So years later I'm still struggling with this :) The way I'm using Ansible at the moment currently gives me the ability to easily target any host or group of hosts that make up any web project we have. It works and it feels like I'm utilising one of the major selling points of Ansible in this regard. The issues arise where projects diverge from the "standard setup" and require additional roles or setups applied to them and for this use case, my setup doesn't feel right and I'm unhappy with it.
I use Ansible to bringing up a basic type of machine and let other processes/configuration tools/developers deploy their project to it. Perhaps I need to rethink what I'm using Ansible for i.e. is it to bring up a basic environment or is it to fully provision an environment and project and its dependencies. Current structure: files/ (public ssh keys and the like) galaxy_roles/ group_vars/ (each project has its own group vars) all project1_web/ project1_db/ project2_web/ project2_db/ project3 backups host_vars/ (not used) roles/ templates/ (just used for firewall rule templates) utils/ (adhoc commands that I sometimes use) ansible.cfg hosts play_webservers_lamp.yml play_webservers_lemp.yml play_project3.yml play_backups.yml requirements.yml Hosts: ; Webservers [webservers:children] webservers_lamp webservers_lemp [webservers_lemp:children] project1_web project2_web ; Backup systems [backup_systems] backups ; Individual hosts [project1_web] project1_web1 ansible_host=1.1.1.1 [project2_web] project2_web1 ansible_host=2.2.2.2 [backups] backups1 ansible_host=9.9.9.9 In this case the idea is, project1_web is a group of identical web servers belonging to project1. Similarly, I imagine I'd create project1_db for a group of database servers belonging to the same project. project1_web and project2_web in this case might be LEMP servers which are only differ in subtle ways, which can be handled using group configurations - think resource allocation e.g. swapfile size, memcache limit, php max memory etc. but also which php packages to install for a project and firewall rules. Most of the projects either fall under the webservers_lamp or webservers_lemp groups, which have slightly different plays. Occasionally, we'll get an odd-ball that doesn't fit in to these two groups neatly e.g. project3.yml and backups.yml which may be completely different setups or not web servers at all. So the goal is to achieve a good separation for each project and environment, but also to leverage Ansible's main selling point as I see it, which is that if I need to adjust a global configuration parameter and apply that to all systems in every project, that's still possible. Likewise, if I wanted to run an adhoc command across every system I can, instead of potentially needing to manually run a play from every project's directory. If I need to do that, I may as well not use Ansible. If anyone has any better ideas of how I could improve my setup I'd love to hear them. Thanks, Jamie -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4a2b0732-5d92-412f-b2fd-f7baa6068c95%40googlegroups.com.
