasks make the ansible key addition and other users key addition a little less scary 2012-11-02 06:22:19 +00:00
vars silly python-ish vars 2012-10-26 17:24:31 +00:00
README add note about selecting an ip 2012-11-06 18:16:44 +00:00
TODO first commit to the ansible public repo 2012-10-08 19:35:54 +00:00

ansible repository/structure

files - files and templates for use in playbooks/tasks
      - subdirs for specific tasks/dirs highly recommended

inventory - where the inventory and additional vars is stored

library - library of custom local ansible modules

playbooks - collections of plays we want to run on systems

tasks - snippets of tasks that should be included in plays


public path for everything is:

 /srv/web/infra/ansible

private path - which is sysadmin-main accessible only is:

 /srv/private/ansible


In general to run any ansible playbook you will want to run:

sudo -i ansible-playbook /path/to/playbook.yml



cloud instances:
to startup a new cloud instance and configure for basic server use run (as
root):

el6:
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/el6-temp-instance.yml

f17: 
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/f17-temp-instance.yml


The -i is important - ansible's tools need access to root's sshagent as well
as the cloud credentials to run the above playbooks successfully.

This will setup a new instance, provision it and email sysadmin-main that
the instance was created, it's instance id (for terminating it, attaching
volumes, etc) and it's ip address.

You will then be able to login, as root.


Setting up a new persistent cloud host:
1. select an ip:
   sudo -i euca-describe-addresses
  - pick an ip from the list that is not assigned anywhere
  - add it into dns - normally in the cloud.fedoraproject.org but it doesn't
    have to be

2. set up the host/ip in ansible host inventory
   - add to ansible/inventory/inventory under [persistent-cloud]
     - either the ip itself or the hostname you want to refer to it as

3. setup the host_vars
   - create file named by the hostname or ip you used in the inventory

Contents should look like this (remove all the comments)

---
# 2cpus, 3GB of ram 20GB of ephemeral space
instance_type: m1.large 
# image id
image: emi-B8793915 
keypair: admin
# what security group to add the host to
security_group: webserver 
zone: fedoracloud 
# instance id will be appended
hostbase: hostname_base- 
# ip should be in the 209.132.184.XXX range
public_ip: $ip_you_selected
# users/groups who should have root ssh access
root_auth_users:  skvidal bkabrda 
description: some description so someone else can know what this is



4. setup a host playbook ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml
   Note: the name of this file doesn't really matter but it should normally
         be the hostname of the host you're setting up. 

- name: check/create instance
  hosts: $YOUR_HOSTNAME/IP HERE
  user: root
  gather_facts: False

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - ${private}/vars.yml

  tasks:
  - include: $tasks/persistent_cloud.yml

- name: provision instance
  hosts: $YOUR_HOSTNAME/IP HERE
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - ${private}/vars.yml
   - ${vars}/${ansible_distribution}.yml

  tasks:
  - include: $tasks/cloud_setup_basic.yml
  # fill in other actions/includes/etc here

  handlers:
  - include: $handlers/restart_services.yml


5. add/commit the above to the git repo and push your changes


6. set it up:
   sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml

7. login, etc

You should be able to run that playbook over and over again safely, it will
only setup/create a new instance if the ip is not up/responding.