What you describe is similar to a setup I've used in the past. We broke up
this part of our inventory into "pools" which was determined by a fact set
for the host.
You could have poolA poolB and poolC, and db1, db2 and db3 respectively.
poolA would connect to db1, poolB to db2, and poolC to db3.
, May 15, 2015 at 1:58 PM, Rahul Mehrotra
>> wrote:
>>
>>>
>>> Hi,
>>> Can you please provide an example. I am specifically interested in
>>> removing egress rules allowing everything automatically added by AWS when
>>> security groups are created. Thank you
>>>
>>>
>>>
>>> ----
ahul Mehrotra
> Cloud & DevOps Engineer, Nokia USA
> email: rahul.mehrotr...@gmail.com
>
> [image: View Rahul Mehrotra's profile on LinkedIn]
> <http://www.linkedin.com/in/rahulmehrotra1>
>
> On Fri, May 15, 2015 at 10:49 AM, Brent Langston
> wrote:
>
>> remove t
remove the rule from the list.
rules: []
Brent
On Fri, May 15, 2015 at 1:32 PM, Rahul Mehrotra wrote:
>
> I have an Ansible script to create EC2 security group. It looks like this
>
> - name: Create HTTP Security Group
> local_action:
> module: ec2_group
> region: "
short answer is yes... easily.
An example of your template scenario might look something like this:
{% if ansible_local.oscar.tags.environment == "production" %}
server_name foo.example.com;
{% elif ansible_local.oscar.tags.environment == "staging" %}
server_nam
On Thu, Jan 8, 2015 at 2:16 AM, Jason Zhao wrote:
> I would like to know if Ansible can control the command execution orders
> between different nodes. The question is actually not specific to PXC, but
> applies to other cluster applications where order matters.
>
Yes, this is trivial with Ansib
software is
> deployed.
>
> On Wednesday, December 31, 2014 10:26:40 PM UTC-5, Brent Langston wrote:
>>
>> And by "goat", I mean host. :-)
>> On Dec 31, 2014 10:25 PM, "Brent Langston" wrote:
>>
>>> We, at hioscar.com, run ansible local
And by "goat", I mean host. :-)
On Dec 31, 2014 10:25 PM, "Brent Langston" wrote:
> We, at hioscar.com, run ansible local from the local goat for all config
> runs from cron, every 10 minutes.
>
> Pros:
> It's fast
> It's automatic, so devs don
We, at hioscar.com, run ansible local from the local goat for all config
runs from cron, every 10 minutes.
Pros:
It's fast
It's automatic, so devs don't need direct access to our systems.
Con:
It isn't aware of the whole inventory, mainly due to our setup. This ends
up complicating things when yo
too.
>
> Since they probably detail your infrastructure with more information than
> you might care to share here, feel free to share off list.
>
> (We're probably going to want to see if we can get a copy of your
> inventory files).
>
> Thanks!
>
>
>
> On
- but I'm curious if you could provide info about what "much longer"
> means? Such as before and after numbers, and numbers of hosts in your
> inventory?
>
>
>
> On Tue, Dec 2, 2014 at 2:43 PM, Brent Langston wrote:
>
>> Hi guys,
>>
>> I'm ho
Hi guys,
I'm hoping I've just overlooked an option, but here's the situation:
After updating from ansible 1.6.2 to 1.8.1, I noticed our ansible runs take
much much longer to actually make contact with the servers. Here is a
really simple comparison:
https://gist.github.com/brentley/7c644614e5dc
This has been on my backlog of things to do... let me know if you want some
help and I'll gladly pitch in to work on this with you.
Brent
On Tue, Aug 12, 2014 at 9:13 AM, Sam Doran wrote:
> I'd love your input on testing whether or not a specific action is
> applicable. I'm u
On Tue, Jul 22, 2014 at 3:13 PM, Michael DeHaan wrote:
> Also "local_action" is usually not needed in cloud provisioning tasks as
> you can just have a play that talks to localhost
>
yeah, this was written before localhost was handled the way it is today. I
haven't gone back and edited this in q
This might be old'ish style at this point, but this is how I do it:
- name: tag my launched instances
local_action: ec2_tag resource={{ item.id }} region={{ region }}
state=present
with_items: ec2.instances
args:
tags:
Name: "{{assigned_hostname.stdout}}"
t;
>> -jlk
>>
>>
>> On Mon, Jun 9, 2014 at 7:44 AM, Michael DeHaan
>> wrote:
>>
>>> ansible_ssh_args is leveragable here to pass additional arguments
>>> correct?
