[Charlotte-pm] Is there an Ansible solution to this deployment process?

Yanick Champoux yanick at babyl.ca
Thu Aug 26 07:31:08 PDT 2021 

## Step 1 of ? :  What does the managed hosts need?

ssh and Python. That's it. :-)

Well, okay, maybe a tad more when you look more closely.  You'll need a user account on that machine to which you can connect (duh!). Best way is to drop your ssh key on the remote host so you can connect without interaction. 

If some actions will require root permissions, that user will also need sudo rights (also duh!).  By default Ansible uses the `sudo` mechanism, but there are other alternatives too (https://docs.ansible.com/ansible/latest/user_guide/become.html)  Since my main use case is my own machines, `sudo` always did the trick for me. 

## Step 2 of ?: Herding the remote hosts

For your usecase, I'll assume that you want the full list of hosts you manage, plus you want a sub-group of them that are the ones where you want to do that first install.

To do that you define an inventory file, which can be INI-flavored:


```
yanick.ottawa.ca   ansible_ssh_host=192.168.0.1 ansible_ssh_user=yanick 
jason.charlotte.us ansible_ssh_host=192.168.0.2 ansible_ssh_private_key_file=/home/yanick/.vagrant.d/insecure_private_key
william.charlotte.us ansible_ssh_host=... ansible_become_pass=hushhush

[onboarding]
yanick.ottawa.ca
jason.charlotte.us
```

Or YAML:

```
all:
  hosts:
    'william.charlotte.us':
      ansible_ssh_host: 192.168.0.103
   children:
    onboarding:
      hosts:
        'yanick.ottawa.ca':
          ansible_ssh_host: 192.168.0.101
          ansible_ssh_user: yanick
```

and to tie in to the scary features of YAML, I *think* it'd be also be possible to define that YAML file as 



```
all:
  hosts:
    'william.charlotte.us':
      ansible_ssh_host: 192.168.0.103
    'yanick.ottawa.ca': &yanick
        ansible_ssh_host: 192.168.0.101
        ansible_ssh_user: y
   children:
    onboarding:
      hosts:
        'yanick.ottawa.ca': *yanick
```


but I'm not sure.


## Step 3 of ?: reality check

Of course, I'm winging this as I go along. Take all bits and statement with a grain of salt. :-)


More to come,
`/anick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/charlotte-pm/attachments/20210826/2a0a49aa/attachment.html>

More information about the Charlotte-pm mailing list