My code : http://pastebin.com/jzrYTR2u
What I want to achieve: My script should dynamically take the hosts with specific tag and perform the above tasks on each host one by one. Currently, I am taking the instance-id from elb_facts module.
What I have achieved till now: My script will take the first instance out from elb, will perform the deploy tasks, add back to elb. hosts file is currently hardcoded with IPs
Use the boto api to make a connection with AWS and use filters to find the instances you want. You can then recursively search through the list to get the instances and then the instance id's. An example below to make the request for filtered instances:
filters = dict()
filters["tag:Profile"] = node["profile"]
filters["tag:Environment"] = environment
filters["availability_zone"] = region + node["distribution"][index]["zone"]
filters["tag:ServiceName"] = node['service_name']
instances_aws = aws_connection.get_all_instances(filters=filters)
Hope this helps
Related
I am writing a cleanup script that cleans up after Ansible's iam_role inability to clean instance profiles. In general, this instance profile has no roles attached, so I would like to filter all instance profiles that has empty roles object. However, jmespath has not_null function but not is_null function. So, my question is - how can filter out only instance profiles with no roles attached (boto3 or shell). Thanks!
Using boto3, you can try this. This is assuming the Roles value is an empty list, []. If it's something else, you just have to fix the code to what is returned.
client = boto3.client('iam')
r = client.list_instance_profiles()
for ip in r['InstanceProfiles']:
if len(ip['Roles']) == 0:
print(ip)
I'm new to Ansible so be patient. I was trying to create a dynamic inventory using Ansible's dynamic inventory pluging. In particular I'm using hcloud plugin to interface with Hetzner's API.
What I'd like to do is create 3 groups : databases, nfs, k8s.
All servers have already been tag as follows :
app=mysql for mySQL database servers
app=nfs for NFS servers
app=k8s for k8s cluster servers (workers and masters)
To say the docs are lacking is using an euphemism. I've tried using label_selector as follows with no success:
plugin: hcloud
token: hehe
groups:
databases:
label_selector: app=mysql
nfs:
label_selector: app=nfs
k8s:
label_selector: app=k8s
This indeed results in the creation of 3+ groups :
all
databases
nfs
k8s
ungrouped
hcloud
yet all groups contain all hosts, regardless of the label.
So my questions are :
Assuming I'm using something like keyed_groups, which "Add hosts to group based on the values of a variable.", where can I find accepted variables?In the example they use 'location', 'image_os_flavor' and 'status' but I haven't found a list of accepted variable names that I could use.
How could I implement a dynamic Inventory that reaches the previously explained goal?
Is it possible to add group variables in dynamically generated inventories?
Thanks a lot to everyone, let me know how to improve my question as well.
You can do:
groups:
databases: labels.app == 'mysql'
nfs: labels.app == 'nfs'
k8s: labels.app == 'k8s'
The documentation is here:
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/constructed_inventory.html
Is it possible to list nodes in a non-default AWS VPC? This can be done easily using EC2::DescribeInstances by passing a filter with vpc-id= but I can't figure out how to do it using jclouds.
I know how to create an instance in a specified VPC using template options, but I cannot find an equivalent approach for listing nodes. I'm currently using listNodesDetailsMatching(...).
You cannot eagerly filter that on the provider. Using the portable interface you can just provide a predicate to filter nodes once you have them all. You can directly use the underlying AWS EC2 API to do what you want. It could be something like the following:
AWSEC2Api aws = computeServiceContext.unwrapApi(AWSEC2Api.class);
AWSInstanceApi instanceApi = aws.getInstanceApi().get();
instanceApi.describeInstancesInRegionWithFilter("region", ImmutableMultimap.of("vpc-id", "myvpc"));
I'm using a control-repo for my puppet master profiles/roles.
I'm using Hiera and I would like to add role in the hierarchy
My hiera.yaml looks like :
:backends:
- yaml
:yaml:
:datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
:hierarchy:
- "nodes/%{::trusted.certname}"
- "roles/%{::role}"
- "common"
site.pp
node xx01 {
include role::cassandra
}
node xx02 {
include role::mysql
}
node xx03 {
include role::cassandra
}
For example I should add role fact for node xx01 and xx03. So it would useless to add fact for every new node in the future. so I want the fact to be added for every new node.
So the best way is to add a code to add a the fact for role in the control repo. not in the modules.
The puppet agent doesn't seem to intrinsically have the role fact, so I added a role fact in /etc/puppetlabs/facter/facts.d
I think it's useless to compare with hostname to add the fact for roles if the hostname reflects the role. so I could use the hierarchy with a hostname rather than role.
You can either do this with an external fact or a custom fact. I should also note that your hiera file is completely fine and will automatically pick up your role fact for data resolution once that fact is populated. I am also going to assume from that hiera file that you are using Puppet 4, Facter 3, and Hiera 3 (not the Puppet Data Provider with module data lookups etc.), since you are using syntax and conventions consistent with those.
Let us say you have roles app, db, and report.
For custom facts, you would want to write some code like the following in the lib/facter/role.rb directory of a compiled module:
Facter.add('role') do
setcode do
case Facter.value(:hostname)
when /db/ then role = 'db'
when /app/ then role = 'app'
when /report/ then role = 'report'
else role = default
role
end
end
This would be a simple example of how to do this.
You can also do this with an external fact placed in the lib/facts.d directory of a compiled module, like a role.yaml or role.sh file. The yaml would be good for static data, and the shell script would be an example of how to dynamically ascertain the role of the server without using ruby.
You can check additional documentation here: https://docs.puppet.com/facter/3.4/custom_facts.html
I've got an EC2 snapshot from a running machine. When I create an image and then an instance out of it, it fails the reachability test, and I can't connect to it. I checked the volume and it's got no errors by attaching to another machine.
I now suspect that I have to choose the right kernel-id, and that the default might not be compatible.
Looking at other EC2 instances I have, they are running kernel id aki-427d952b, but this kernel is not available from the dropdown list (even in the same availability zone).
How do I find the next-best kernel id? Is there some list of kernel ids and which versions/architectures they support?
EDIT: can e.g. python boto or another library be used to list all kernel-ids and attributes to allow choosing a different kernel-id from aki-427d952b (which is missing from the dropdown list).
Boto can certainly be used to list images, and you can get data about their configuration. Whether that's the best way to search for a replacement is another question, but, if you want to do it, here's the python/boto code
# use your AWS id and Secret here
conn = EC2Connection(awsid, awssecret)
# returns array of all images your account can use
all_images = conn.get_all_images()
for img in all_images:
attrs = img.__dict__
# attrs will be a dictionary of key-value pairs associated
# with the image. Look through them to find what you want.
if img.kernel_id == 'aki-427d952b':
print "found aki-427d952b: imgid=" + img.id