Discussion:
Using Ansible to manage bind installation/basic setup.
MURTARI, JOHN
2021-05-17 15:42:39 UTC
Permalink
Folks,


Thinking of using Ansible to help with standardized bind installations & auto setup. Searched the list Archives/ISC website and didn't see much. Found a variety of Ansible roles/playbooks on Google, but nothing seemed to be the clear preferred favorite? Any recommendations are welcome. Does ISC have/plan on having some modules for Ansible?


Limited goals right now while we gain experience:

1) Ability to manage named.conf - confirm standard setups except for site-specific options.

2) Ability to stop/start/reload named.

3) Nothing special installed on remote servers, use just ssh for access. Works across RHEL, CENTOS, & UBUNTU.


Thanks!
John


-------------------------------

John Murtari

Orion Inc.

office: 315-944-0998

cell: 315-430-2702
Jan-Piet Mens via bind-users
2021-05-18 17:29:51 UTC
Permalink
Ansible's template module is what you'd probably use for #1, the service
module (with handlers) for #2, and #3 comes out of the box when you use
Ansible.

While you might find existing roles and playbooks on the internets, I
would strongly recommend to vet them carefully in a test environment
before using them in production; just because something works for me
doesn't mean it will satisfy you. :)

Good luck,

-JP
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
MURTARI, JOHN
2021-05-19 11:40:04 UTC
Permalink
> Ansible's template module is what you'd probably use for #1, the service module (with handlers) for #2, and #3 comes out of the box when you use Ansible.

> While you might find existing roles and playbooks on the internets, I would strongly recommend to vet them carefully in a test environment before using them in production; just because something works for me doesn't mean it will satisfy you. :)


Thanks for the recommendation. I had found some existing playbook stuff, but confusing to understand. Just using their basic support for templates was pretty easy. Had some experience with Puppet in the past. Ansible's use of simple SSH for access instead of requiring a remote client installed does make it a lot easier.


Best regards!
John


________________________________
From: bind-users <bind-users-***@lists.isc.org> on behalf of Jan-Piet Mens via bind-users <bind-***@lists.isc.org>
Sent: Tuesday, May 18, 2021 1:29:51 PM
To: bind-***@lists.isc.org
Subject: Re: Using Ansible to manage bind installation/basic setup.

Ansible's template module is what you'd probably use for #1, the service
module (with handlers) for #2, and #3 comes out of the box when you use
Ansible.

While you might find existing roles and playbooks on the internets, I
would strongly recommend to vet them carefully in a test environment
before using them in production; just because something works for me
doesn't mean it will satisfy you. :)

Good luck,

-JP
_______________________________________________
Please visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$ to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl69XQ71wc$ for more information.


bind-users mailing list
bind-***@lists.isc.org
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$
Stoffel, John (TAI)
2021-05-21 19:26:06 UTC
Permalink
I'm using the following role, but only for a very simple secondary setup.

ansible-galaxy install bertvv.bind

It's not the fastest, and I'm sure my ansible-foo isn't the best, but it's working for me so far.

John


Sr. Storage Architect
TOSHIBA AMERICA, INC.
290 Donald Lynch Blvd - Suite 201
Marlborough, MA 01752
508-736-5499 (mobile)
E-Mail: ***@toshiba.com<mailto:***@toshiba.com>
Website: Service Now Self Service Portal<https://nassc.service-now.com/ess/navpage.do>

From: bind-users <bind-users-***@lists.isc.org> On Behalf Of MURTARI, JOHN
Sent: Wednesday, May 19, 2021 7:40 AM
To: bind-***@lists.isc.org
Subject: Re: Using Ansible to manage bind installation/basic setup.


> Ansible's template module is what you'd probably use for #1, the service module (with handlers) for #2, and #3 comes out of the box when you use Ansible.

> While you might find existing roles and playbooks on the internets, I would strongly recommend to vet them carefully in a test environment before using them in production; just because something works for me doesn't mean it will satisfy you. :)



Thanks for the recommendation. I had found some existing playbook stuff, but confusing to understand. Just using their basic support for templates was pretty easy. Had some experience with Puppet in the past. Ansible's use of simple SSH for access instead of requiring a remote client installed does make it a lot easier.



Best regards!
John



________________________________
From: bind-users <bind-users-***@lists.isc.org<mailto:bind-users-***@lists.isc.org>> on behalf of Jan-Piet Mens via bind-users <bind-***@lists.isc.org<mailto:bind-***@lists.isc.org>>
Sent: Tuesday, May 18, 2021 1:29:51 PM
To: bind-***@lists.isc.org<mailto:bind-***@lists.isc.org>
Subject: Re: Using Ansible to manage bind installation/basic setup.

Ansible's template module is what you'd probably use for #1, the service
module (with handlers) for #2, and #3 comes out of the box when you use
Ansible.

While you might find existing roles and playbooks on the internets, I
would strongly recommend to vet them carefully in a test environment
before using them in production; just because something works for me
doesn't mean it will satisfy you. :)

Good luck,

-JP
_______________________________________________
Please visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$> to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl69XQ71wc$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl69XQ71wc$> for more information.


bind-users mailing list
bind-***@lists.isc.org<mailto:bind-***@lists.isc.org>
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/bind-users__;!!BhdT!2lED6vbUEHG2F8ocQh8Fn7IxVUx1x_4UeguTObEE64xI6g-6VYkphsl6O4BthDo$>
Loading...