133 lines
3.5 KiB
Text
133 lines
3.5 KiB
Text
ansible repository/structure
|
|
|
|
files - files and templates for use in playbooks/tasks
|
|
- subdirs for specific tasks/dirs highly recommended
|
|
|
|
inventory - where the inventory and additional vars is stored
|
|
|
|
library - library of custom local ansible modules
|
|
|
|
playbooks - collections of plays we want to run on systems
|
|
|
|
tasks - snippets of tasks that should be included in plays
|
|
|
|
|
|
public path for everything is:
|
|
|
|
/srv/web/infra/ansible
|
|
|
|
private path - which is sysadmin-main accessible only is:
|
|
|
|
/srv/private/ansible
|
|
|
|
|
|
In general to run any ansible playbook you will want to run:
|
|
|
|
sudo -i ansible-playbook /path/to/playbook.yml
|
|
|
|
|
|
|
|
cloud instances:
|
|
to startup a new cloud instance and configure for basic server use run (as
|
|
root):
|
|
|
|
el6:
|
|
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/el6-temp-instance.yml
|
|
|
|
f17:
|
|
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/f17-temp-instance.yml
|
|
|
|
|
|
The -i is important - ansible's tools need access to root's sshagent as well
|
|
as the cloud credentials to run the above playbooks successfully.
|
|
|
|
This will setup a new instance, provision it and email sysadmin-main that
|
|
the instance was created, it's instance id (for terminating it, attaching
|
|
volumes, etc) and it's ip address.
|
|
|
|
You will then be able to login, as root.
|
|
|
|
|
|
Setting up a new persistent cloud host:
|
|
1. select an ip:
|
|
sudo -i euca-describe-addresses
|
|
- pick an ip from the list that is not assigned anywhere
|
|
- add it into dns - normally in the cloud.fedoraproject.org but it doesn't
|
|
have to be
|
|
|
|
2. set up the host/ip in ansible host inventory
|
|
- add to ansible/inventory/inventory under [persistent-cloud]
|
|
- either the ip itself or the hostname you want to refer to it as
|
|
|
|
3. setup the host_vars
|
|
- create file named by the hostname or ip you used in the inventory
|
|
|
|
Contents should look like this (remove all the comments)
|
|
|
|
---
|
|
# 2cpus, 3GB of ram 20GB of ephemeral space
|
|
instance_type: m1.large
|
|
# image id
|
|
image: emi-B8793915
|
|
keypair: admin
|
|
# what security group to add the host to
|
|
security_group: webserver
|
|
zone: fedoracloud
|
|
# instance id will be appended
|
|
hostbase: hostname_base-
|
|
# ip should be in the 209.132.184.XXX range
|
|
public_ip: $ip_you_selected
|
|
# users/groups who should have root ssh access
|
|
root_auth_users: skvidal bkabrda
|
|
description: some description so someone else can know what this is
|
|
|
|
The available images can be found by running::
|
|
sudo -i euca-describe-images | grep emi
|
|
|
|
4. setup a host playbook ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml
|
|
Note: the name of this file doesn't really matter but it should normally
|
|
be the hostname of the host you're setting up.
|
|
|
|
- name: check/create instance
|
|
hosts: $YOUR_HOSTNAME/IP HERE
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- ${private}/vars.yml
|
|
|
|
tasks:
|
|
- include: $tasks/persistent_cloud.yml
|
|
|
|
- name: provision instance
|
|
hosts: $YOUR_HOSTNAME/IP HERE
|
|
user: root
|
|
gather_facts: True
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- ${private}/vars.yml
|
|
- ${vars}/${ansible_distribution}.yml
|
|
|
|
tasks:
|
|
- include: $tasks/cloud_setup_basic.yml
|
|
# fill in other actions/includes/etc here
|
|
|
|
handlers:
|
|
- include: $handlers/restart_services.yml
|
|
|
|
|
|
5. add/commit the above to the git repo and push your changes
|
|
|
|
|
|
6. set it up:
|
|
sudo -i ansible-playbook /srv/web/infra/ansible/playbooks/hosts/$YOUR_HOSTNAME_HERE.yml
|
|
|
|
7. login, etc
|
|
|
|
You should be able to run that playbook over and over again safely, it will
|
|
only setup/create a new instance if the ip is not up/responding.
|
|
|
|
|
|
|