From 2de3a5d8494eea3061e10dd4c6085eaeaeda6764 Mon Sep 17 00:00:00 2001 From: Milan Thapa Date: Wed, 2 Nov 2016 19:04:10 +0545 Subject: [PATCH 1/2] improving readme on dynamic inventory for ec2.ini options few lines to avoid these noise: https://github.com/ansible/ansible/issues/10840 --- docsite/rst/intro_dynamic_inventory.rst | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docsite/rst/intro_dynamic_inventory.rst b/docsite/rst/intro_dynamic_inventory.rst index f0781af269..052df561aa 100644 --- a/docsite/rst/intro_dynamic_inventory.rst +++ b/docsite/rst/intro_dynamic_inventory.rst @@ -136,7 +136,17 @@ If you use Boto profiles to manage multiple AWS accounts, you can pass ``--profi You can then run ``ec2.py --profile prod`` to get the inventory for the prod account, this option is not supported by ``ansible-playbook`` though. But you can use the ``AWS_PROFILE`` variable - e.g. ``AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml`` -Since each region requires its own API call, if you are only using a small set of regions, feel free to edit ``ec2.ini`` and list only the regions you are interested in. There are other config options in ``ec2.ini`` including cache control, and destination variables. +Since each region requires its own API call, if you are only using a small set of regions, feel free to edit ``ec2.ini`` and list only the regions you are interested in. There are other config options in ``ec2.ini`` including cache control, and destination variables. The ``ec2.ini`` file presumably defaults to **all the features** which for many admins is probably appropriate. If you have limited scope of what your ``IAM`` user is capable of, i.e, you would not have access to certain component, just comment/toggle the appropriate lines. For example,if you don't have ``RDS`` and ``elasticache`` access toggle to ``False`` :: + + [ec2] + ... + + # To exclude RDS instances from the inventory, uncomment and set to False. + rds = False + + # To exclude ElastiCache instances from the inventory, uncomment and set to False. + elasticache = False + ... At their heart, inventory files are simply a mapping from some name to a destination address. The default ``ec2.ini`` settings are configured for running Ansible from outside EC2 (from your laptop for example) -- and this is not the most efficient way to manage EC2. From 75459fb68873683f4f52d62d4320ef030803f74c Mon Sep 17 00:00:00 2001 From: scottb Date: Mon, 7 Nov 2016 20:23:59 -0800 Subject: [PATCH 2/2] Update intro_dynamic_inventory.rst Minor edits for readability. --- docsite/rst/intro_dynamic_inventory.rst | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docsite/rst/intro_dynamic_inventory.rst b/docsite/rst/intro_dynamic_inventory.rst index 052df561aa..4d242c1fae 100644 --- a/docsite/rst/intro_dynamic_inventory.rst +++ b/docsite/rst/intro_dynamic_inventory.rst @@ -133,10 +133,12 @@ If you use Boto profiles to manage multiple AWS accounts, you can pass ``--profi aws_access_key_id = aws_secret_access_key = -You can then run ``ec2.py --profile prod`` to get the inventory for the prod account, this option is not supported by ``ansible-playbook`` though. -But you can use the ``AWS_PROFILE`` variable - e.g. ``AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml`` +You can then run ``ec2.py --profile prod`` to get the inventory for the prod account, although this option is not supported by ``ansible-playbook``. +You can also use the ``AWS_PROFILE`` variable - for example: ``AWS_PROFILE=prod ansible-playbook -i ec2.py myplaybook.yml`` -Since each region requires its own API call, if you are only using a small set of regions, feel free to edit ``ec2.ini`` and list only the regions you are interested in. There are other config options in ``ec2.ini`` including cache control, and destination variables. The ``ec2.ini`` file presumably defaults to **all the features** which for many admins is probably appropriate. If you have limited scope of what your ``IAM`` user is capable of, i.e, you would not have access to certain component, just comment/toggle the appropriate lines. For example,if you don't have ``RDS`` and ``elasticache`` access toggle to ``False`` :: +Since each region requires its own API call, if you are only using a small set of regions, you can edit the``ec2.ini`` file and comment out the regions you are not using. + +There are other config options in ``ec2.ini``, including cache control and destination variables. By default, the ``ec2.ini`` file is configured for **all Amazon cloud services**, but you can comment out any features that aren't applicable. For example, if you don't have ``RDS`` or ``elasticache``, you can set them to ``False`` :: [ec2] ...