インベントリ
インベントリファイルへのグループ変数定義
[servers]
host1
host2
[all:vars]
gateway=192.168.0.1
[servers:vars]
db_host=192.168.0.121
localhost
ターゲットホストでlocalhostを指定した場合
---
- hosts: localhost
gather_facts: false
tasks:
- name: sample
ping:
このとき、インベントリファイルにlocalhostの定義が無い場合(や、インベントリファイルを指定しない場合)は、暗黙のlocalhostとして
hosts:
localhost:
vars:
ansible_connection: local
ansible_python_interpreter: "{{ansible_playbook_python}}"
ってのが内部で用意され、この設定で接続される。よって、connection: localとして動く。
$ ansible-playbook localhost.yml -vvv
:
:
TASK [sample] *****************************************************
task path: /home/zaki/src/ansible-sample/inventory/localhost.yml:6
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: zaki
:
:
こんな感じ。
インベントリにlocalhostの設定があればそれが使われる。当然connection: localが無ければ、設定されたコネクションプラグインが使用される(未指定ならデフォルトのssh)
[localhost]
localhost
こんなlocalhost.iniというインベントリファイルを指定すると、
$ ansible-playbook localhost.yml -i localhost.ini -vvv
:
:
TASK [sample] *****************************************************
task path: /home/zaki/src/ansible-sample/inventory/localhost.yml:6
<localhost> ESTABLISH SSH CONNECTION FOR USER: None
:
:
このようにssh接続となる。
ansible-inventoryコマンド
ansible-inventoryコマンドを使用すると、ターゲットノード一覧やそのホストに紐づく変数を確認できる。
ダイナミックインベントリの場合に対象ノードが何になるか確認できる。
--list
$ ansible-inventory -i inventory.ini --list
このインベントリファイルを参照した際のホストグループやホスト変数(group_varsなど有れば参照)をリストアップする。
{
"_meta": {
"hostvars": {
"master01": {
"additional_packages": [
"bash-completion",
"open-vm-tools"
],
"additional_services": [
"vmtoolsd"
],
"ansible_host": "192.168.0.121",
"cluster_name": "my-kubeadm-cluster",
"controlplane_endpoint": "k8s-master.esxi.jp-z.jp",
"enable_firewalld": "true",
"pod_network_cidr": "10.244.0.0/16",
"required_ports": [
"6443/tcp",
"2379-2380/tcp",
"10250/tcp",
"10251/tcp",
"10252/tcp"
],
"use_cni_plugin": "calico",
"use_cri": "containerd"
},
"master02": {
"additional_packages": [
"bash-completion",
"open-vm-tools"
],
"additional_services": [
"vmtoolsd"
],
"ansible_host": "192.168.0.122",
"cluster_name": "my-kubeadm-cluster",
"controlplane_endpoint": "k8s-master.esxi.jp-z.jp",
"enable_firewalld": "true",
"pod_network_cidr": "10.244.0.0/16",
"required_ports": [
"6443/tcp",
"2379-2380/tcp",
"10250/tcp",
"10251/tcp",
"10252/tcp"
],
"use_cni_plugin": "calico",
"use_cri": "containerd"
},
"master03": {
"additional_packages": [
"bash-completion",
"open-vm-tools"
],
"additional_services": [
"vmtoolsd"
],
"ansible_host": "192.168.0.123",
"cluster_name": "my-kubeadm-cluster",
"controlplane_endpoint": "k8s-master.esxi.jp-z.jp",
"enable_firewalld": "true",
"pod_network_cidr": "10.244.0.0/16",
"required_ports": [
"6443/tcp",
"2379-2380/tcp",
"10250/tcp",
"10251/tcp",
"10252/tcp"
],
"use_cni_plugin": "calico",
"use_cri": "containerd"
},
"worker01": {
"additional_packages": [
"bash-completion",
"open-vm-tools"
],
"additional_services": [
"vmtoolsd"
],
"ansible_host": "192.168.0.125",
"cluster_name": "my-kubeadm-cluster",
"controlplane_endpoint": "k8s-master.esxi.jp-z.jp",
"enable_firewalld": "true",
"pod_network_cidr": "10.244.0.0/16",
"required_ports": [
"10250/tcp",
"30000-32767/tcp"
],
"use_cni_plugin": "calico",
"use_cri": "containerd"
},
"worker02": {
"additional_packages": [
"bash-completion",
"open-vm-tools"
],
"additional_services": [
"vmtoolsd"
],
"ansible_host": "192.168.0.126",
"cluster_name": "my-kubeadm-cluster",
"controlplane_endpoint": "k8s-master.esxi.jp-z.jp",
"enable_firewalld": "true",
"pod_network_cidr": "10.244.0.0/16",
"required_ports": [
"10250/tcp",
"30000-32767/tcp"
],
"use_cni_plugin": "calico",
"use_cri": "containerd"
}
}
},
"all": {
"children": [
"master",
"ungrouped",
"worker"
]
},
"master": {
"hosts": [
"master01",
"master02",
"master03"
]
