cloudsoft.io

Ansible

AMP Ansible components are split into AnsibleEntity, AnsibleContainerEffector and AnsibleSshEffector.

Before we start, let’s pick a simple playbook:

---
- name: Create work dir
  hosts: all
  vars:
    work_dir: /tmp/work-dir
  tasks:
    - name: Create work directory
      file:
        path: "{ { work_dir } }"
        state: directory

This playbook creates a directory.

AnsibleContainerEffector

A container-based Ansible effector can be declared in the following way:

brooklyn.initializers:
- type: io.cloudsoft.amp.initializer.AnsibleContainerEffector
  brooklyn.config:
    name: my-playbook
    playbook.url: classpath://playbook.yaml

The minimum declaration requires to choose a name for the effector and specify playbook URL, whether it is remote or packaged in an application bundle.

By default, this effector relies on existence of Linux OS Docker image with ID cloudsoft/ansible with the command ansible-playbook installed on it.

To build a minimal Docker image create a Dockerfile with the following content:

FROM ubuntu
RUN apt-get update && apt-get install ansible -y

And run command:

docker build -t cloudsoft/ansible - < Dockerfile

The effector launches a job with kubectl to apply a playbook to entity from the container as described here, with a default timeout of 1 minute. The default timeout can be customized with timeout configuration option.

Effector declaration also accepts extra_vars as a map to pass into a playbook, additional_arguments as a list of strings property for other Ansible arguments, boolean become property which is used as --become argument in Ansible which is true by default.

A typical effector declaration can look like the following:

name: My Application
services:
  - type: server
    name: My Server
    brooklyn.initializers:
    - type: io.cloudsoft.amp.initializer.AnsibleContainerEffector
      brooklyn.config:
        name: run-my-playbook                # effector name
        image: my-ansible-ubuntu-image       # a custom image name
        timeout: 9m                          # custom timeout of 9 minutes for a kubectl job
        playbook.url: http://a.b.c/playbook.yaml # URL to a remote playbook file
        imagePullPolicy: IfNotPresent        # allows pulling local Docker images
        additional_arguments: ["-vvv"]       # increases verbosity in Ansible output
        extra_vars:                          # this will pass --extra-vars to Ansible in the pod
          work_dir: /tmp/work-dir-2          # existing 'work_dir' var in the playbook will be overridden

Note:

  • Effector requires locally installed kubectl, alongside AMP.
  • additional_arguments does not accept --extra-vars, --become or --inventory arguments. --inventory argument is reserved to target the node that declared this artifact, it means that inventory configured on Ansible machine will be ignored.

Effector applies playbook to a node under which it is declared by default. Change target to apply playbook across children or members, for example:

name: My Application
services:
  - type: cluster
    name: My Cluster
    brooklyn.initializers:
      - type: io.cloudsoft.amp.initializer.AnsibleContainerEffector
        brooklyn.config:
          name: my-playbook
          playbook.url: classpath://playbook.yaml
          target: members
    brooklyn.config:
      cluster.initial.size: 3 # 3 cluster members
      dynamiccluster.memberspec:
        '$brooklyn:entitySpec':
          type: server
          name: My Server

AnsibleSshEffector

SSH effector can be declared in the following way:

brooklyn.initializers:
- type: io.cloudsoft.amp.initializer.AnsibleSshEffector
  brooklyn.config:
    name: my-playbook
    playbook.url: classpath://playbook.yaml
    location:
      user: my-user                         # user of the remote Ansible machine 
      address: 11.22.33.44                  # IP address of the remote Ansible machine 
      publicKeyData: ssh-rsa AAAAB3NzaC1... # public SSH key of the remote Ansible machine (shortened for brevity)

The minimum declaration requires to choose a name for the effector, configure SSH location of the remote Ansible machine (the Ansible control node) and specify playbook URL, whether it is remote or packaged in an application bundle.

Same as in AnsibleContainerEffector, declaration also accepts extra_vars as a map to pass into a playbook, additional_arguments as a list of strings property for other Ansible arguments, boolean become property which is used as --become argument in Ansible which is true by default. Same constraints apply.

Effector applies playbook to a node under which it is declared by default. Change target to apply playbook across children or members, for example:

name: My Application
brooklyn.initializers: # effector declared at application level
  - type: io.cloudsoft.amp.initializer.AnsibleSshEffector
    brooklyn.config:
      name: my-playbook
      playbook.url: classpath://playbook.yaml
      location:
        user: my-user 
        address: 11.22.33.44
        publicKeyData: ssh-rsa AAAAB3NzaC1... # shortened for brevity
      target: children
services: # 3 child server nodes
  - type: server
    name: My Server 1
  - type: server
    name: My Server 2
  - type: server
    name: My Server 3

AnsibleEntity

Explore Creating Blueprints with Ansible to learn how Ansible playbooks can be applied with AnsibleEntity software process.

AMP and Maeztro are developed and supported by Cloudsoft Corporation.