August 27, 2015 ansible draft bcp

'(Ansible Best Practices)

Audience: sysadmins

Ansible lets you set things up somewhat flexibly.

Create a multi-purpose ssh config file

Editor shortcuts

Zsh helpers

Special files

In the top of your Ansible project, keep the following files:

hosts
site.yaml
ssh-inventory.config
ansible.config

Rather than spread files around your machine (~/.ssh/config, /etc/hosts, etc), set your own hosts file:

export ANSIBLE_HOSTS=/root/of/your/proj

Vim helpers

# Edit ansible with key files open
alias vi-ans='v -o hosts site.yaml group_vars/all.yaml ssh-inventory.config ansible.cfg'
# Let zsh auto-complete all membean servers; ssh mnemonic: “ssh membean”
alias ssm=”ssh -F ${ANSIBLE_HOSTS:h}/ssh-inventory.config”

Recipes

Simplest test to reach all servers

ansible bases -m command -a date -u dummy -b -v

Create an app server

ansible-playbook --skip-tags=slow,skip,nondocker -l appsvrs site.yaml -b
SSH password: root
ansible-playbook --skip-tags=skip -l bases site.yaml -v -u dummy -b --ask-become-pass

Update all systems:

Always have a main.yaml that is a bunch of include`s. This way, you can add a `cur tag to any other sub-yaml.

Sprinkle tags liberally. You might have a single type of change that applies to several roles, like updating a set of crontabs across servers. Add a cron tag for this.