Best way to differentiate configurations
25 views
Skip to first unread message
Peter Ankerstål
Jul 23, 2017, 5:30:56 PM7/23/17
to Ansible Project
Hi!
I pretty new to ansible and I have tried to read the docs on how to best differentiate configurations.
Everything seems very clean if every server have a _very_ specific purpose like "dbserver" or something. But Im having a hard time to figure this out in my pretty small environment of 10 machines where the servers have several roles.
One example could be my NTP setup:
I have ~10 server managed by ansible. Half of them live in aws ec2 and half in my home. Now, I would like to configure NTP on all these servers in a sensible and effective way.
The amazon servers I would like to have different "ntp servers" for different availability zones or sites.
Locally I have one GPS enabled NTP server which is the "master".
- I want this "master" to peer with one or two other ntp-servers at home.
- This means I need different configs for every peer and aslo the master.
I also have several machines that would just just use the "master" and its peers as servers.
This gives me 7-10 different NTP configurations and Im not sure how to use roles, groups, variables and templates to differentiate these configs.
I would be very happy to receive suggestions on how to manage this kind of setup with ansible.
Thanks!
/Peter.
Dick Visser
Jul 24, 2017, 6:46:40 PM7/24/17
to ansible...@googlegroups.com
Try to group things by common properties.
Create a role that deploys ntpd, and use those common properties to
construct a configuration file using a jinja2 template. That's in
general the approach I take.
When I found my templates getting crazy complex, it sometimes meant my
infrastructure was in fact too complex.
I think you can get away with three types of configs:
1. the GPS based master server
2. the machines that use the master and each other to peer with: 'peers'
3. clients that use all/any of the above
You can then define a few groups
[ntp-servers]
master
peer1
peer2
peer3
peer4
[slaves]
ec2-a
ec2-b
ec2-c
ec3-d
You can then define a var that contains the list of all the ntp-server
except the one that the host in question:
- set_fact:
peers: "{{ groups['ntp-server'] | difference(inventory_hostname) }}"
Set up a template task:
- name: ntpd config file
template:
dest: /etc/ntp.conf
src: ntp.conf.j2
Where the template looks like for the ntp-servers:
# Use all NTP peers except myself ({{ inventory_hostname }})
{% for peer in peers %}
server {{ hostvars[peer]['ansible_fqdn'] }}
{% endfor %}
Regarding the Amazon specific settings, it's probably easiest to use a
group variable that holds a list of NTP servers, based on the
ec2_region var.
There are many ways to expand this.
BTW - what do you mean by "Locally I have one GPS enabled NTP server"?
If that means that it sits at your home, and you want your ec2
instances to source their clock from it, then that's defeating the
purpose of cloud infrastructure I think...
Dick
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b371f7c4-b432-47f1-a5ae-80d4ff287ccc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Dick Visser
Sr. System & Network Engineer
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
Create a role that deploys ntpd, and use those common properties to
construct a configuration file using a jinja2 template. That's in
general the approach I take.
When I found my templates getting crazy complex, it sometimes meant my
infrastructure was in fact too complex.
I think you can get away with three types of configs:
1. the GPS based master server
2. the machines that use the master and each other to peer with: 'peers'
3. clients that use all/any of the above
You can then define a few groups
[ntp-servers]
master
peer1
peer2
peer3
peer4
[slaves]
ec2-a
ec2-b
ec2-c
ec3-d
You can then define a var that contains the list of all the ntp-server
except the one that the host in question:
- set_fact:
peers: "{{ groups['ntp-server'] | difference(inventory_hostname) }}"
Set up a template task:
- name: ntpd config file
template:
dest: /etc/ntp.conf
src: ntp.conf.j2
Where the template looks like for the ntp-servers:
# Use all NTP peers except myself ({{ inventory_hostname }})
{% for peer in peers %}
server {{ hostvars[peer]['ansible_fqdn'] }}
{% endfor %}
Regarding the Amazon specific settings, it's probably easiest to use a
group variable that holds a list of NTP servers, based on the
ec2_region var.
There are many ways to expand this.
BTW - what do you mean by "Locally I have one GPS enabled NTP server"?
If that means that it sits at your home, and you want your ec2
instances to source their clock from it, then that's defeating the
purpose of cloud infrastructure I think...
Dick
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b371f7c4-b432-47f1-a5ae-80d4ff287ccc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Dick Visser
Sr. System & Network Engineer
GÉANT
Want to join us? We're hiring: https://www.geant.org/jobs
Reply all
Reply to author
Forward
0 new messages