Hi
maybe it’s a silly question but I have been working with ansible since a year ago and still not comfortable with I organize my hosts. My scenario is quite easy, you’ll see:
- we have lot of ubuntu servers, most of them are: or apache, or sql, or lamp (apache+sql)
- some of servers are pre and others pro environment
so when I have to create (provisioning) a new machine I do some steps as create vm, setup fqdn and ip, add new fqdn to my ansible inventory and run playbook.
Problem: I have lot of ubuntu servers, how is the best to organize them in my inventory?
[hosts:children]
vm
[vm:children]
ubuntu
[ubuntu:children]
webservers
database
lamp
so I have the hosts “lamp1.example.com” which is a apache, php and sql vps…in which group I will allocate this new hosts?
Webserver? well, lamp1 it’s a webserver (apache) so it’r right
Database? it has a mysql instance so is also an database
lamp? of course, it’s a lamp vps so lamp group also is appropiated
Now this is my first problem…then the second. I have the group_vars folder which playbook.yml will look when a ansible recipe is executed. I have a role called fail2ban. I want to apply some variables to “all” groups for this role but for the apache servers I also want to setup another vars:
file group_vars/apache
fail2ban_services:
- name: ssh
port: ssh
filter: sshd
logpath: /var/log/auth.log - name: apache
port: http,https
filter: apache-auth
logpath: /var/log/apache*/*error.log
maxretry: 6
file group_vars/all
fail2ban_services:
- name: ssh
port: ssh
filter: sshd
logpath: /var/log/auth.log
this is related with the first problem, I have to organize the hosts in a proper way for later be sure the vars will be applied correctly.
How you will fix this problem? Meantime, I have removed lot of groups to simplify my inventory. Now I just divide my host between ubuntu and centos and the role of hosts: webserver, database, lamp, lemp, etc
Any comment is highly appreciated!
Thanks!