Am 08.01.2015 um 19:29 schrieb Alan McKinnon: > The directory layout in the best practice page is indeed way more than > you need, it lists most of the directories in common use across a wide > array of deployments. In reality you create just the directories you need. > > Global stuff goes in the top level (like inventory). > Variables for groups and individual hosts go into suitably named files > inside group_vars and host_vars. > Roles have a definite structure, in practice you'll use tasks/ and > templates/ a lot, everything else only when you need them. > > This is a good design I feel. If a file describes variables, you don't > have to tag it as such or explicitly include it anywhere. Instead, files > inside a *vars/ directory contain variables, the system knows when to > use them based on the name of the file. It's really stunningly obvious > once you train your brain to stop thinking in terms of complexity :-)
Thanks a lot ... I spent some time with it already and learn to like it ;) I am nearly done with setting up an inventory file for all the customer boxes I am responsible for. Just using the ad-hoc-commands is very useful already! For example I could store the output of the "setup" module for local reference ... this gives me loads of basic information. I know it is not a backup program but I think I could also use it to rsync all the /etc directories to my ansible host? Or trigger a "git push" on the remote machines to let them push their configs up to some central git-repo I provide here (having /etc and the @world-file is quite a good start here and then ... ). It is also great to be able to check for let's say shellshock-vulnerability by adding a playbook and running it to all/some of the servers out there ... I am really starting to come up with lots of ideas! My current use case will be more of an inventory to track all the boxes ... deploying stuff out to them seems not so easy in my slightly heterogeneous "zoo". But this can lead to a more standardized setup, sure. One question: As far as I see the hostname in the inventory does not have to be unique? I have some firewalls out there without a proper FQDN, so there are several "pfsense" lines in various groups (I have now groups in there with the name of the [customer] and some of them have child groups like [customer-sambas] ...). I would like to be able to also access all the ipfires or sambas in another group ... so I would have to list them again in that group [ipfires] ? Thanks for the great hint to ansible, looking great so far! Stefan
