0% found this document useful (0 votes)
837 views

Ansible Summary

1) Ansible allows you to define patterns to select groups of hosts, such as using wildcards, variables, or regular expressions. Inventory files define groups of hosts and can assign variables to groups or individual hosts. 2) Playbooks are composed of plays that target hosts, tasks, roles, and handlers. Tasks can use loops, conditions, lookups, and more to iterate or make decisions. Variables can come from many sources and filters can transform them. 3) Roles allow grouping related tasks, files, templates and other content in a reusable way. Tags allow selectively running parts of a playbook.

Uploaded by

himalnepali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
837 views

Ansible Summary

1) Ansible allows you to define patterns to select groups of hosts, such as using wildcards, variables, or regular expressions. Inventory files define groups of hosts and can assign variables to groups or individual hosts. 2) Playbooks are composed of plays that target hosts, tasks, roles, and handlers. Tasks can use loops, conditions, lookups, and more to iterate or make decisions. Variables can come from many sources and filters can transform them. 3) Roles allow grouping related tasks, files, templates and other content in a reusable way. Tags allow selectively running parts of a playbook.

Uploaded by

himalnepali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

An Ansible summary

Jon Warbrick, March 2014, V1.0


Patterns
all (or *)
G
hostname: foo.example.com
G
groupname: webservers
G
or: webservers:dbserver
G
exclude: webserver:!phoenix
G
intersection: webservers:&staging
G
Patterns can be variable substitutions: {{foo}}, wildcards: *.example.com, and regular expressions:
~(web|db).*\.example\.com
Inventory files
'INI-file' structure, blocks define groups. Hosts alowed in more than one group. Non-standard SSH
port can follow hostname seperated by ':' (but see also ansible_ssh_port below).
Hostname ranges: www[01:50].example.com, db-[a:f].example.com
Per-host variables: foo.example.com foo=bar baz=wibble
Speial sections:
[foo:children]: new group foo contaning all members if included groups
G
[foo:vars]: variable definitions for all members of group foo
G
Variable files:
YAML; given inventory file at .../hosts:
...group_vars/foo: variable definitions for all members of group foo
G
...host_vars/foo.example.com: variable definitions for foo.example.com
G
Behavorial inventory parameters:
ansible_ssh_host
G
ansible_ssh_port
G
ansible_ssh_user
G
ansible_ssh_pass
G
ansible_sudo_pass
G
ansible_connection
G
ansible_ssh_private_key_file
G
ansible_python_interpreter
G
ansible\_\*\_interpreter
G
Playbook example structure
Playbooks are a YAML list of one or more plays. Plays look like this - most (all?) keys are optional:
---
- include: playbook.yml
- name: example
hosts: webservers
gather_facts: no
vars:
http_port: 80
vars_file:
- "vars.yml"
- [ "try-first.yml", "try-second-.yml" ]
vars_prompt:
- name: "my_password2"
prompt: "Enter password2"
default: "secret"
private: yes
encrypt: "md5_crypt"
confirm: yes
salt_size: 7
remote_user: root
sudo: yes
sudo_user: postgress
pre_tasks:
- shell: echo 'pre'
- <more tasks>
roles:
- common
- { role: foo, dir: '/opt/a', port: 5000, when: "bar == 'Baz'" }
- <more roles>
tasks:
- include: tasks.yml foo=bar baz=wibble
- include: other-tasks.yml
- name: example task
vars:
foo: bar
baz:
- one
- two
template: src=template.j2 dest=/etc/foo.conf