>>>
>>> Also this is configurable in ansible.cfg.
>>>
&
I see your logic, but I think this world break a use case I have in my
environment where a bot layers on the appropriate key depending on what it
is doing.
There is the config key for initiating a config run, the provisioning key
for each environment, the deploy key for each environment, and the s
On Thu, Jun 5, 2014 at 7:52 PM, Jason Edelman wrote:
> Have an alternative solution working now.
secrets don't make friends! mind closing the loop by sharing what you came
up with?
Brent
--
You received this message because you are subscribed to the Google Groups
"Ansible
Yep. that must be the difference. I'm all VPC.
Brent
On Wed, Jun 4, 2014 at 11:28 AM, Brian Coca wrote:
> ah, VPC instances have different rules, 'classic' is non VPC from what I
> can see.
>
> --
> You received this message because you are subscribed to the Google Groups
> "
Whoa. Maybe I'm misunderstanding you but I add and remove security groups
on instances while running all the time. It would be cool to do that via
ansible.
On Jun 4, 2014 7:41 AM, "Brian Coca" wrote:
> aws doesn't allow you to change the security group association of a
> instance once created, y
I did this a while back, thinking I'd replace it with something more
elegant when I have time... honestly, it's been working so well, I haven't
thought about it again, until you reminded me.
I have a script saved in my ansible git repo:
$GIT/ansible/bin/cron_scheduler.sh
#!/bin/bash
PATH=/bin:/u
I world expect it to work perfectly.
On Mar 5, 2014 12:48 PM, "jack" wrote:
> thanks, anyone has experience with MySQL Enterprise Edition (
> MySQL-server-advanced-5.6.16-1.el6.x86_64.rpm)?
>
> On Wednesday, March 5, 2014 9:32:41 AM UTC-8, Brent Langston wrote:
>>
I use it with the percona 5.5 mysql.
On Mar 5, 2014 12:31 PM, "jack" wrote:
> Hi All:
>
> Does anyone have any experience for the mysql module to work enterprise
> verison mysql?
>
> Thanks
> Jack
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Projec
I'd like to use the mysql_user module to create accounts that look like
this:
GRANT ALL PRIVILEGES ON *.* TO ‘bob’@'%’ IDENTIFIED BY ‘pass’ REQUIRE SSL;
Looking at the docs, it's not immediately obvious how to do this.
- mysql_user: name=bob host='%' password=pass priv=*.*:ALL state=presen
en you'll be on the right track.
On Mon, Feb 10, 2014 at 2:28 PM, Brent Langston wrote:
So I downloaded the json to a file, and tried to access that value using ‘jq’:
cat document.json | jq .json.changeSet.items[0].comment
that works fine, so I think you’re right about the syntax. Is it po
:18 PM, Brent Langston (brent...@oufan.com) wrote:
I was wondering about that. I *did* try that earlier (with so many other
combinations as well.) This is what I have now:
debug: var=jenkinsStatus.json.changeSet.items[0].comment
result:
"jenkinsStatus.json.changeSet.items[0].co
t; would be looking for a hash member named "0" versus an array
index.
On Mon, Feb 10, 2014 at 2:02 PM, Brent Langston wrote:
I'm sure this is probably something I'm doing wrong, but I can't seem to figure
out the right thing, so hopefully someone else can.
This is the
I'm sure this is probably something I'm doing wrong, but I can't seem to
figure out the right thing, so hopefully someone else can.
This is the value of the registered variable
"jenkinsStatus": http://hastebin.com/cacusiwiki.tex
Given the following playbook:
---
- name: Jenkins Status Info
h
What if you just abort the remaining tasks, and still run the handlers that
have already been set on that run?
Brent
On Sat, Feb 8, 2014 at 7:34 PM, James Martin wrote:
> I wonder if ansible's retry feature could be made smart enough to note the
> handlers that were notified
So here's the story:
My team is managing some of our secure settings using a set of variables
stored in a file, and encrypted using git-crypt. This has been working
great under the push model, because we all have the key, and have the
secret yaml files decrypted.
I've rolled out ansible-pull,
30 matches
Mail list logo