/docsite/rst/intro_inventory.rst

https://github.com/ajanthanm/ansible · ReStructuredText · 235 lines · 166 code · 69 blank · 0 comment · 0 complexity · 8b9434d9360f0c8e4065fb1e519ead49 MD5 · raw file

  1. .. _inventory:
  2. Inventory
  3. =========
  4. .. contents:: Topics
  5. Ansible works against multiple systems in your infrastructure at the
  6. same time. It does this by selecting portions of systems listed in
  7. Ansible's inventory file, which defaults to being saved in
  8. the location /etc/ansible/hosts.
  9. Not only is this inventory configurable, but you can also use
  10. multiple inventory files at the same time (explained below) and also
  11. pull inventory from dynamic or cloud sources, as described in :doc:`intro_dynamic_inventory`.
  12. .. _inventoryformat:
  13. Hosts and Groups
  14. ++++++++++++++++
  15. The format for /etc/ansible/hosts is an INI format and looks like this::
  16. mail.example.com
  17. [webservers]
  18. foo.example.com
  19. bar.example.com
  20. [dbservers]
  21. one.example.com
  22. two.example.com
  23. three.example.com
  24. The things in brackets are group names, which are used in classifying systems
  25. and deciding what systems you are controlling at what times and for what purpose.
  26. It is ok to put systems in more than one group, for instance a server could be both a webserver and a dbserver.
  27. If you do, note that variables will come from all of the groups they are a member of, and variable precedence is detailed in a later chapter.
  28. If you have hosts that run on non-standard SSH ports you can put the port number
  29. after the hostname with a colon. Ports listed in your SSH config file won't be used with the paramiko
  30. connection but will be used with the openssh connection.
  31. To make things explicit, it is suggested that you set them if things are not running on the default port::
  32. badwolf.example.com:5309
  33. Suppose you have just static IPs and want to set up some aliases that don't live in your host file, or you are connecting through tunnels. You can do things like this::
  34. jumper ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50
  35. In the above example, trying to ansible against the host alias "jumper" (which may not even be a real hostname) will contact 192.168.1.50 on port 5555. Note that this is using a feature of the inventory file to define some special variables. Generally speaking this is not the best
  36. way to define variables that describe your system policy, but we'll share suggestions on doing this later. We're just getting started.
  37. Adding a lot of hosts? If you have a lot of hosts following similar patterns you can do this rather than listing each hostname::
  38. [webservers]
  39. www[01:50].example.com
  40. For numeric patterns, leading zeros can be included or removed, as desired. Ranges are inclusive. You can also define alphabetic ranges::
  41. [databases]
  42. db-[a:f].example.com
  43. You can also select the connection type and user on a per host basis::
  44. [targets]
  45. localhost ansible_connection=local
  46. other1.example.com ansible_connection=ssh ansible_ssh_user=mpdehaan
  47. other2.example.com ansible_connection=ssh ansible_ssh_user=mdehaan
  48. As mentioned above, setting these in the inventory file is only a shorthand, and we'll discuss how to store them in individual files
  49. in the 'host_vars' directory a bit later on.
  50. .. _host_variables:
  51. Host Variables
  52. ++++++++++++++
  53. As alluded to above, it is easy to assign variables to hosts that will be used later in playbooks::
  54. [atlanta]
  55. host1 http_port=80 maxRequestsPerChild=808
  56. host2 http_port=303 maxRequestsPerChild=909
  57. .. _group_variables:
  58. Group Variables
  59. +++++++++++++++
  60. Variables can also be applied to an entire group at once::
  61. [atlanta]
  62. host1
  63. host2
  64. [atlanta:vars]
  65. ntp_server=ntp.atlanta.example.com
  66. proxy=proxy.atlanta.example.com
  67. .. _subgroups:
  68. Groups of Groups, and Group Variables
  69. +++++++++++++++++++++++++++++++++++++
  70. It is also possible to make groups of groups and assign
  71. variables to groups. These variables can be used by /usr/bin/ansible-playbook, but not
  72. /usr/bin/ansible::
  73. [atlanta]
  74. host1
  75. host2
  76. [raleigh]
  77. host2
  78. host3
  79. [southeast:children]
  80. atlanta
  81. raleigh
  82. [southeast:vars]
  83. some_server=foo.southeast.example.com
  84. halon_system_timeout=30
  85. self_destruct_countdown=60
  86. escape_pods=2
  87. [usa:children]
  88. southeast
  89. northeast
  90. southwest
  91. northwest
  92. If you need to store lists or hash data, or prefer to keep host and group specific variables
  93. separate from the inventory file, see the next section.
