I've been wondering what the best way of accomplishing this is:
- We have a number of customers
- Each customer has one or more (Oracle Weblogic) clusters
- Each cluster has an Admin node
- I want to generate an (passphrase-less) ssh key for the "oracle" user on
each Admin node
- The public key of the Admin node has to be installed on each node in the
cluster so that the "oracle" user on the Admin node can reach each node
non-interactively
I have a script that can be run on a host which prints out a list of
hostnames in the cluster, iff the host is an Admin node:
---
- hosts: APPS
sudo: yes
tasks:
- name: get cluster host list
script: /home/paul/ansible-cfg/etc/check-cluster.bash
register: clusterdata
- debug: var=clusterdata.stdout_lines
When run, I get the following output:
TASK: [debug var=clusterdata.stdout_lines]
************************************
ok: [user1.custabc.local] => {
"clusterdata.stdout_lines": [
"user1.custabc.local",
"user2.custabc.local",
"user3.custabc.local",
"user4.custabc.local"
]
}
ok: [user2.custabc.local] => {
"clusterdata.stdout_lines": []
}
ok: [user4.custabc.local] => {
"clusterdata.stdout_lines": []
}
ok: [user3.custabc.local] => {
"clusterdata.stdout_lines": []
}
user1.custabc.local is the Admin node here, APPS is the group of
application hosts (I limited the hosts to just one customer here).
Now I'd want to generate an ssh key on user1.custabc.local, and install the
public key in authorized_keys on the other hosts (it's not a problem if
it's also installed on user1.custabc.local as well.
I just have no idea how to realize this. At the moment the inventory only
lists all the hosts, not what hosts are Admin nodes and what nodes belong
together in a cluster. We're working on fixing our CMDB to include this
data, but it's not yet available. I could of course use the script to fetch
this info and then add that info to the inventory. Any tips on what would
be the best way to store this info in the inventory? I'm not very at home
with Ansible yet :-( so any tips gratefully accepted.
thanks,
Paul
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/fbd6a1e3-89b1-4cf7-9851-b572ba9e127f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
