Try to group things by common properties.
Create a role that deploys ntpd, and use those common properties to
construct a configuration file using a jinja2 template. That's in
general the approach I take.
When I found my templates getting crazy complex, it sometimes meant my
infrastructure was in fact too complex.
I think you can get away with three types of configs:
1. the GPS based master server
2. the machines that use the master and each other to peer with: 'peers'
3. clients that use all/any of the above
You can then define a few groups
[ntp-servers]
master
peer1
peer2
peer3
peer4
[slaves]
ec2-a
ec2-b
ec2-c
ec3-d
You can then define a var that contains the list of all the ntp-server
except the one that the host in question:
- set_fact:
peers: "{{ groups['ntp-server'] | difference(inventory_hostname) }}"
Set up a template task:
- name: ntpd config file
template:
dest: /etc/ntp.conf
src: ntp.conf.j2
Where the template looks like for the ntp-servers:
# Use all NTP peers except myself ({{ inventory_hostname }})
{% for peer in peers %}
server {{ hostvars[peer]['ansible_fqdn'] }}
{% endfor %}
Regarding the Amazon specific settings, it's probably easiest to use a
group variable that holds a list of NTP servers, based on the
ec2_region var.
There are many ways to expand this.
BTW - what do you mean by "Locally I have one GPS enabled NTP server"?
If that means that it sits at your home, and you want your ec2
instances to source their clock from it, then that's defeating the
purpose of cloud infrastructure I think...
Dick
On 23 July 2017 at 23:30, Peter Ankerstål <[email protected]> wrote:
> Hi!
>
> I pretty new to ansible and I have tried to read the docs on how to best
> differentiate configurations.
>
> Everything seems very clean if every server have a _very_ specific purpose
> like "dbserver" or something. But Im having a hard time to figure this out
> in my pretty small environment of 10 machines where the servers have several
> roles.
>
>
> One example could be my NTP setup:
>
> I have ~10 server managed by ansible. Half of them live in aws ec2 and half
> in my home. Now, I would like to configure NTP on all these servers in a
> sensible and effective way.
>
> The amazon servers I would like to have different "ntp servers" for
> different availability zones or sites.
>
> Locally I have one GPS enabled NTP server which is the "master".
> - I want this "master" to peer with one or two other ntp-servers at home.
> - This means I need different configs for every peer and aslo the master.
>
> I also have several machines that would just just use the "master" and its
> peers as servers.
>
> This gives me 7-10 different NTP configurations and Im not sure how to use
> roles, groups, variables and templates to differentiate these configs.
>
> I would be very happy to receive suggestions on how to manage this kind of
> setup with ansible.
>
> Thanks!
>
> /Peter.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b371f7c4-b432-47f1-a5ae-80d4ff287ccc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Dick Visser
Sr. System & Network Engineer
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAL8fbwMMv3Uvz9UMCaJmeY3weK-WQ_aqYKuFG53bEdHz__%2BRUA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
