Running ansible-playbook on a bastion host

Running ansible playbooks against AWS servers can be glacially slow because of the many SSH connections, even when using Bilbie’s recipe for an ssh proxy setup. What follows is a code snippet that replaces the local ansible-playbook command with a bash function that calls a remote script Run_ansible.sh. Run_ansible in turn massages the parameters in an edible-format creates a temp bash script and launches it.

Time savings for a largish deployment: down to 24 mins from 1hr 58Mins with exactly the same scripts!

Note: ansible-ssh-host is used in the inventory to denote the final target system


# if just local
ANSIBLE_PLAYBOOK=ansible-playbook

#
# Running the playbooks on the jump box
#
if [[ "$USE_JUMPBOX" == true ]]; then
    if [[ -n "$ANSIBLE_SSH_HOST" ]] && [[ -n "$JUMP_USER" ]] && [[ -n "$JUMP_BOX" ]]; then
        extra_vars=ansible_ssh_host=${ANSIBLE_SSH_HOST}

        # Now we need to pass parameters to the jump box
        ANSIBLE_PLAYBOOK=remote_ansible

        # massage the remote env
        # copy the playbooks over   
        ssh ${JUMP_USER}@${JUMP_BOX}  mkdir -p /tmp/deployment-ansible
        rsync -avuh --delete $WORKSPACE/ansible  ${JUMP_USER}@${JUMP_BOX}:/tmp/deployment-ansible/
        # copy the dispatcher script
        scp $WORKSPACE/Run_ansible.sh  ${JUMP_USER}@${JUMP_BOX}:
    else
        echo "ANSIBLE_SSH_HOST,JUMP_USER,JUMP_BOX must be set when USE_JUMPBOX is true" exit 1
    fi
fi
# --extra-vars must be the last parameter to ansible-playbook 
# or this hack will not work
function remote_ansible {
 ssh -t ${JUMP_USER}@${JUMP_BOX} /bin/bash -l ./Run_ansible.sh -vvv $@
}

And the helper script that runs on the bastion host. People with experience in quoting quotes over BASH driver SSH scripts will nod in understanding.


cat Run_ansible.sh
#/bin/bash

# quoting across SSH is a nightmare
params="$@"

params=`echo $params | sed -e "s/extra-vars/extra-vars \"/g"`
params="$params\""

echo "cd /tmp/deployment-ansible/ansible" > t
echo "ansible-playbook $params" >> t
bash t

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: