Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
Ansible Framework Container
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Ansible
Playbooks
Ansible Framework Container
Commits
d583e578
Commit
d583e578
authored
9 years ago
by
jurgenhaas
Browse files
Options
Downloads
Patches
Plain Diff
Update documentation
parent
07125dc0
Branches
Branches containing commit
No related tags found
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
README.md
+27
-23
27 additions, 23 deletions
README.md
with
27 additions
and
23 deletions
README.md
+
27
−
23
View file @
d583e578
...
...
@@ -23,20 +23,13 @@ git clone git@gitlab.paragon-es.de:ansible-playbooks/general.git /opt/ansible --
cd /opt/ansible
# Setup or update
./setup_local.sh [COMPANY]
# Optional additional system components
sudo apt-get install python-setuptools
sudo easy_install -U pip
sudo pip install requests
sudo pip install boto
sudo pip install six
./setup_local.py [COMPANY]
```
## Configuration
The above installation configures Ansible such that everything is good to go
and you can call the
```setup_local.
sh
```
script again at any time to grab updates
and you can call the
```setup_local.
py
```
script again at any time to grab updates
or restore settings if something got broken.
However, there might be additional settings that make the usage of Ansible more
...
...
@@ -44,12 +37,12 @@ convenient and we're describing them here with detailed descriptions.
### Ansible configuration
You'll find a file
```.ansible.cfg```
in your home directory after the setup from
You'll find a file
```.ansible.cfg```
in your home directory after the setup from
above and there are certain additional settings that could be usefull:
#### Working with a vault for automatic sudo password input
When using Ansible with this repository you'll get asked for your remo
v
e sudo
When using Ansible with this repository you'll get asked for your remo
t
e sudo
password every single time. If you want to avoid that, you can store that password
in a vault so that Ansible grabs it from there automatically.
...
...
@@ -57,18 +50,19 @@ in a vault so that Ansible grabs it from there automatically.
because otherwise someone else could get access to your whole server farm.
1.
Create your vault password file
Create a file named
```~/.ansible/vault.pwd```
and edit that file so that it
contains your local password for your Ansible vault.
2.
Create you vault file
2.
Configure your vault password file
To make sure Ansible is going to utilize your password file, insert the line
```
vault_password_file = ~/.ansible/vault.pwd``` into ```.ansible.cfg``` in
your home directory.
3. Create your vault
Use the command ```ansible-vault create ~/.ansible/secrets``` and include
one line ```ansible_sudo_pass: 'YOURSUDOPASS'```. This is using your default
editor for the console but you can configure that like ```export $EDITOR=nano```
to use the nano editor as an example. When saving the file, ansible-vault
will encrypt that file with your vault password contained in the vault.pwd file.
3.
(Optional) Edit your vault file later on
4. (Optional) Edit your vault file later on
If you later want to edit your secrets, use ```ansible-vault create ~/.ansible/secrets```
### Creating shortcuts for the scripts
...
...
@@ -81,19 +75,29 @@ part of your PATH environment variable. Examples:
```
cd /usr/local/bin
sudo ln -s /opt/ansible/directory/ansible.sh a
sudo ln -s /opt/ansible/directory/ansible-playbook.sh apb
sudo ln -s /opt/ansible/directory/sanity.sh asanity
sudo ln -s /opt/ansible/directory/ansible.py a
sudo ln -s /opt/ansible/directory/ansible-playbook.py apb
sudo ln -s /opt/ansible/directory/role.py arole
sudo ln -s /opt/ansible/directory/sanity.py asanity
```
Since version 1.2, the setup script is creating those links by default for you.
### Preparing access to existing hosts
Ansible knows the hosts by name and the company specific naming convention should
be reflected on each local host that wants to use Ansible to manage them. You'll
find the hostnames in the file called
```inventory```
and you should make sure
that your local host knows them by name and their IP address. For this, add a new
line for each of those hosts into your
```/etc/hosts```
file starting with the
IP address followed by a space and the hostname from the inventory file.
find the hostnames in the file called ```inventory``` (if you have a static
inventory) or for dynamic inventories this is an executibale file that you can
call and it will list the known hosts to your console.
You should make sure that your local host knows all your remote hosts by name
and their IP address. For this, add a new line for each of those hosts into your
```
/etc/hosts
``` file starting with the IP address followed by a space and the
hostname from the inventory file.
You can also run ```
ansible-playbook.py hosts
``` and Ansible will update your
local hosts file automatically.
Next, and this is the final piece before you can start using Ansible to access
your hosts, make sure that you can access your hosts via SSH. This repository
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
