Differences
This shows you the differences between two versions of the page.
linux_wiki:ansible-pull [2018/07/21 00:32] billdozor [Playbook: Role Example] |
linux_wiki:ansible-pull [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Ansible-Pull ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | The command ansible-pull, | ||
- | |||
- | **Checklist** | ||
- | * A software repo setup that can be reached by the client system (such as git or svn) | ||
- | |||
- | ---- | ||
- | |||
- | ====== Pre-Req: The VCS Repo ====== | ||
- | |||
- | You will need access to a software repo in order to commit/push your ansible-pull playbook into. | ||
- | |||
- | This repo will be used by the clients to pull from. | ||
- | |||
- | The repo visibility (public/ | ||
- | |||
- | ---- | ||
- | |||
- | ====== Playbook: About ====== | ||
- | |||
- | The ansible-pull playbook file will be the only part that looks different than a normal playbook/ | ||
- | |||
- | The entire role directory structure/ | ||
- | |||
- | ===== Playbook: Directory Stucture ===== | ||
- | |||
- | The directory structure for an Ansible Pull repo does not look that much different than Ansible' | ||
- | |||
- | If this method is followed, the same role can also be used on the system that does regular ansible-playbook push commands (referenced from a different playbook file). | ||
- | |||
- | <code bash> | ||
- | ├── myplaybook.yml | ||
- | └── myrole | ||
- | ├── files | ||
- | ├── handlers | ||
- | │ └── main.yml | ||
- | ├── tasks | ||
- | │ └── main.yml | ||
- | └── vars | ||
- | └── main.yml | ||
- | </ | ||
- | |||
- | ---- | ||
- | |||
- | ===== Playbook: Example ===== | ||
- | |||
- | Example of a playbook tailored for pulling. | ||
- | <code bash> | ||
- | # File: myplaybook.yml | ||
- | # Description: | ||
- | |||
- | # hosts to run on | ||
- | - hosts: | ||
- | - localhost | ||
- | |||
- | # roles: located in same directory | ||
- | roles: | ||
- | # role: role to assign to hosts, tags: tag(s) to give entire role | ||
- | - { role: myrole, tags: myrole } | ||
- | |||
- | # Do not gather host facts for this playbook (comment out/remove if you need facts) | ||
- | gather_facts: | ||
- | </ | ||
- | |||
- | ===== Playbook: Role Example ===== | ||
- | |||
- | Example of a role that can be used with either a pull playbook or normal playbook. | ||
- | |||
- | \\ | ||
- | File: myrole/ | ||
- | <code yaml> | ||
- | - name: Install my awesome app list | ||
- | yum: | ||
- | name: "{{ my_awesome_apps }}" | ||
- | state: present | ||
- | notify: restart my awesome service | ||
- | </ | ||
- | |||
- | \\ | ||
- | File: myrole/ | ||
- | <code yaml> | ||
- | my_awesome_apps: | ||
- | - myapp1 | ||
- | - myapp2 | ||
- | </ | ||
- | |||
- | \\ | ||
- | File: myrole/ | ||
- | <code yaml> | ||
- | - name: restart my awesome service | ||
- | service: | ||
- | name: my-awesome-service | ||
- | state: restarted | ||
- | </ | ||
- | |||
- | ---- | ||
- | |||
- | ====== The Client: Putting It All Together ====== | ||
- | |||
- | Steps for the client to run the playbook via ansible-pull. | ||
- | |||
- | Example with a git repo | ||
- | * Install ansible and git<code bash>yum -y install ansible git</ | ||
- | |||
- | * **If Using SSH Key Login** | ||
- | * Copy private ssh key to root's .ssh directory< | ||
- | * Ensure proper permissions< | ||
- | chmod 600 / | ||
- | |||
- | * Create a directory for ansible-pull to clone into< | ||
- | |||
- | * Run the ansible-pull command | ||
- | * **SSH Key Example**< | ||
- | * **HTTPS Example**< | ||
- | |||
- | Options Used | ||
- | * --directory | ||
- | * --url -> SSH or HTTPS url to clone from | ||
- | * --key-file | ||
- | * --accept-host-key | ||
- | * --clean | ||
- | * myplaybook.yml | ||
- | |||
- | ---- | ||
- | |||
- | ====== Beyond: Continuous Deployment ====== | ||
- | |||
- | Using ansible-pull, | ||
- | |||
- | Automation Ideas | ||
- | * Create a cron that runs an ansible-pull script | ||
- | * The script could provide logging for ansible-pull command output | ||
- | * Have the cron run frequently enough to pick up changes fast (every 15 minutes or so) | ||
- | |||
- | * Add an argument to the ansible-pull command to only execute if the remote repo has been updated< | ||
- | |||
- | * Create a branch for each type of environment systems are in. | ||
- | * Examples: | ||
- | * Unstable | ||
- | * Development | ||
- | * Testing | ||
- | * Production | ||
- | * Add protection to Development, | ||
- | * Use Unstable to test changes to a small group of systems | ||
- | |||
- | * Add an argument to the ansible-pull command to include the branch name for each environment. Development branch example< | ||
- | |||
- | ---- | ||