Hi,
I am a newbie trying to migrate from salt to ansible. I am trying to learn how to manage/use ansible but struggling. Salt has a “seperation model” I like and understand but ansible I cant figure out, I guess I am contaminated with the “salt way” and cant fathom ansible yet.
Anyway, I have a user configured in ansible as “svc1” this user runs all the production playbooks etc and is configured in /etc/ansible/* as the user to run under as per normal.
I would like to run ansible to build servers as a separate user, “svc2” with separate ssh keys and playbooks etc to prevent me “damaging” 1 or more production servers by mistake as I know so little.
So,
a) I have a second user “svc2”.
b) A /home/svc2/ansible_hosts setup that only has the specific build target FQDN in it but when I run an ansible command its looking for /home/svc1/ansible_hosts
I need a method on how to work safely.
The only way I can see is to bypass the default config in /etc/ansible/* and specify where ansible_hosts is on the command line? and run as svc2 and not svc1 by default, can this be done? if so how can I do this? or otherwise how can I guarantee complete isolation from production?
regards
Steven