When puppet and ansible work together for better orchestration
- Definitions
- Description
- Requirements
- Installation
- How to use the puppet ansible module
- Development
- Documentation
- Credits
- Licence
- References
In the following :
- the Ansible master is the host where Ansible is installed and where you run your playbooks
- the Ansible nodes are the hosts managed by the ansible master
The goals of the ansible puppet module are :
- to install Ansible on the ansible master
- to allow ssh connections from the ansible master to a pool of ansible nodes
- to install and configure sudo on the ansible nodes The module use public key authentication and manage the /etc/ssh/ssh_known_hosts file of the ansible master.
On all hosts, an user ansible is created.
The ansible user on the master is able to run commands on the ansible nodes as root with sudo.
A puppet master with store config enable, because this module use exported ressources.
This module is created for Debian (Squeeze/Wheezy) and compatible with puppet agent (> 2.7).
This module use puppetlabs-stdlib (> 4.2.2).
The module has been tested on:
- Debian 6
- Debian 7
This module could be used on Ubuntu or CentOs (actually Debian and RedHat operating system family), but tests has been light and support cannot be guaranteed.
From the forge, go to nvogel/ansible.
Or with Librarian puppet, for example add to your Puppetfile :
mod 'ansible',
:git => 'https://github.com/nvogel/puppet-ansible',
:ref => '2.0.0'
Each version number follows the rules defined by semantic versioning.
You should read the changelog file before upgrading to a new version and use only a tagged version with librarian.
On the ansible master with a fqdn master.fqdn.tld.
You can use hieara, an enc, or a plain text manifest.
You can have several ansible master hosts, each one will have its own pool of ansible nodes.
You have to wait 2 runs of the puppet agent to complete the configuration process.
Ansible is installed by default by pip, the provider parameter could be changed with apt.
include ansible
or
class { 'ansible':
ensure => master
}
or if you want to use the apt provider
include { 'ansible::master':
provider => apt
}
For each ansible node :
class { 'ansible':
ensure => node,
master => 'master.fqdn.tld'
}
or
class { 'ansible::node' :
master => 'master.fqdn.tld'
}
Example with a pool of hosts named pool1.
Each host have the same value for the fact pool1.
There is one host in the pool which is the ansible master (master.fqdn.tld).
hiera.yaml :
---
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/%{environment}/hieradata
:hierarchy:
- "node/%{::clientcert}"
- "pool/%{::pool}"
- common
hieradata directory :
hieradata/
├── pool
│ └── pool1.yaml
└── node
└── master.fqdn.tld.yaml
pool1.yaml :
---
classes: ansible
ansible::ensure: node
ansible::master: master.fqdn.tld
master.fqdn.tld.yaml :
---
ansible::ensure: master
ansible::master: false
On the ansible master host, all you have to do is to use the ansible user. By default, the ansible user is set with a non valid password so you have to be root to use this account.
su - ansible
On the ansible nodes, the only package installed is sudo. So, you may have to deploy with ansible additional python packages which are required for some ansible modules.
By default, puppet install the current version of ansible but will not upgrade it if already present.
You can change ansible version by setting the ansible::install::version parameter.
Example with hiera :
---
ansible::ensure: master
ansible::master: false
ansible::master::provider: apt
ansible::install::version: latest
---
ansible::ensure: master
ansible::master: false
ansible::install::version: 1.7.1
You're welcome to propose enhancements or submit bug reports (even typos).
When you perform modifications inside the puppet module :
- You MUST run the test suite (see Testing section)
- You MUST write (or update) the test suite
- You MUST update the documentation
Thanks in advance.
- Build status on branch master :
- Build status on release 2.1.0 :
- Build status on release 2.0.1 :
- Build status on release 2.0.0 :
- Build status on release 1.1.1 :
- Build status on release 1.1.0 :
- Build status on release 1.0.0 :
The master branch corresponds to the release under development. Could be unstable. All stable release are tagged.
gem install bundler
mkdir modules
cd modules
git clone git://github.com/nvogel/puppet-ansible.git ansible
cd ansible
bundle install --path vendor/bundle
bundle exec rake
bundle exec rake test
bundle exec rake syntax
bundle exec rake lint
bundle exec rake spec
bundle exec guard
mkdir -p /tmp/doc/ansible && touch /tmp/doc/manifest
cd /path/to/module/directory/ansible
ln -s "$(pwd)/lib" /tmp/doc/ansible
ln -s "$(pwd)/manifests" /tmp/doc/ansible
#generate module documentation in /path/to/ansible_doc from /tmp/doc
bundle exec puppet doc --charset UTF-8 --outputdir /path/to/ansible_doc --mode rdoc --manifest /tmp/doc/manifest --modulepath /tmp/doc
- Nicolas Vogel
- All contributors
Puppet ansible module is released under the MIT License. Check the LICENSE file for details.