Fedora Infrastructure Ansible Repository
| action_plugins | ||
| files | ||
| handlers | ||
| inventory | ||
| library | ||
| playbooks | ||
| scripts | ||
| tasks | ||
| vars | ||
| README | ||
| TODO | ||
ansible repository/structure
files - files and templates for use in playbooks/tasks
- subdirs for specific tasks/dirs highly recommended
inventory - where the inventory and additional vars is stored
library - library of custom local ansible modules
playbooks - collections of plays we want to run on systems
tasks - snippets of tasks that should be included in plays
public path for everything is:
/srv/web/infra/ansible
private path - which is sysadmin-main accessible only is:
/srv/private/ansible
In general to run any ansible playbook you will want to run:
sudo -i ansible-playbook /path/to/playbook.yml
cloud instances:
to startup a new cloud instance and configure for basic server use run (as
root):
el6:
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/el6-temp-instance.yml
f17:
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/f17-temp-instance.yml
The -i is important - ansible's tools need access to root's sshagent as well
as the cloud credentials to run the above playbooks successfully.
This will setup a new instance, provision it and email sysadmin-main that
the instance was created, it's instance id (for terminating it, attaching
volumes, etc) and it's ip address.
You will then be able to login, as root.
Setting up a new persistent cloud host:
1. select an ip:
sudo -i euca-describe-addresses
- pick an ip from the list that is not assigned anywhere
- add it into dns - normally in the cloud.fedoraproject.org but it doesn't
have to be
2. set up the host/ip in ansible host inventory
- add to ansible/inventory/inventory under [persistent-cloud]
- either the ip itself or the hostname you want to refer to it as
3. setup the host_vars
- create file named by the hostname or ip you used in the inventory
Contents should look like this (remove all the comments)
---
# 2cpus, 3GB of ram 20GB of ephemeral space
instance_type: m1.large
# image id
image: emi-B8793915
keypair: admin
# what security group to add the host to
security_group: webserver
zone: fedoracloud
# instance id will be appended
hostbase: hostname_base-
# ip should be in the 209.132.184.XXX range
public_ip: $ip_you_selected
# users/groups who should have root ssh access
root_auth_users: skvidal bkabrda
description: some description so someone else can know what this is
4. setup a host playbook ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml
Note: the name of this file doesn't really matter but it should normally
be the hostname of the host you're setting up.
- name: check/create instance
hosts: $YOUR_HOSTNAME/IP HERE
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- ${private}/vars.yml
tasks:
- include: $tasks/persistent_cloud.yml
- name: provision instance
hosts: $YOUR_HOSTNAME/IP HERE
user: root
gather_facts: True
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- ${private}/vars.yml
- ${vars}/${ansible_distribution}.yml
tasks:
- include: $tasks/cloud_setup_basic.yml
# fill in other actions/includes/etc here
handlers:
- include: $handlers/restart_services.yml
5. add/commit the above to the git repo and push your changes
6. set it up:
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml
7. login, etc
You should be able to run that playbook over and over again safely, it will
only setup/create a new instance if the ip is not up/responding.