ansible

Setting vault password in Ansible Tower

泄露秘密 提交于 2020-01-14 19:04:22
问题 I have used Ansible Vault to encrypt a file in which I have stored sensitive data. In my orchestration script below command is mentioned to run the playbook. ansible-playbook -i hosts -vvv Playbook.yml --ask-vault-pass This prompts user to provide password for Ansible vault. Now how can I achieve the same through Ansible Tower so that no manual intervention. I do not want this to done through password file as it is the requirement. Any suggestion would be great help. 回答1: On Ansible Tower, go

How can I use ansible to script eclipse installation and configuration?

假如想象 提交于 2020-01-14 15:01:12
问题 I am an ansible newbee, so please forgive if this is obvious or well covered elsewhere. I want to script the setup of a developer virtual machine using Vagrant. Part of the task is to install (simple) and configure eclipse (i.e. install plugins and features, import formatting settings and other workspace configurations etc. -- not so simple). I could use the shell provisioner plus some scripts that automate the eclipse setup. Or I could try to use the ansible provisioner. Can ansible help me

How to discern, if a directory is NFS-mounted from Ansible?

你说的曾经没有我的故事 提交于 2020-01-14 14:57:07
问题 I need to set up an application directory for a "hairy" app. Depending on the case, the directory may be local to each server participating, or shared among several servers via NFS. So, I need to be able to detect, whether the given path is local or NFS-accessed and skip some of the tasks in the latter case. What's the best way to detect this in an Ansible role? I tried using the stat module, but device_type seems to be set to 0 in all cases, NFS or local (XFS). On Linux I could invoke stat

Combine multiple public keys with Ansible

吃可爱长大的小学妹 提交于 2020-01-14 04:04:52
问题 How can I combine multiple ssh public keys to use with Ansible's authorized_key module? I have variables file containing users and keys: ssh_users: - name: peter keys: - 'ssh-rsa AAAAB3NzaC1yc2EAAA peter@key1' - 'ssh-rsa AAAABsgsdfgyc2EAAA peter@key2' root: yes - name: paul keys: - 'ssh-rsa AAAAB3Nzaafac2EAAA paul@key1' root: no I'd like to go over this list, pick out users (and their keys) which have 'root: yes' and combine them to update root user's authorized_keys file. This doesn't work:

Combine multiple public keys with Ansible

隐身守侯 提交于 2020-01-14 04:03:57
问题 How can I combine multiple ssh public keys to use with Ansible's authorized_key module? I have variables file containing users and keys: ssh_users: - name: peter keys: - 'ssh-rsa AAAAB3NzaC1yc2EAAA peter@key1' - 'ssh-rsa AAAABsgsdfgyc2EAAA peter@key2' root: yes - name: paul keys: - 'ssh-rsa AAAAB3Nzaafac2EAAA paul@key1' root: no I'd like to go over this list, pick out users (and their keys) which have 'root: yes' and combine them to update root user's authorized_keys file. This doesn't work:

Ansible : pass a variable in a json_query filter

匆匆过客 提交于 2020-01-13 19:49:36
问题 I need to pass a variable in a json_query filter. This example, with a fixed string, is working correctly (string=tutu) : - set_fact: my_value_exist: "{{ my_json.json | json_query('contains(component.name,`tutu`)')}}" But i need to pass a variable , instead of tutu - set_fact: my_value_exist: "{{ my_json.json | json_query('contains(component.name,`{{my_var}}`)')}}" {{my_var}} is a string retreived in a previous step Do you have the correct syntax, so that the variable {{my_var}} could be

DevOps is Hard、DevSecOps is Even Harder

女生的网名这么多〃 提交于 2020-01-13 18:52:43
Enterprise Holdings. 的IT团队超过2000人,在2018年的演讲中介绍了Enterprise Holdings的DevOps是如何转型的。我们通过打造一个不只包涵了pipeline的CI/CD平台,将其称之为SDLC。在最开始的200+个应用中,我们挑选出5个来作为试点。当时的情况证明这次DevOps转型计划是成功的,我们的团队有4+位工程师和两位架构师,从2年半前就开始了整个平台的开发工作,根据业务需求确保平台可以适配各种云服务、也要适配已有的中间件,我们也在不断对CI/CD平台进行改进,以适应所有业务场景。其的目标是让开发人员更专注于具体的项目开发,让工具去解决一些通用性的问题。为了达到目前的效果,我们做了很多关于平台的需求收集及问题反馈相关的运营工作,所以在过去的一年里,我们已经将此套平台服务于70%的应用中,并且这个数字还在持续的增加。 在DevOps转型过程中,我们的角色并不是软件的开发者,但我们支撑了应用开发团队和他们所开发的应用,我们的服务工作介于应用程序与基础设施之间。在我们的角度来看,应用程序的开发应该是这样的: 开发人员在本地开发 在仓库中检查源码 在构建服务器上构建应用 运行安全扫描 打包发布到JFrog的Artifactory 发布应用到不同的环境测试 所有测试结束后,发布到生产环境 这个模式很简单,但是也很高效

Ansible: copying one unique file to each server in a group

牧云@^-^@ 提交于 2020-01-13 06:47:20
问题 I have a series of numbered files to be processed separately by each server. Each split file made using linux split and then xz compressed to save transfer time. split_001 split_002 split_003 ... split_030 How can I push these files out to a group of 30 servers with ansible? It does not matter which server gets which file so long as they each have a single unique file. I had used a bash file but I am looking for a better solution. Hopefully using ansible. Then I plan to run a shell command to

how to create Ansible playbook to obtain OS versions of the remote hosts?

风格不统一 提交于 2020-01-12 14:30:14
问题 I'm new to ansible. I have a requirement that requires me to pull OS version for of more than 450 linux severs hosted in AWS. AWS does not provide this feature - it rather suggests us to get it from puppet or chef. I created few simple playbooks which does not run --- - hosts: testmachine user: ec2-user sudo: yes tasks: - name: Update all packages to latest yum: name=* state=latest task: - name: obtain OS version shell: Redhat-release playbook should output a text file with hostname and OS

Ansible, set_fact using if then else statement

冷暖自知 提交于 2020-01-12 08:04:10
问题 I am trying to set a variable in Ansible with set_fact at runtime based upon another variable. If uses first value no matter what the actual value is. Here is my code example: - name: Global_vars - get date info set_fact: jm_env: "{{lookup('env', 'Environment')}}" l_env: "{% if '{{jm_env}}==Develop' %}d{% elif '{{jm_env}}==Staging'%}s{% else %}p{% endif %}" l_env is d no matter what jm_env is set. 回答1: Firstly, dictionaries in YAML are not ordered (and the syntax used by Ansible here is a
订阅 ansible