when: ansible_os_family == "Debian"
register: var
notify:
- restart apache
remote_user: apache
sudo: yes
ignore_errors: True
- <more tasks>
post_tasks:
- shell: echo 'post'
- <more tasks>
handlers:
- include: handlers.yml
- name: restart apache
service: name=httpd state=restarted
- <more handlers>
- <more plays>
Variables
Names: letters, digits, underscores; starting with a letter.
Substitution examples:
{{ var }}
G
{{ var["key1"]["key2"]}}
G
{{ var.key1.key2 }}
G
{{ list[0] }}
G
Souces:
Highest priority:
G
--extra-vars on the command line
H
General:
G
vars component of a playbook
H
From files referenced by vars_file in a playbook
H
From included files (incl. roles)
H
Paameters passed to includes
H
Facts (see below)
H
Any /etc/ansible/facts.d/filename.fact on managed machines (sets variables with
H
`ansible_local.filename. prefix)
register: in tasks
H
Lower priority:
G
Inventory (set on host or group)
H
Lowest priority
G
Role defaults (from defaults/main.yml)
H
Built-in:
hostvars (e.g. hostvars[other.example.com][...])
G
group_names (groups containing current host)
G
groups (all groups and hosts in the inventory)
G
inventory_hostname (current host as in inventory)
G
inventory_hostname_short (first component of inventory_hostname)
G
play_hosts (hostnames in scope for current play)
G
inventory_dir (location of the inventory)
G
inventoty_file (name of the inventory)
G
Facts:
Run ansible hostname -m setup, but in particular:
ansible_distribution
G
ansible_distribution_release
G
ansible_distribution_version
G
ansible_fqdn
G
ansible_hostname
G
ansible_os_family
G
ansible_pkg_mgr
G
ansible_default_ipv4.address
G
ansible_default_ipv6.address
G
Content of 'registered' variables:
.rc
G
.stdout
G
.stdout_lines
G
.changed
G
.msg
G
.results (when used in a loop)
G
Additionally available in templates:
ansible_managed: string containing the information below
G
template_host: node name of the templates machine
G
template_uid: the owner
G
template_path: absolute path of the template
G
template_fullpath: the absolute path of the template
G
template_run_date: the date that the template was rendered
G
Filters
{{ var | to_nice_json }}
G
{{ var | to_json }}
G
{{ var | from_json }}
G
{{ var | to_nice_yml }}
G
{{ var | to_yml }}
G
{{ var | from_yml }}
G
{{ result | failed }}
G
{{ result | changed }}
G
{{ result | success }}
G
{{ result | skipped }}
G
{{ var | manditory }}
G
{{ var | default(5) }}
G
{{ list1 | unique }}
G
{{ list1 | union(list2) }}
G
{{ list1 | intersect(list2) }}
G
{{ list1 | difference(list2) }}
G
{{ list1 | symmetric_difference(list2) }}
G
{{ path | basename }}
G
{{ path | dirname }}
G
{{ path | expanduser }}
G
{{ path | realpath }}
G
{{ var | b64decode }}
G
{{ var | b64encode }}
G
{{ filename | md5 }}
G
{{ var | bool }}
G
{{ var | int }}
G
{{ var | quote }}
G
{{ var | md5 }}
G
{{ var | fileglob }}
G
{{ var | match }}
G
{{ var | search }}
G
{{ var | regex }}
G
See also default jinja2 filters. In YAML, values starting { must be quoted.
Lookups
{{ lookup('file', '/etc/foo.txt') }}
G
{{ lookup('password', '/tmp/passwordfile chars=ascii') }}
G
{{ lookup('env','HOME') }}
G
{{ lookup('pipe','date') }}
G
{{ lookup('redis_kv', 'redis://localhost:6379,somekey') }}
G
{{ lookup('dnstxt', 'example.com') }}
G
{{ lookup('template', './some_template.j2') }}
G
Conditions
when:
var == "Vaue", var >= 5, etc.
G
var, where var coreces to boolean (yes, true, True, TRUE)
G
var is defined, var is not defined
G
<condition1> and <condition2> (also or?)
G
