ansible-pull pulls playbooks from a VCS repo(git) and executes them for the local host.
The ansible-pull command is a special feature of Ansible that allows you to, all in one go, pull a playbook from a Git repository (for example, GitHub) and then execute it, hence saving the usual steps such as cloning (or updating the working copy of) the repository, then executing the playbook. The great thing about ansible-pull is that it allows you to centrally store and version control your playbooks and then execute them with a single command, hence enabling them to be executed using the cron scheduler without the need to even install the Ansible playbooks on a given box.
ansible-pull is used to up a remote copy of ansible on each managed node, each set to run via cron and update playbook source via a source repository. This inverts the default push architecture of ansible into a pull architecture, which has near-limitless scaling potential.
The setup playbook can be tuned to change the cron frequency, logging locations, and parameters to ansible-pull. This is useful both for extreme scale-out as well as periodic remediation. Usage of the ‘fetch’ module to retrieve logs from ansible-pull runs would be an excellent way to gather and analyze remote logs from ansible-pull.
The Cronjob
This is the easy part, all you will be doing is adding the following as a cronjob to your system.
0 3 * * * /usr/local/bin/ansible-pull -U https://github.com/scmgalaxy/ansible-pull-example -i hosts- If you’re new to cronjobs, all you need to know is this job is being run every day at 3am.
- The next part of the command is simply the full path to the ansible-pull command, in this instance, we are using the -U option to make sure our code is updated, if it is already installed.
- Then finally, the command also includes a hosts file that our playbook will run against.
Manual Use of ansible-pull
To run the ansible-pull manually use a command like the following:
url='https://github.com/jschulthess/ansible-pull-update.git' # URL of the playbook repository
checkout='develop' # branch/tag/commit to checkout
directory='/var/projects/ansible-pull-update' # directory to checkout repository to
logfile='/var/log/ansible-pull-update.log' # where to put the logs
sudo ansible-pull -o -C ${checkout} -d ${directory} -i ${directory}/inventory -U ${url} \
2>&1 | sudo tee -a ${logfile}
Example Code
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- Apache Lucene Query Example - April 8, 2024
- Google Cloud: Step by Step Tutorials for setting up Multi-cluster Ingress (MCI) - April 7, 2024
- What is Multi-cluster Ingress (MCI) - April 7, 2024
