Re: [ansible-project] ansible-pull vs ssh remote port forwarding

721 views
Skip to first unread message

Michael DeHaan

unread,
May 23, 2013, 10:25:19 AM5/23/13
to ansible...@googlegroups.com
Not too many people use ansible-pull, though I wouldn't really want my nodes to be able to SSH back to my server.

We are working on a REST-based callback solution that will allow you to simply allow a system to make a wget with a special token and request it be reconfigured.

This will allow full reporting as well as a really clean solution to the idea of nodes coming up at random times (like new cloud instances)




On Thu, May 23, 2013 at 9:28 AM, Dion Mendel <dion....@gmail.com> wrote:
Hi,

New ansible user here. I come from a puppet background and am liking ansible much more.

I'm trying to understand the rationale for ansible-pull verses ssh with remote port forwarding.

ansible-pull requires that ansible and git be installed on the managed node.

I'm currently running ansible in pull mode using normal ssh reverse port forwarding, and don't require anything extra to be installed/stored on the managed node.

Can anyone see any problems with how I am doing this that would make ansible-pull a better solution?

In push mode I'd run the playbook as:
  ansible-playbook ~/.ansible/site.yml -l node1

To run in pull mode, I edit the inventory file to have an entry for node1 like so:
  node1 ansible_ssh_host=127.0.0.1 ansible_ssh_port=5000

Then run this command on the managed node.
  ssh server -R 5000:localhost:22 'ansible-playbook ~/.ansible/site.yml -l node1'

ansible runs on the server in push mode and uses the forwarded port to connect to the managed node. This is an easier solution for me than using ansible-pull, but I haven't seen anyone mention it on the list.

Regards,

Dion.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 



--
Michael DeHaan <mic...@ansibleworks.com>
CTO, AnsibleWorks, Inc.
http://www.ansibleworks.com/

PePe Amengual

unread,
May 24, 2013, 8:09:24 PM5/24/13
to ansible...@googlegroups.com
I Use ansible in pull mode a lot.

we are a dev shop and we use pull mode for dev machines using vagrant that come up at random times and in different time zones.


I'm still working on it and making it better, now I'm working on changing the install script and some other new features.

Another reasons we like pull mode because it connects to github to download the new version of the playbook so we can have a custom versioned file per developer, it uses a cron job so is unattended and the developer doesn't even know that is happening.

I will love to see how the REST Api will look like.

Thanks.

Michael DeHaan

unread,
May 24, 2013, 8:21:28 PM5/24/13
to ansible...@googlegroups.com
Running ansible straight from latest github!

I like it :)


Reply all
Reply to author
Forward
0 new messages