Solved Ansible and new port options

Hi,

I'm trying to set up ansible(1) to automate a great deal of our infrastructure deployment (we do webhosting with FreeBSD jails and got a couple of different setups).

I created a simple ansible(1) bash module to install ports in jails (with /usr/sbin/jexec $JAILNAME /bin/sh -c "portmaster --no-confirm -BD $PORT" >> /dev/null on the host) and it's working good so far. To configure the ports I just copy the /var/db/ports/<portname>/options file first into the jail.

But now I've no idea how to make this setup practical to maintain because there will be new options to various ports all the time and the only solution I can think of is to login to a jail and do all the updating manually and then add the new options to the options file manually which doesn't seem practically at all.

Is there any better way to automagically configure ports? Or any simple way to get all new options for a port?
 
Set up your own repository with ports-mgmt/poudriere and use the Ansible package installer. That will give you a centralized point to configure ports. It will also make sure all your clients are using the same packages (same versions, same options, same dependencies). And because you have control over the repository you can decide what to update and when.

http://docs.ansible.com/ansible/pkgng_module.html

I don't use Ansible myself but I have implemented Puppet. And I've set it up to use my own repository. This works extremely well and gives me a lot of control. It also saves me from having to build ports on every machine. Build once, install many ;)
 
ports-mgmt/poudriere seems to be a good option. We'll explore this next week. Thanks :)

Is there any information around for building packages for different servers? In the long term we'll probably want to use the poudriere build packages for about 30+ root servers and a couple of hundred jails. While they all run 10.2-STABLE they got different hardware (so probably disable CPU optimization) and are not always the same svn version in terms of make buildworld.
 
You can create different profiles (called sets for some reason) using the -z setname option for poudriere(8) subcommands.

A note about the port options, you might want to avoid saving the options and stick to make.conf (you can have profile specific make.conf as well) for setting them, for example this is the way I set the options in my make.conf:

Code:
OPTIONS_UNSET= X11
WITH_OPENSSL_PORT=yes

ports-mgmt_poudriere-devel_SET= ZSH

editors_vim_SET= CONSOLE
editors_vim_UNSET= RUBY TCL ATHENA GNOME GTK2 MOTIF

And so on.
 
Thanks for you answer, but I mean how to ensure that those packages will install and run smoothly on different servers with different hardware / svn revisions / other things I don't know nothing about.
 
Is there any information around for building packages for different servers?
Just don't set any compiler optimizations, which is a bad idea any way.

While they all run 10.2-STABLE they got different hardware (so probably disable CPU optimization) and are not always the same svn version in terms of make buildworld.
I would recommend sticking to a -RELEASE version. That will allow you to use freebsd-update(8) making things a lot easier and quicker to update and maintain. On our network I've set up an Apache server that can proxy and cache freebsd-update(8). So only that server needs access to the internet for updates. Updates are fast as most servers will get their data from our local cache.

That said, the exact -STABLE revision really only comes into play with kernel modules (like emulators/virtualbox-ose-kmod for example). For almost all other ports this is not an issue. Do keep an eye on /usr/ports/UPDATING and /usr/src/UPDATING, occasionally there's a change in a kernel structure with would require a port that uses it to be specifically built for revisions before and after it.
 
Ok, thank you a lot for the heads up.

I'll leave this thread unsolved until we've implemented ports-mgmt/poudriere with success.

(If anyone has other ideas though I'm eager to hear them even if it wouldn't be a better solution than poudriere. Learning new stuff about FreeBSD is so much fun :) )
 
I've just implemented a similar solution to manage some virtual machines with ansible + poudriere and work great! Thank for the hint!
 
Back
Top