},
"worker": {
"hosts": [
"worker01",
"worker02"
]
}
}
--graph --vars
このオプションの場合は、グループ変数定義が独立して表示される。
$ ansible-inventory -i inventory.ini --graph --vars
@all:
|--@master:
| |--master01
| | |--{additional_packages = ['bash-completion', 'open-vm-tools']}
| | |--{additional_services = ['vmtoolsd']}
| | |--{ansible_host = 192.168.0.121}
| | |--{cluster_name = my-kubeadm-cluster}
| | |--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
| | |--{enable_firewalld = true}
| | |--{pod_network_cidr = 10.244.0.0/16}
| | |--{required_ports = ['6443/tcp', '2379-2380/tcp', '10250/tcp', '10251/tcp', '10252/tcp']}
| | |--{use_cni_plugin = calico}
| | |--{use_cri = containerd}
| |--master02
| | |--{additional_packages = ['bash-completion', 'open-vm-tools']}
| | |--{additional_services = ['vmtoolsd']}
| | |--{ansible_host = 192.168.0.122}
| | |--{cluster_name = my-kubeadm-cluster}
| | |--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
| | |--{enable_firewalld = true}
| | |--{pod_network_cidr = 10.244.0.0/16}
| | |--{required_ports = ['6443/tcp', '2379-2380/tcp', '10250/tcp', '10251/tcp', '10252/tcp']}
| | |--{use_cni_plugin = calico}
| | |--{use_cri = containerd}
| |--master03
| | |--{additional_packages = ['bash-completion', 'open-vm-tools']}
| | |--{additional_services = ['vmtoolsd']}
| | |--{ansible_host = 192.168.0.123}
| | |--{cluster_name = my-kubeadm-cluster}
| | |--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
| | |--{enable_firewalld = true}
| | |--{pod_network_cidr = 10.244.0.0/16}
| | |--{required_ports = ['6443/tcp', '2379-2380/tcp', '10250/tcp', '10251/tcp', '10252/tcp']}
| | |--{use_cni_plugin = calico}
| | |--{use_cri = containerd}
| |--{required_ports = ['6443/tcp', '2379-2380/tcp', '10250/tcp', '10251/tcp', '10252/tcp']}
|--@ungrouped:
|--@worker:
| |--worker01
| | |--{additional_packages = ['bash-completion', 'open-vm-tools']}
| | |--{additional_services = ['vmtoolsd']}
| | |--{ansible_host = 192.168.0.125}
| | |--{cluster_name = my-kubeadm-cluster}
| | |--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
| | |--{enable_firewalld = true}
| | |--{pod_network_cidr = 10.244.0.0/16}
| | |--{required_ports = ['10250/tcp', '30000-32767/tcp']}
| | |--{use_cni_plugin = calico}
| | |--{use_cri = containerd}
| |--worker02
| | |--{additional_packages = ['bash-completion', 'open-vm-tools']}
| | |--{additional_services = ['vmtoolsd']}
| | |--{ansible_host = 192.168.0.126}
| | |--{cluster_name = my-kubeadm-cluster}
| | |--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
| | |--{enable_firewalld = true}
| | |--{pod_network_cidr = 10.244.0.0/16}
| | |--{required_ports = ['10250/tcp', '30000-32767/tcp']}
| | |--{use_cni_plugin = calico}
| | |--{use_cri = containerd}
| |--{required_ports = ['10250/tcp', '30000-32767/tcp']}
|--{additional_packages = ['bash-completion', 'open-vm-tools']}
|--{additional_services = ['vmtoolsd']}
|--{cluster_name = my-kubeadm-cluster}
|--{controlplane_endpoint = k8s-master.esxi.jp-z.jp}
|--{enable_firewalld = true}
|--{pod_network_cidr = 10.244.0.0/16}
|--{use_cni_plugin = calico}
|--{use_cri = containerd}
ansible-inventory -i inventory.ini --graph --vars の結果。
— よこち(yokochi) (@akira6592) June 9, 2021
インベントリ内の変数や group_vars とかの変数定義を解釈して、結局そのホストがどういう変数の値を持つか分かる。
--list でも似たような情報はわかる(2枚目) pic.twitter.com/Y3nW49EP2C
ダイナミックインベントリ
EC2
[Ansible / AWS] ダイナミックインベントリを使ってEC2接続先を動的に取得してAnsible実行お試し - zaki work log
---
plugin: amazon.aws.aws_ec2
regions:
- ap-northeast-1
netbox
[NetBox / Ansible] ダイナミックインベントリを使ってNetBoxに登録されたホスト情報をターゲットノードにAnsibleを実行 - zaki work log
plugin: netbox.netbox.nb_inventory
api_endpoint: http://192.168.0.19:28080
token: 0123456789abcdef0123456789abcdef01234567