Often a user of a configuration management system will want to keep inventory
Often a user of a configuration management system will want to keep inventory
in a different system. Frequent examples include LDAP, `Cobbler <http://cobbler.github.com>`_,
in a different system. Frequent examples include LDAP, `Cobbler <http://cobbler.github.com>`_,
or a piece of expensive enterprisey CMDB software. Ansible easily supports all
or a piece of expensive enterprisey CMDB software. Ansible easily supports all
of these options via an external interventory system.
of these options via an external inventory system.
If you have a data store system where an Ansible external inventory script doesn't already exist, this may require a little coding, but we have a `Cobbler example <https://github.com/ansible/ansible/blob/master/examples/scripts/cobbler_external_inventory.py>`_ in the main source tree -- but it's pretty simple, as we'll explain below -- that would provide a good starting point. Like with modules, it's possible to build an external inventory script in any language, as long as it returns JSON.
If you have a data store system where an Ansible external inventory script doesn't already exist, this may require a little coding, but we have a `Cobbler example <https://github.com/ansible/ansible/blob/master/examples/scripts/cobbler_external_inventory.py>`_ in the main source tree -- but it's pretty simple, as we'll explain below -- that would provide a good starting point. Like with modules, it's possible to build an external inventory script in any language, as long as it returns JSON.
@ -165,7 +165,7 @@ And technically, though there is no major good reason to do it, this also works
ansible webserver -m shell -a "echo {{ a }}"
ansible webserver -m shell -a "echo {{ a }}"
So in other words, you can use those variables in arguments/actions as well. You might use this to name
So in other words, you can use those variables in arguments/actions as well. You might use this to name
a conf.d file appropriately or something similar. Who knows.
a conf.d file appropriately or something similar. Who knows?
So that's the Cobbler integration support -- using the cobbler script as an example, it should be trivial to adapt Ansible to pull inventory, as well as variable information, from any data source. If you create anything interesting, please share with the mailing list, and we can keep it in the source code tree for others to use.
So that's the Cobbler integration support -- using the cobbler script as an example, it should be trivial to adapt Ansible to pull inventory, as well as variable information, from any data source. If you create anything interesting, please share with the mailing list, and we can keep it in the source code tree for others to use.
@ -31,8 +31,7 @@ server and daemonless, scaling potential is unlimited, and no resources are wast
Deployment and Configuration, Unified
Deployment and Configuration, Unified
`````````````````````````````````````
`````````````````````````````````````
Other deployment (compared to config) oriented frameworks similarly cover deployment well but lack a strongly defined resource model and devolve into glorified remote scripts. Ansible playbooks -- having been designed with this problem in mind -- are good at both deployment & idempotent configuration, meaning you don't have to spread your infrastructure management out between different tools (Puppet+Capistrano, Chef+Fabric, etc), and performing ordered steps between different classes of machines is no problem, yet our modules affect system state only when required -- while avoiding the problem of fragile scripting that assumes certain starting
Other deployment (compared to config) oriented frameworks similarly cover deployment well but lack a strongly defined resource model and devolve into glorified remote scripts. Ansible playbooks -- having been designed with this problem in mind -- are good at both deployment & idempotent configuration, meaning you don't have to spread your infrastructure management out between different tools (Puppet+Capistrano, Chef+Fabric, etc). Performing ordered steps between different classes of machines is no problem, yet our modules affect system state only when required -- while avoiding the problem of fragile scripting that assumes certain starting or ending states.
or ending states.
Ansible is also unique in other ways. Extending ansible does not require programming in any particular language -- you can write :doc:`modules` as idempotent scripts or programs that return simple JSON. Ansible is also pragmatic, so when you need to, it's also trivially easy to just execute useful shell commands.
Ansible is also unique in other ways. Extending ansible does not require programming in any particular language -- you can write :doc:`modules` as idempotent scripts or programs that return simple JSON. Ansible is also pragmatic, so when you need to, it's also trivially easy to just execute useful shell commands.
@ -143,6 +142,6 @@ internet infrastructure, finance, chip design, and more. Michael also
helped co-author `Func <http://fedorahosted.org/func/>`_, a precursor to Ansible, which is used to
helped co-author `Func <http://fedorahosted.org/func/>`_, a precursor to Ansible, which is used to
orchestrate systems in lots of diverse places. He's worked on systems
orchestrate systems in lots of diverse places. He's worked on systems
software for IBM, Motorola, Red Hat's Emerging Technologies Group,
software for IBM, Motorola, Red Hat's Emerging Technologies Group,
Puppet Labs, and is now with `rPath <http://rpath.com>`_ Reach Michael by email `here <mailto:michael.dehaan@gmail.com>`_.
Puppet Labs, and is now with `rPath <http://rpath.com>`_. Reach Michael by email `here <mailto:michael.dehaan@gmail.com>`_.
@ -26,7 +26,7 @@ From playbooks, Ansible modules are executed in a very similar way::
All modules technically return JSON format data, though if you are using the
All modules technically return JSON format data, though if you are using the
command line or playbooks, you don't really need to know much about
command line or playbooks, you don't really need to know much about
that. If you're writing your own module, you care, and this means you do
that. If you're writing your own module, you care, and this means you do
not have to write modules in any particular language -- you get tho choose.
not have to write modules in any particular language -- you get to choose.
Most modules other than command are `idempotent`, meaning they will seek
Most modules other than command are `idempotent`, meaning they will seek
to avoid changes to the system unless a change needs to be made. When using Ansible
to avoid changes to the system unless a change needs to be made. When using Ansible
@ -52,7 +52,7 @@ Manages apt-packages (such as for Debian/Ubuntu).
*update-cache*:
*update-cache*:
* Whether apt cache must be updated prior operation. Optional, and can be
* Whether the apt cache must be updated prior to operation. Optional, and can be
'yes', or 'no'. The default is 'no'. This can be done as the part of a
'yes', or 'no'. The default is 'no'. This can be done as the part of a
package operation or as a seperate step.
package operation or as a seperate step.
@ -96,7 +96,7 @@ paths to commands must be fully qualified.
This module does not support change hooks and returns the return code
This module does not support change hooks and returns the return code
from the program as well as timing information about how long the
from the program as well as timing information about how long the
command was running for.
command was running.
Example action from Ansible :doc:`playbooks`::
Example action from Ansible :doc:`playbooks`::
@ -196,7 +196,7 @@ All parameters available to the file module are also available when running the
*owner*:
*owner*:
* name of user that should own the file or directory, as would be given to `chown`.
* name of user that should own the file or directory, as would be given to `chown`
*group*:
*group*:
@ -224,7 +224,7 @@ All parameters available to the file module are also available when running the
*context*:
*context*:
* accepts only 'default' as value. This will restore a file's selinux context to the default context in the policy. Does nothing if no default is available.
* accepts only 'default' as value. This will restore a file's selinux context to the default context in the policy. Does nothing if no default is available. Only used on hosts with SELinux present.
Example action from Ansible :doc:`playbooks`::
Example action from Ansible :doc:`playbooks`::
@ -347,7 +347,7 @@ will execute this module automatically as the first step in each play
using the variables section, so it is unnecessary to make explicit
using the variables section, so it is unnecessary to make explicit
calls to setup within a playbook.
calls to setup within a playbook.
Ansible provides may 'facts' about the system, automatically.
Ansible provides many 'facts' about the system, automatically.
Some of the variables that are supplied are listed below. These in particular
Some of the variables that are supplied are listed below. These in particular
are from a VMWare Fusion 4 VM running CentOS 6.2::
are from a VMWare Fusion 4 VM running CentOS 6.2::
@ -421,13 +421,15 @@ also be snapshotted into the JSON file for usage in templating. These
variables are prefixed with ``facter_`` and ``ohai_`` so it's easy to
variables are prefixed with ``facter_`` and ``ohai_`` so it's easy to
tell their source.
tell their source.
All variables are bubbled up to the caller. Using the ansible facts and chosing
All variables are bubbled up to the caller. Using the ansible facts and choosing
to not install facter and ohai means you can avoid ruby-dependencies
to not install facter and ohai means you can avoid ruby-dependencies
on your remote systems.
on your remote systems.
*anything*:
*variablename*:
* Any other parameters can be named basically anything, and set a ``key=value`` pair in the JSON file for use in templating.
* Arbitrary variable names, which must be a mix of alphanumeric characters and
underscores, can also be defined. Setting a variable creates a
``key=value`` pair in the JSON file for use in templating.
Example action from Ansible :doc:`playbooks`::
Example action from Ansible :doc:`playbooks`::
@ -447,7 +449,7 @@ shell
The shell module takes the command name followed by a list of
The shell module takes the command name followed by a list of
arguments, space delimited. It is almost exactly like the command module
arguments, space delimited. It is almost exactly like the command module
but runs the command through the shell rather than directly.
but runs the command through the user's configured shell on the remote node.
The given command will be executed on all selected nodes.
The given command will be executed on all selected nodes.
@ -459,7 +461,7 @@ use your best judgement.
This module does not support change hooks and returns the return code
This module does not support change hooks and returns the return code
from the program as well as timing information about how long the
from the program as well as timing information about how long the
command was running for.
command was running.
Example action from a playbook::
Example action from a playbook::
@ -473,8 +475,8 @@ template
Templates a file out to a remote server. Call the :ref:`setup` module
Templates a file out to a remote server. Call the :ref:`setup` module
prior to usage if you are not running from a playbook. In addition to the options
prior to usage if you are not running from a playbook. In addition to the options
listed below, the arguments available to the `file` module can also be passed to the copy
listed below, the arguments available to the `file`and `copy`modules can also be passed
module.
to the template module.
*src*:
*src*:
@ -483,7 +485,7 @@ module.
*dest*:
*dest*:
* Location to render the template on the remote server.
* Location to render the template on the remote server
This module also returns md5sum information about the resultant file.
This module also returns md5sum information about the resultant file.
@ -513,19 +515,19 @@ Creates user accounts, manipulates existing user accounts, and removes user acco
*group*:
*group*:
* Optionally sets the user's primary group, takes a group name.
* Optionally sets the user's primary group, takes a group name
*groups*:
*groups*:
* Put the user in the specified groups, takes comma delimited group names.
* Put the user in the specified groups, takes comma delimited group names
*append*:
*append*:
* If true, will only add additional groups to the user listed in 'groups', rather than making the user only be in those specified groups.
* If true, will only add additional groups to the user listed in 'groups', rather than making the user only be in those specified groups
*shell*:
*shell*:
* Optionally sets the user's shell.
* Optionally sets the user's shell
*createhome*:
*createhome*:
@ -541,11 +543,11 @@ Creates user accounts, manipulates existing user accounts, and removes user acco
*force*:
*force*:
* When used with a state of 'absent', the behavior denoted in the 'userdel' manpage for --force is also used when removing the user. Value is 'yes' or 'no', default is 'no'.
* When used with a state of 'absent', the behavior denoted in the 'userdel' manpage for ``--force`` is also used when removing the user. Value is 'yes' or 'no', default is 'no'.
*remove*:
*remove*:
* When used with a state of 'absent', the behavior denoted in the 'userdel' manpage for --remove is also used when removing the user. Value is 'yes' or 'no', default is 'no'.
* When used with a state of 'absent', the behavior denoted in the 'userdel' manpage for ``--remove`` is also used when removing the user. Value is 'yes' or 'no', default is 'no'.
Michael DeHaan
13 years ago