  94. .. _splitting_out_vars:
  95. Splitting Out Host and Group Specific Data
  96. ++++++++++++++++++++++++++++++++++++++++++
  97. The preferred practice in Ansible is actually not to store variables in the main inventory file.
  98. In addition to storing variables directly in the INI file, host
  99. and group variables can be stored in individual files relative to the
  100. inventory file.
  101. These variable files are in YAML format. See :doc:`YAMLSyntax` if you are new to YAML.
  102. Assuming the inventory file path is::
  103. /etc/ansible/hosts
  104. If the host is named 'foosball', and in groups 'raleigh' and 'webservers', variables
  105. in YAML files at the following locations will be made available to the host::
  106. /etc/ansible/group_vars/raleigh
  107. /etc/ansible/group_vars/webservers
  108. /etc/ansible/host_vars/foosball
  109. For instance, suppose you have hosts grouped by datacenter, and each datacenter
  110. uses some different servers. The data in the groupfile '/etc/ansible/group_vars/raleigh' for
  111. the 'raleigh' group might look like::
  112. ---
  113. ntp_server: acme.example.org
  114. database_server: storage.example.org
  115. It is ok if these files do not exist, as this is an optional feature.
  116. Tip: In Ansible 1.2 or later the group_vars/ and host_vars/ directories can exist in either
  117. the playbook directory OR the inventory directory. If both paths exist, variables in the playbook
  118. directory will be loaded second.
  119. Tip: Keeping your inventory file and variables in a git repo (or other version control)
  120. is an excellent way to track changes to your inventory and host variables.
  121. .. _behavioral_parameters:
  122. List of Behavioral Inventory Parameters
  123. +++++++++++++++++++++++++++++++++++++++
  124. As alluded to above, setting the following variables controls how ansible interacts with remote hosts. Some we have already
  125. mentioned::
  126. ansible_ssh_host
  127. The name of the host to connect to, if different from the alias you wish to give to it.
  128. ansible_ssh_port
  129. The ssh port number, if not 22
  130. ansible_ssh_user
  131. The default ssh user name to use.
  132. ansible_ssh_pass
  133. The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
  134. ansible_sudo_pass
  135. The sudo password to use (this is insecure, we strongly recommend using --ask-sudo-pass)
  136. ansible_connection
  137. Connection type of the host. Candidates are local, ssh or paramiko. The default is paramiko before Ansible 1.2, and 'smart' afterwards which detects whether usage of 'ssh' would be feasible based on whether ControlPersist is supported.
  138. ansible_ssh_private_key_file
  139. Private key file used by ssh. Useful if using multiple keys and you don't want to use SSH agent.
  140. ansible_shell_type
  141. The shell type of the target system. By default commands are formatted using 'sh'-style syntax by default. Setting this to 'csh' or 'fish' will cause commands executed on target systems to follow those shell's syntax instead.
  142. ansible_python_interpreter
  143. The target host python path. This is useful for systems with more
  144. than one Python or not located at "/usr/bin/python" such as \*BSD, or where /usr/bin/python
  145. is not a 2.X series Python. We do not use the "/usr/bin/env" mechanism as that requires the remote user's
  146. path to be set right and also assumes the "python" executable is named python, where the executable might
  147. be named something like "python26".
  148. ansible\_\*\_interpreter
  149. Works for anything such as ruby or perl and works just like ansible_python_interpreter.
  150. This replaces shebang of modules which will run on that host.
  151. Examples from a host file::
  152. some_host ansible_ssh_port=2222 ansible_ssh_user=manager
  153. aws_host ansible_ssh_private_key_file=/home/example/.ssh/aws.pem
  154. freebsd_host ansible_python_interpreter=/usr/local/bin/python
  155. ruby_module_host ansible_ruby_interpreter=/usr/bin/ruby.1.9.3
  156. .. seealso::
  157. :doc:`intro_dynamic_inventory`
  158. Pulling inventory from dynamic sources, such as cloud providers
  159. :doc:`intro_adhoc`
  160. Examples of basic commands
  161. :doc:`playbooks`
  162. Learning ansible's configuration management language
  163. `Mailing List <http://groups.google.com/group/ansible-project>`_
  164. Questions? Help? Ideas? Stop by the list on Google Groups
  165. `irc.freenode.net <http://irc.freenode.net>`_
  166. #ansible IRC chat channel