Now that our servers are registered in Ansible’s inventory, it is time to have our instances automatically get their configuration from Ansible when they start.
Creating the Ansible job template
The first step is to set up a configuration job template in Ansible to configure the instances of our Role, and to enable provisioning callbacks. This is well explained in Tower’s documentation. Create a job template, with machine credentials that will allow access to instances managed by Scalr, and the playbook of your choice.
Make sure that the job template applies to the inventory that contains the group that we configured in step 1, otherwise the callback script will fail with an error "No suitable host was found".
Once you have the host configuration key and your job template is saved, proceed to the next step.
Adding the Ansible callback script
In this step, we will configure a Scalr Script that will be executed by the Servers when they start, to fetch the configuration from Ansible.
In the Main menu, click on “Add New” next to Scripts:
Give a name to this new script, for instance “Ansible provisioning callback”. Set the following as contents:
#!/bin/bash curl --data "host_config_key=$ANSIBLE_CONFIG_KEY" $ANSIBLE_CALLBACK_URL
Click on Create to save this script.
This script is generic and can be used with any Role or Farm Role. Each Role that wants to use it will only need to define the
ANSIBLE_CALLBACK_URL global variables appropriately.
Setup a Role to be automatically configured by Ansible
The final step is to configure a Role with the proper Global Variables and Orchestration Rules to run this script when a Server is started.
Create a new Role. Setup the two necessary Global Variables (
ANSIBLE_CALLBACK_URL) with the values provided by Ansible Tower:
Then, in the Orchestration section, add an Orchestration rule to run our Script when a Server is up and ready (HostUp event), on the machine that triggered the event (Triggering instance only target):
And this is all! All Servers using this Role will now be automatically configured by Ansible. To test this behavior, create a Farm with a Farm Role based on the Role we just created, make sure that the Security Groups configuration allow your server to reach the Tower installation on port 443 and allow your Tower installation to reach port 22 on your Servers, launch the Farm, and after a few minutes you should see the job being launched in Ansible.