ansible party in the [google] clouds

Esther Lozano | @esloho

Set up the place: GCE- Create project and add instances in Google Cloud Engine

- Check the first steps tutorial for VM instances

- Add ssh public key to project- Compute engine → Metadata → SSH keys

- Test ssh connection from your local

- Create service key and download it (i.e. ansible_service_account.json)- IAM & admin → Service account → Create key

- Place it into your ansible project

- Install gcloud in your local machine (optional)

Manage invitations: Ansible- Copy from contrib/inventory files gce.ini and gce.py into your inventory

- Download from https://github.com/ansible/ansible

- Create secrets.py

- Use absolute path or relative to playbook execution for ansible_service_account.json

- Indicate absolute path of secrets.py in gce.ini

- pip install apache-libcloud

- Test the gce connection

- $ inventory/gce.py --list

- $ ansible all -u esloho -i inventory/gce.py -m ping

Party!- Run your playbooks as usual

- $ ansible-playbook -i inventory monitoring.yml

- Select hosts by network tag from your gce instances

- hosts: tag_mongo

- hosts: all:!tag_http_server

- Host configuration (host_vars, --limit, hosts…) by instance name

- Possible to combine static inventory and dynamic gce.py

Some party favors

- Ansible documentation for GCE http://docs.ansible.com/ansible/latest/guide_gce.html

- Managing SSH keys in GCE https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

- Service account keys and permissions https://cloud.google.com/iam/docs/service-accounts

- Github repository of this demo https://github.com/esloho/ansible-gce-demo