GCP Dynamic Inventory in Ansible

1. Overview

Dynamic inventory in Ansible allows you to manage your infrastructure dynamically based on the state of the cloud, rather than relying on a static list of hosts. This lesson focuses on using Google Cloud Platform (GCP) as a dynamic inventory source for Ansible.

2. Key Concepts

• Dynamic Inventory: An inventory that is generated dynamically based on external data sources.
• GCP API: The interface that allows you to interact with Google Cloud resources programmatically.
• JSON Format: The format used by Ansible to interpret the dynamic inventory data.

3. Setup

1. Install Ansible on your local machine or server.
2. Ensure you have access to a GCP account.
3. Enable the GCP API and create a service account with the necessary permissions.
4. Download the service account key in JSON format.

4. Configuration

To configure Ansible for GCP dynamic inventory, you need to create a configuration file called gcp_inventory.yml.

plugin: gcp_inventory
projects:
  - your-gcp-project-id
auth_kind: serviceaccount
service_account_file: /path/to/your/service-account-key.json

Make sure to replace your-gcp-project-id with your actual GCP project ID and specify the path to your service account key.

5. Usage

To use the dynamic inventory, you can run the following command:

ansible-inventory -i gcp_inventory.yml --list

This will fetch the current state of your GCP resources and display them in a structured format.

6. Best Practices

• Regularly review service account permissions to ensure least privilege access.
• Keep your service account key secure and rotate it periodically.
• Utilize tags and labels in GCP to manage resources effectively.
• Test your dynamic inventory configuration in a safe environment before deploying in production.

7. FAQ