Clever Geek Handbook

Ansible basics, without which your playbooks are clump of pasta, part 2

I continue to expressively retell Ansible's documentation and analyze the consequences of not knowing it (link to the previous part) .



In this part, we discuss inventories. I also promised variables, but inventory turned out to be a big topic, so we devote a separate article to it.



We will analyze each element of the inventory (except host_group_vars plugin) and discuss why it is, how to use it correctly, and how it is wrong.



Table of contents:



  • What is a Host? (and a little about transports)
  • IP vs FQDN access; inventory_hostnamevsansible_host
  • ansible_user - to write or not to write?
  • Groups
  • Variables: Inventory or Playbook?
  • Classification of inventories by origin.


Inventory is a list of hosts, groups, as well as auxiliary variables. Studying the basics, we will analyze each moment in detail, with a search for how "should" and condemnation of "how not".



Inventory: hosts



The host in the inventory is the elements of the dictionary hostsfor the group in the yaml-inventory (in the ini-inventory, this is the first element of the line):



    somegroup:
        hosts:
           somehost1:
           somehost2:


somehost1, somehost2 are hosts.



"" , ? , , — , . . , VM, , , ipmi' ..



: , - . , : , ssh ( , ); ( ); , lxc-. , - .



: - , , . libvirt. , — "vms" - . : , - ssh ...



… - , include_role: configure_vm, ansible_host, ssh vm_ip somecommand,… , .



: , - () .



: Openstack' , API ? ?



: . . , , "".



: management_ip ?



: - ( dlink_configure) - , . , , , .



, - :

) ( - ).

) (delegate_to).



, , . -, ( ) . . - localhost project-global ( — ). -, -, , all ( all ). WTF , . -, ( -) .



: ansible_host vs FQDN



, inventory_hostname, ansible_host, .



, "", , play — , .



""? "connection plugin" , (, , , ). - . ssh ( -), . , : ansible_host, ansible_user, ansible_port . . . , lxc ( lxc-execute), ?



ansible_host , inventory_hostname. — .



:



---
somegroup:
  hosts:
     somehost:
         ansible_host: 254.12.11.10


somehostinventory_hostname. ansible_host, inventory_hostname. , , , .



inventory_hostname, ansible_host , . , . " " . . , lxc . ssh ( , ) - .



-, ~/.ssh/ssh_config ( , ). , , ssh - . .. ( ) - , ( ) . , jump-, ssh-. , . ssh_config ( ssh_config), ssh gethostbyname(). libc, . , , (/etc/nsswitch.conf, /etc/hosts) DNS- ( ). , , , DNS-, , CNAME … , .



, , : SSH, ( ) ansible_host IP-.



, . .



-, host-local (ssh_config, /etc/hosts), . -, . CI, . , , - (?) , . ( ), . .



, , . , /etc/hosts . , .



DNS, . DNS ? / , . , , CI? - , DNS- — . . .



, . ansible_host inventory_hostname ?

" ". setup :



    - name: Ping neighbor
      command: ping -c 1 {{ neighbor_ip }} -w 1
      changed_when: false
      vars:
        neighbor_ip: '{{ (hostvars[item].ansible_all_ipv4_addresses|ipaddr(public_network))[0] }}'
      with_items: '{{ groups[target_group] }}'


( public_network , target_group).



, , . 99% " ". , ansible_host IP-, . setup. . ansible_host IP- , , "- IP ", (!) , IP- "access address" , .. . .



… : , (- ) DNS? , . , , , IP. , .



: ansible_user



: ? , . , .



  1. - "" ? , ansible_user .
  2. "" ? , ansible_user .
  3. , -u ansible-playbook , , . . , CI -u ( ), .
  4. . , 'me'. . — m.gavriilicheynko. .
  5. , ansible-playbook -e ansible_user=ci ( CI, ) , ( , ).
  6. " " ( , ), -u, .


( , ), ansible_user "" (.. , ). — ansible_user (, ..), ansible_user .





, " ", "". , . — , .



Ansible?



-, " " ( hosts play groups). -, , . , , ( hosts , ). , , . .



( — , ):



  1. play. ( hosts). , 'prometheus' , Prometheus.
  2. - . , , (" " ), , - , , — () .
  3. .


, , .

— . , , (, play) — . , , .



. — . jc-r4, xcore-lu1 ams1-se-r2, "netflow_collectors". ? , , , , , / , .



. , , — , , , . .



, — . , " ".



— , .



— play. , play ( — docker). , play ( ), , play.



. — .



:



---
foo:
   hosts:
      foo1:
      foo2:

bar:
  hosts:
      bar1

foobar:
  children:
     foo:
     bar:


— . play - . ( , , , , , , grafana-servers mons — mgrs ).



" mgrs mons" . DRY (do not repeat yourself, ) , .



.



— - , "" . group_by add_host .



, . , ( ). , , . , — . — , . , --limit. group_by, , .. --limit . [always], . , group_by — , inventory . .



, "" (.. ). , — ? ( "", hashmap, map, object, ..). , . , ( 2.4 play: order, inventory).



? , :



  1. groups.somegroup[0] " ". , , . . .
  2. (, pg_hba.conf, allowed nginx.conf, etc). , changed. , reload', changed . - , , .


, "", .



. , openstack', Openstack, , , . ( , , — , ""). . . ( ) . - -. , . , staging . , - - . --, , . - . , . - - ? , "". ? , . … , . IP, . , . . , .



, , , , , . , , - , .



:



— . , , . play , ( DRY) , "" (variable precedence). , , , .



… : ?



. — . , ( jinja). "". "" ?



- "", - "", - "". ( ""). , ( ). , — .



"" . , , ansible_host, hostvars .. ( , , ). .



, , ( ) "", ( ) — "". , .



… . , , , ( best practices, — , ). "" , , , , .



" " . . DRY , , — - . .



: , java- , ?



: , (, ), . — staging production, .



: localhost, ( nginx proxy_pass), ?



: , .



: — ?

: , . , , — .



, . , : " "? , — , .





, . ?



, " ".



— . production.yaml, staging.yaml, production/ staging/, , . () . " " . . , . , " " ( , , , etc).



— . - git , , , - git . , . - (ansible, ceph, openshift, etc) . , . API, "" . , , , , .



. , . ( , , ). "" — () , (, , ceph-ansible' RGW ).



— ( ). , . CI — . — . — , , . DRY, . . .



. , — 3000 10 , , — , CI.





— . , , , , .



. 



ansible-playbook -i inventory1.yaml -i inventory2.yaml play.yaml


" ". - ( ), (, inventory2.yaml users: [...], inventory1.yaml).



? , , , .



: (host_vars/, group_vars ). , ( ) (). Edge case, .



" " / . , , , , , . " ". .





:



  • : , Jinja , scope precedence . , ? ?


More articles:


All Articles