On Mon, 18 Nov 2019 16:57:20 -0500 Mauricio Tavares <[email protected]> wrote:
> By playbook per function I mean something like a web.yml > playbook which defines how all the webservers are put together. Of > course we could then define variables associated with host groups and > hosts themselves to take care of the local idiosyncrasies that make > them unique (location, fw rules it it has more than one IP, which repo > it should be sucking data from, etc). > > Now what about network thingies such as routers, switches, traffic > monitoring appliances, and whatnots? Should they all be inside, say, > network.yml and then do the same as above? Maybe even having different > > - hosts: > - switches > vars: > roles: > > - hosts: > - scan > vars: > roles: > > - hosts: > - routers > vars: > roles: > > within the same playbook. After all I can run ansible specifying I > want this playbook to be only applied to that host or group of hosts. > Or just have one playbook for each of these groups. I see pros and > cons on each of them but am curious about what is The Proper Way <tm>. > > Thoughts? Such flexibility is available at the project level provided by ansible-runner. Take a look at "Runner Input Directory Hierarchy" https://ansible-runner.readthedocs.io/en/latest/intro.html#inputdir Keep the roles and playbooks modular and as simple as possible. This will make both security screening and maintenance easier. Put the elements (roles, playbooks, inventory, ...) together by linking the directories and files into a projects. To deliver and integrate, such projects can be encapsulated in Python. See "Using Runner as a Python Module Interface to Ansible" https://ansible-runner.readthedocs.io/en/latest/python_interface.html Cheers. -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20191119022951.57621e38%40gmail.com.
pgp8Ff_r1vQz9.pgp
Description: OpenPGP digital signature
