Ansible playbooks for configuration management in pull mode.
To bootstrap, follow the following steps:
-
Import ansible vault key to
/root/.ansible-vault-pass. -
To run jamlab-ansible for the first time (i.e. reinstalling or setting up hypervisor for the first time) use
bin/jamlab-bootstrapwhich installs dependencies and runsbin/jamlab-ansiblefor the first time to set up the system as well as create VM template(s) using jamlab-packer and then create VMs from that template with jamlab-terraform.
Each host should belong to ONE AND ONLY ONE group.
To create a new playbook copy it from another one and change the list of roles in the file local.yml.
Variable precedence is as follows (from the weakest to the strongest):
- role defaults (
rrr/defaults/main.yml) - group vars (
playbooks/ppp/group_vars/all.yml) - host vars (
playbooks/ppp/host_vars/hhh.yml) - ansible argument (
ansible-playbook --extra-vars "my_var=my_value" ...)
After the announcement of deprecating hash_behaviour=merge option in Ansible it is no longer possible to conveniently combine dictionaries with same names in role, group and host variables.
When merging dictionaries the following convention should be followed:
For role defaults use the regular variable name exampledict in rrr/defaults/main.yml:
exampledict:
- name: var1For group defaults use the group_ prefix with variable name exampledict in playbooks/ppp/group_vars/all.yml:
group_exampledict:
- name: var2For host defaults use the host_ prefix with variable name exampledict in playbooks/ppp/host_vars/hhh.yml:
host_exampledict:
- name: var3Combine dictionaries in role tasks rrr/tasks/main.yml:
- name: Combine role and group vars
set_fact:
packages: "{{ packages + group_exampledict }}"
when: group_exampledict is defined- name: Combine host and group vars
set_fact:
packages: "{{ packages + host_exampledict }}"
when: host_exampledict is definedEach playbook in playbooks/:
- has a name starting with:
group_(if it is applied to a group of machines)host_(if it is applied to one host)function_(if it is applied to a functionality).
- has a file named
local.ymlto describe the playbook with tasks and roles. - may have a
group_vars/all.ymlto set the default values of variables for all hosts executing the playbook. - may have a
host_vars/hhh.ymlto overwrite some variable values for that hosthhhexecuting the playbook. - does NOT have a role directory as it is outside of the playbook.
- does NOT have the
ansible.cfgconfiguration file since it is one level upper.
Template structure of the playbooks:
playbooks/
group_ggg/
local.yml
group_vars/
all.yml
host_hhh/
local.yml
host_vars/
hhh.yml
function_fff/
local.ymlThe playbook of a host may be completely defined in playbooks/host_hhh/ or just adapted in playbooks/group_ggg/host_vars/hhh.yml
Template structure of playbook playbook/ppp/local.yml:
- name: PLAYBOOK FOR GROUP 'GGG'
hosts: ggg
roles:
- { role: pre, tags: [ pre ], when: not (disabled_roles.pre | default(false)) }
- { role: rrr, tags: [ rrr ], when: not (disabled_roles.rrr | default(false)) }
- { role: post, tags: [ post ], when: not (disabled_roles.post | default(false)) }It is possible to disable a role for host hhh for example, by defining in playbooks/group_ggg/host_vars/hhh.yml:
disabled_roles:
rrr: trueThere are two special roles at the begining and at the end of the playbook: pre and post.
They are used to replace the list of common roles to execute before and after specific ones.
Each role in roles/ can be used in any playbook in playbooks/ppp/local.yml.
Template structure of a role:
roles/
rrr/
defaults/
files/
libraries/
tasks/
templates/
vars/Hosts pull directly from this repository.
- In Git, names are merged with a dash ('-'), such as jamlab-ansible. This is for historical reasons.
- In Ansible, names are merged with an underscore ('_'), such as group_vars or host_vars.
- In Linux, names are merged with a dash ('-'), such as NetworkManager-wait-online.service or system-auth.