Hi
maybe it's a silly question but I have been working with ansible since a
year ago and still not comfortable with I organize my hosts. My scenario is
quite easy, you'll see:
- we have lot of ubuntu servers, most of them are: or apache, or sql, or
lamp (apache+sql)
- some of servers are pre and others pro environment
so when I have to create (provisioning) a new machine I do some steps as
create vm, setup fqdn and ip, add new fqdn to my ansible inventory and run
playbook.
Problem: I have lot of ubuntu servers, how is the best to organize them in
my inventory?
[hosts:children]
vm
[vm:children]
ubuntu
[ubuntu:children]
webservers
database
lamp
so I have the hosts "lamp1.example.com" which is a apache, php and sql
vps...in which group I will allocate this new hosts?
Webserver? well, lamp1 it's a webserver (apache) so it'r right
Database? it has a mysql instance so is also an database
lamp? of course, it's a lamp vps so lamp group also is appropiated
Now this is my first problem...then the second. I have the group_vars
folder which playbook.yml will look when a ansible recipe is executed. I
have a role called fail2ban. I want to apply some variables to "all" groups
for this role but for the apache servers I also want to setup another vars:
# file group_vars/apache
fail2ban_services:
- name: ssh
port: ssh
filter: sshd
logpath: /var/log/auth.log
- name: apache
port: http,https
filter: apache-auth
logpath: /var/log/apache*/*error.log
maxretry: 6
# file group_vars/all
fail2ban_services:
- name: ssh
port: ssh
filter: sshd
logpath: /var/log/auth.log
this is related with the first problem, I have to organize the hosts in a
proper way for later be sure the vars will be applied correctly.
How you will fix this problem? Meantime, I have removed lot of groups to
simplify my inventory. Now I just divide my host between ubuntu and centos
and the role of hosts: webserver, database, lamp, lemp, etc
Any comment is highly appreciated!
Thanks!
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/ac5c1de9-cc2a-443b-b08b-76b6a3bab899%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