Combined with with_items, the when statement is processed for each item.
when can also be applied to includes and roles.
Loops
Standard:
- user: name={{ item }} state=present groups=wheel
with_items:
- testuser1
- testuser2
with_items:
- { name: 'testuser1', groups: 'wheel' }
- { name: 'testuser2', groups: 'root' }
with_items: somelist
Nested:
- mysql_user: name={{ item[0] }} priv={{ item[1] }}.*:ALL
append_privs=yes password=foo
with_nested:
- [ 'alice', 'bob', 'eve' ]
- [ 'clientdb', 'employeedb', 'providerdb' ]
Over hashes:
Given
---
users:
alice:
name: Alice Appleworth
telephone: 123-456-7890
bob:
name: Bob Bananarama
telephone: 987-654-3210
tasks:
- name: Print phone records
debug: msg="User {{ item.key }} is {{ item.value.name }}
({{ item.value.telephone }})"
with_dict: users
Fileglob:
- copy: src={{ item }} dest=/etc/fooapp/ owner=root mode=600
with_fileglob:
- /playbooks/files/fooapp/*
With content of file:
(see example for authorized_key module)
- authorized_key: user=deploy key="{{ item }}"
with_file:
- public_keys/doe-jane
- public_keys/doe-john
Parallel stes of data:
Given
---
alpha: [ 'a', 'b', 'c', 'd' ]
numbers: [ 1, 2, 3, 4 ]
- debug: msg="{{ item.0 }} and {{ item.1 }}"
with_together:
- alpha
- numbers
Subelements:
Given
---
users:
- name: alice
authorized:
- /tmp/alice/onekey.pub
- /tmp/alice/twokey.pub
- name: bob
authorized:
- /tmp/bob/id_rsa.pub
- authorized_key: "user={{ item.0.name }}
key='{{ lookup('file', item.1) }}'"
with_subelements:
- users
- authorized
Integer sequence:
Decimal, hexadecimal (0x3f8) or octal (0600)
- user: name={{ item }} state=present groups=evens
with_sequence: start=0 end=32 format=testuser%02x
with_sequence: start=4 end=16 stride=2
with_sequence: count=4
Randon choice:
- debug: msg={{ item }}
with_random_choice:
- "go through the door"
- "drink from the goblet"
- "press the red button"
- "do nothing"
Do-Until:
- action: shell /usr/bin/foo
register: result
until: result.stdout.find("all systems go") != -1
retries: 5
delay: 10
Results of a local program:
- name: Example of looping over a command result
shell: /usr/bin/frobnicate {{ item }}
with_lines: /usr/bin/frobnications_per_host
--param {{ inventory_hostname }}
Indexed list:
- name: indexed loop demo
debug: msg="at array position {{ item.0 }} there is
a value {{ item.1 }}"
with_indexed_items: some_list
Flattened list:
---
# file: roles/foo/vars/main.yml
packages_base:
- [ 'foo-package', 'bar-package' ]
packages_apps:
- [ ['one-package', 'two-package' ]]
- [ ['red-package'], ['blue-package']]
- name: flattened loop demo
yum: name={{ item }} state=installed
with_flattened:
- packages_base
- packages_apps
First found:
- name: template a file
template: src={{ item }} dest=/etc/myapp/foo.conf
with_first_found:
- files:
- {{ ansible_distribution }}.conf
- default.conf
paths:
- search_location_one/somedir/
- /opt/other_location/somedir/
Roles
Directory structure:
playbook.yml
roles/
common/
tasks/
main.yml
handlers/
main.yml
vars/
main.yml
meta/
main.yml
defaults/
main.yml
files/
templates/
See documentation for role dependancies.
Tags
Both plays and tasks support a tags: attribute.
- template: src=templates/src.j2 dest=/etc/foo.conf
tags:
- configuration
Tags can be applied to roles and includes (effectivly taggaing all included tasks)
roles:
- { role: webserver, port: 5000, tags: [ 'web', 'foo' ] }
- include: foo.yml tags=web,foo
To select by tag:
ansible-playbook example.yml --tags "configuration,packages"
ansible-playbook example.yml --skip-tags "notification"

You might also like