Multi-Namespace¶
It’s best if you segment your infrastructure into namespaces.
Think of a namespace as a particular “view” on a part, or parts of your infrastructure.
In this example, I’ve an elastic search cluster, an application server, and some management servers set up in GCP.
I’ve created my namespaces in this instance using sub-selected inventories. Please refer to the docs - https://docs.bcome.com - for more information on the namespace types available.
Note
The servers retrieved in this example are tagged in GCP with various labels. These labels are the subject of the filters you’ll see in the Network Configuration.
Project structure¶
.
└── bcome
└── networks.yml
Tree Hierarchy¶
The tree hierarchy below is generated by invoking Bcome’s tree command:
▐▆ Namespace tree wbz
│
├───╸ collection elastic
│ ├───╸ inventory-subselect data
│ │ ├───╸ server node_81rs
│ │ ├───╸ server node_mtk9
│ │ └───╸ server node_wrbb
│ │
│ └───╸ inventory-subselect masters
│ ├───╸ server node_0ls7
│ ├───╸ server node_9s29
│ └───╸ server node_mlxk
│
│
├───╸ inventory-subselect management
│ ├───╸ server bastion
│ └───╸ server puppet
│
└───╸ inventory-subselect wbzsite
└───╸ server app_sq6v
Network Configuration¶
The following network configuration sets up a multi-namespace views. It organises servers from a single cloud provider, GCP, into namespaces by filtering on the tags set on those servers within GCP.
---
wbz:
type: collection
description: All my servers in multiple namespaces
network:
type: gcp
project: wbznet
zone: europe-west1-b
:authentication_scheme: service_account
service_account_credentials: service-account.json
service_scopes:
- https://www.googleapis.com/auth/compute.readonly
- https://www.googleapis.com/auth/cloud-platform
ssh_settings:
proxy:
- host_lookup: by_bcome_namespace
namespace: management:bastion
wbz:all_machines:
hidden: true
type: inventory
description: All Production environment
override_identifier: "prod_net_(.+)"
network:
filters: status:running AND labels.environment=prod-net
wbz:management:
type: inventory-subselect
subselect_from: all_machines
description: Operations namespace
filters:
by_label:
group: operations
wbz:wbzsite:
type: inventory-subselect
subselect_from: all_machines
description: Frontend wbzsite
override_identifier: "wbzsite_(.+)"
filters:
by_label:
group: application
function: frontend-wbzsite
wbz:elastic:
type: collection
description: Elastic search cluster
wbz:elastic:data:
type: inventory-subselect
description: elastic search data nodes
subselect_from: all_machines
override_identifier: "elastic_data_(node_.+)"
filters:
by_label:
division: elastic-search
function: elastic-data-node
wbz:elastic:masters:
type: inventory-subselect
description: elastic search master nodes
subselect_from: all_machines
filters:
by_label:
division: elastic-search
function: elastic-master-node
override_identifier: "elastic_master_(node_.+)"
Note
Always tag your cloud assets if you can.
Ascii Cast¶
Note
To replay this Asciicast in your own terminal, install the asciinema package from https://asciinema.org/, and then enter the following in your terminal:
asciinema play https://asciinema.org/a/SNXoHJ1dFMJVTuokSh9V6VY8i