In this post I would like to explain about what I had explored on the Ansible Configuration changes at different scopes. Also see the impact of different parameter customizations related to the ansible host inventories.
Working with Ansible Configuration - ansible.cfg
This ansible.cfg file will be available in the default location (ANSIBLE_HOME/ Ansible.cfg) when you install with yum. It is not available
when you use pip installation.
To get a copy of the ansible.cfg you can see a 'rpmsave' file in the default ANSIBLE_HOME location
/etc/ansible.
The ANSIBLE_HOME can be changed as per the requirements we can defined in the configuration file.
Ansible inventory
Learning about the inventory setup for Ansible controller, first it will look into the ansible.cfg about where is the inventory location defined. If no line mentioned in the configuration file then default inventory location will be used as /etc/ansible/hosts in the default configuration. If you wish to use the configuration per Project environments such as dev, test/qa, stage, prod separated then you can define the host list for each environment into an individual inventory file in the Project.
|
Ansible inventory and interconnection with ansible.cfg |
Ansible inventory can be created in multiple file formats but Ansible understand the two format files as a common format they are :
Ansible inventory in INI format
You can create INI file based inventory, sections are groups or group related with special :modifiers . The host entries in a sections forms a group, This group namem should be relavent to what they are going to run on these hosts.
How do we setup Ansible inventory in INI format?
Simple inventory creation where we just include the host list into the example inventory file.
mkdir test-project; cd test-project; vi inventory
node01
node02
Here is interesting experiment, We can have hostnames and IP addresses or their combination of both also can be entered as inventory file and it works.
Updating above created inventory file with an IP4 address as entry!
node01
192.168.1.210
node02
Grouping in inventory
We can create grouping of hosts which will running some service or specific software as shown below all the httpd service running VMs are grouped as 'web-server':
[web-server]
node01
node02
Sub-groups in Ansible inventory
We can make inventory of group of sub-groups, in the below you can see 3 groups defined web-nodes, db-nodes, lb-node all these become sub-groups for the hyd group. This kind of representation is most common need where we can have different categories of nodes and they all run under different regions or availability zones on your cloud platforms.
[web_nodes]
node01
node02
[db_nodes]
192.168.1.210
[lb_node]
loadbalancer
[hydi:children]
web_nodes
db_nodes
lb_node
The execution output as follows:
Default groups in Ansible inventory
Ansible also makes some built-in groups once you create an inventory, such groups are as follows:
Here is the interesting logic - every host defined in a group belongs to 'all' group. If a host defined not into any group that belongs to 'ungroupped' default group. For our example we can get 'mailserver.hyd.in' fall into the 'ungroupped' group!
Ansible inventory in YAML format
The ansible inventory defining in the YAMAL format need to care about the following:
1. Top or root for the inventory will be "all" keyword
2. Every next level can be defined with "children" keyword
3. We can define number of groups under the a common group. (Observe qa is example common group)
4. Host can be defined under "hosts" keyword
5. We can define the range of hosts names with [:] (check the qawebserver)
6. Every line shold be ending with a colon
We can define the inventory file in YAML file format as well. You can see
echo "
all:
children:
qa:
children:
qawebserver:
hosts:
node[1:2]:
qadbserver:
hosts:
localhost:
">qa-inventory.yml
#Validate file created
cat qa-inventory.yml
Enter the ansible.cfg file with the following configuration:
[defaults]
inventory = ./qa-inventory.yml
To get the list of hosts from the all groups using the above created qa-inventory.yml file.
ansible --list-hosts all
ansible-inventory --graph
ansible-inventory --list
|
Ansible inventory using YAML file |
Here also we can do all those filters on host list extractions as discussed above with ini file.
Ansible inventory parameters
You can define the inventory file in 'ini' format, where we can have aliases to the hosts vms it is similar to Linux configuration file /etc/hosts but is more readable and we can add more ansible_ variables in a line for that host related information such as username, password etc.
# Sample inventory with host aliases
web1 ansible_host=web1.hyd.in
web2 ansible_host=web2.cmb.in
db1 ansible_host=db1.dli.in
We can use the following common ansible inventory parameters :
- ansible_host this can be IP address or DNS of a VM
- ansible_connection You can specify how to connect to the remote host
- ansible_user you can use a dedicated user like 'ansibleuser' or else 'root' for Linux machines
- ansible_ssh_pass will be used for Linux Remote machines
- ansible_password is used for Windows Remote machines
Usually Ansible controller will be connects with Linux remote hosts using SSH protocol and that too with port 22. When we store some file in the Ansible controller to access them we can skip connecting with SSH, instead of that we can use local cetonnection option. The ansible_connection inventory parmeter can be used to establish a local connection instead of ssh in Ansible.
In a project you may have Linux, Windows combination of remote machines. If we want to connect with Windows remote host then the 'ansible_connection' parameter must be set with the 'winrm' as value.
# Sample Inventory File with Linux, Windows VMs
# Web Servers
web1 ansible_host=node01.devopshunter.com ansible_connection=ssh ansible_user=root ansible_ssh_pass=Secre7@in
web2 ansible_host=node02.devopshunter.com ansible_connection=ssh ansible_user=root ansible_ssh_pass=Secre7@in
web3 ansible_host=node03.devopshunter.com ansible_connection=ssh ansible_user=root ansible_ssh_pass=Secre7@in
# db servers
db1 ansible_host=sqldb01.devopshunter.com ansible_connection=winrm ansible_user=administrator ansible_password=WinVM@09!
Custom inventory file can be defined as per Project or environment type. Generally these custom inventories can be used on single Ansible Controlller multiple Projects or nonprod environments, For best practices they will be pushed to any of the SCM tools like Git/BitBucket.
Let's explore all the inventory accessing experiments related to development environment in dev directory is dedicated
mkdir dev; cd dev
Create a file with the following inventory file in dev, it is in a alternative locaiton other than default path:
echo "
mailserver.hyd.in
[lb]
lb01
[web]
web01
web02
[db]
db01
db02
">dev
#confirm the dev file content
cat dev
Understanding the inventory accessing filter options
To list 'all' hosts from the dev inventory file.
ansible -i dev --list-hosts all
We can display the desired group to list the hosts in each of the given group such as db or web from the above created dev inventory file.
ansible -i dev --list-hosts db
ansible -i dev --list-hosts web
|
The ansible host list with different options |
Creating the local inventory for dev project we create the ansible.cfg file as:
echo "
[defaults]
inventory = ./dev
">ansible.cfg
#validate
cat ansible.cfg
Now we can run the commands without informing with -i flag. That is
ansible --list-hosts db
There is a possible option to use regular expressions "*" is same as "all".
ansible --list-hosts "*"
ansible --list-hosts "web0*"
To list out multiple groups for hosts you can select with colon separation as shown here.
ansible --list-hosts web:db
Index out the host from the inventory using the square brackets [] with a number of group name
ansible --list-hosts web[1]
We can also un-select using except indicators the "!" symbol before host or group name.
ansible --list-hosts \!web #except web servers
|
ansible list of hosts with different options as input |
FAQ on Ansible Inventory files
1. Can I pass multiple ansible inventories to run a playbook?
Yes it is possible to run a playbook with multiple inventories.
ansible-playbook get_logs.yml -i dev -i qa
2. Is it possible to have a host in multiple groups?
Yes it is possible to have this usecase, a host can be present in dbservers group as well as in webservers.
References: