mirror of
https://github.com/adambard/learnxinyminutes-docs.git
synced 2024-12-23 17:41:41 +00:00
test markdown
This commit is contained in:
parent
da0ca8fcbd
commit
05892ff7dd
@ -1,4 +1,8 @@
|
|||||||
o--
|
# JM inventory dynamic aws ec2
|
||||||
|
# vault
|
||||||
|
# roles
|
||||||
|
|
||||||
|
---
|
||||||
category: tool
|
category: tool
|
||||||
tool: ansible
|
tool: ansible
|
||||||
contributors:
|
contributors:
|
||||||
@ -218,7 +222,7 @@ You should also know, that a nice way to pool some data is a **lookup**
|
|||||||
|
|
||||||
You can use them in CLI too
|
You can use them in CLI too
|
||||||
```yaml
|
```yaml
|
||||||
ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}"
|
ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" localhost
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -235,16 +239,63 @@ Some static content
|
|||||||
this line item is {{ item }}
|
this line item is {{ item }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
```
|
```
|
||||||
|
Jinja may have some limitations, but it is a powerfull tool that you might like.
|
||||||
|
|
||||||
### ansible-vault
|
#### Jinja2 CLI
|
||||||
|
You can use the jinja in the CLI too
|
||||||
|
```bash
|
||||||
|
ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost
|
||||||
|
```
|
||||||
|
|
||||||
### inventory
|
|
||||||
|
|
||||||
### dynamic inventory
|
|
||||||
|
|
||||||
### Jinja2 and templates
|
### Jinja2 and templates
|
||||||
jinja filters
|
jinja filters
|
||||||
|
|
||||||
|
|
||||||
|
#### ansible-vault
|
||||||
|
To maintain **ifrastructure as a code** you need to store secrets.
|
||||||
|
Ansible provides a way to encrypt the poufne files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution.
|
||||||
|
|
||||||
|
The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ echo some_very_very_long_secret > ~/.ssh/secure_located_file
|
||||||
|
|
||||||
|
$ vi ansible.cfg
|
||||||
|
ansible_vault_password_file = ~/.ssh/secure_located_file
|
||||||
|
|
||||||
|
#or to use env
|
||||||
|
export ANSIBLE_VAULT_PASSWORD_FILE=~/.ssh/secure_located_file
|
||||||
|
|
||||||
|
$ ansible-playbook playbooks/vault_example.yml
|
||||||
|
|
||||||
|
# decrypt the file
|
||||||
|
$ ansible-vault encrypt path/somefile
|
||||||
|
|
||||||
|
# view the file
|
||||||
|
$ ansible-vault view path/somefile
|
||||||
|
|
||||||
|
# check the file content:
|
||||||
|
$ cat path/somefile
|
||||||
|
|
||||||
|
# decrypt the file
|
||||||
|
$ ansible-vault decrypt path/somefile
|
||||||
|
```
|
||||||
|
|
||||||
|
#### dynamic inventory
|
||||||
|
You might like to know, that you can build your inventory dynamically.
|
||||||
|
|
||||||
|
(For Ansible) inventory is just a JSON with proper structure - if you can deliver that to ansible - anything is possible.
|
||||||
|
|
||||||
|
You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecaseses.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ etc/inv/ec2.py --refresh
|
||||||
|
|
||||||
|
$ ansible -m ping all -i etc/inv/ec2.py
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
### ansible profiling - callback
|
### ansible profiling - callback
|
||||||
|
|
||||||
### facts-cache and ansible-cmdb
|
### facts-cache and ansible-cmdb
|
||||||
|
Loading…
Reference in New Issue
Block a user