I’m working on a system that can run one playbook to launch some number of EC2 instances for any number of purposes. For example, a development, it might lauch & provision 2 web servers and 1 search server. In production, it might be even more specific and launch 2 api servers, 2 dashboard servers, 1 general web server and 1 search server. It’s trying to be pretty flexible like that.
When launched, the instances are tagged in various ways. For example:
ManagedBy: Ansible
Environment: dev|stg|prd
Roles: web,api,dashboard,corp,search
Now I need to write playbooks that execute against existing servers and I’d like to be able to run something like this:
$ ansible-playbook -i development/ec2.py dosomething.yml --ask-vault-pass
And then, in my playbook, identify my hosts based on tags. In the simplest case, set hosts: <all servers whose ManagedBy tag is 'Ansible" AND whose Environment tag is “development”>. Is it possible to set the hosts value based on multiple tags?
In a slightly different example, I may need to execute a set of roles/tasks only against a server whose role includes “api”. This would mean parsing the “Roles” tag that is a comma delimited list of the projects installed on a given instance.
Am I asking dynamic inventory to do too much? Is this possible in this or any other reasonable way?
Thanks.
I'm working on a system that can run one playbook to launch some number of
EC2 instances for any number of purposes. For example, a development, it
might lauch & provision 2 web servers and 1 search server. In production, it
might be even more specific and launch 2 api servers, 2 dashboard servers, 1
general web server and 1 search server. It's trying to be pretty flexible
like that.
When launched, the instances are tagged in various ways. For example:
ManagedBy: Ansible
Environment: dev|stg|prd
Roles: web,api,dashboard,corp,search
Now I need to write playbooks that execute against existing servers and I'd
like to be able to run something like this:
$ ansible-playbook -i development/ec2.py dosomething.yml --ask-vault-pass
And then, in my playbook, identify my hosts based on tags. In the simplest
case, set hosts: <all servers whose ManagedBy tag is 'Ansible" AND whose
Environment tag is "development">. Is it possible to set the hosts value
based on multiple tags?
You can specify the intersection of groups with the syntax:
- hosts:
- tag_ManagedBy_Ansible:&tag_Environment_development
It is documented here:
http://docs.ansible.com/ansible/intro_patterns.html
In a slightly different example, I may need to execute a set of roles/tasks
only against a server whose role includes "api". This would mean parsing the
"Roles" tag that is a comma delimited list of the projects installed on a
given instance.
As far as the ec2 dynamic inventory scripts works, the commas are replaced by
underscores, e.g. tag_Roles_web_api_dashboard, accordingly with the order in
which the terms appear in the tag's value. That will probably cause problems if
you try this approach, since tag_Roles_web_api and tag_Roles_api_web will be
different groups.
The simpler solution would be breaking down the list into separate tags (you
can't have multiple tags with the same name, AFAIK) such as tag_RoleAPI_yes,
tag_RoleWeb_yes, etc. Mind the limit of number of tags, though.