Ansible Learn Quickly
Ansible Learn Quickly
Hello there
ServerName = {{description)} Here is a sample playbook that uses that template: hosts: databases become: yes description: "{{ansible_hostname}}" tasks: ~ name: write the index file template: sro=template j2 dest=/vat/www/html/index.html notify: -restarthttpd + name: ensure apache is running service: name=httpd state=running handlers: ~ name: restart httpd service: name=httpd state=restarted Here is the contents of the /var/ww/ntml/index.himl file once the playbook has run: - Hello there
ServerName = server For this particular server, the hostname is ‘server’ Roles OsnemieWhat are Roles in Ansible Roles in Ansible use the idea of using include files and combines them to form reusable sections Itallows you to reuse portions of your code easier. You break up the playbook into sections and when the playbook is run it pulls all the sections together and runs against your target hosts Ansible roles must be in a particular format to work as expected. You need a folder and subfolders to be in a specified format. As an example, if we create a folder called Roles and we want to store our roles in there then we would create the fodler for the project and its subfolders as needed. The ansible-galaxy command can be used to create the correct format as shown below Starting in the Roles directory. The command ansible-galaxy init apache will create the following tree and files: apache/ | defaults —main.ym) |—stes | handlers ‘—main.yml |—mota ‘—main.ym) |—README.ma [tasks —main.ym) [templates | — tosis [- inventory Ltest-ym main.yml ‘We would edit the files as required for the portions that our project needs. For instance, we would edit the apache/tasks/main.yml file to put in the tasks that are required. We would edit the apache/vars/main.ymi to put in any variables that are needed and so on. Ifyou don't need a section then it's not used. So, for instance, if we put no data into handlers/main.yml, then it would be ignored when the role is run An Example of a Role in Ansible Here is an example of a role in Ansible. The only file we require is tasks since this is a simple Osnemieexample. Here is the file system tree with only the files that are needed: apache tasks main yal + Here is the contents of main.ym yum; name=hitpd state=present + Here is the contents of the playbook that will use the role: ~ hosts: local become: yes roles: = Roles/apache «Here is the command that's run: ansible-playbook playbook.yml ‘+ When the playbook is run it includes the tasks in apache/tasks/main.yml and runs them Ansible Galaxy What is Ansible Galaxy + Ansible Galaxy is a website where users can share roles. + _Italso refers to the command line tool that is installed with Ansible. + The command line tool is called with the following format + ansible-galaxy [delete |import| nfo] init| install list |ogin remove |search| setup] [— help] [options] + By default, roles are downloaded to the /etc/ansibie/roles folder. If you want to store them there you may need to preface the command with sudo + You can change where the role is installed by useing the -p option when you use the command + Roles can have dependancies, but those will automatically be installed + You don't need an Ansible Galaxy profile to download. If you wish to contribute roles, then you will need a profile on the site. -12 OsnemieThe URL for the Ansible Galaxy site is https://galaxy.ansible.com/ An Example of Using Ansible Galaxy + Touse Ansible Galaxy you need to find a role you wish to download + You can use ansible-galaxy search to search for roles or you can search from the Ansible Galaxy website + To installa role from Ansible Galaxy you specify the download option + Here is an example: + ansible-galaxy install bennojoy nginx -p Roles + ‘The output of that command is shown below: ~ downloading role ‘nginx’, owned by bennojoy + downloading role from hitps://github.com/bennojoy/nginx/archive/ master tar.gz - extracting bennojoy.nginx to Roles/bennojoy.nginx + bennojoy.nginx was installed successfully + The command installed the role into the Roles folder. Here is the tree to show you the format: Roles | bennojoy.nginx | | defaults — mainyml Freee Lepel.repo |—nandlers LL main-yret }—meta \— main.yml | --README.ma | tasks ‘—main.yml | templates | |—default.contj2 | default 2 | ngins.cont 2 | site je eee + You would use the role in a playbook the same as a normal role. <13- OsnemieParallelism What is Parallelism in Ansible? + It's how many processes that Ansible uses to talk to the server to perform its tasks. By default, it's 5, but that can be changed * You can change it in the config file, on the command line or in a playbook. How to Change It + Ansible calls its forks; here is an example of the setting being changed to 20: * Inaconfig file: * forks =20 * Onthe command line with an ad-hoc command: + ansible contos -m ping £20 + Ina playbook: Ansible Vault What is Ansible Vault? + Ansible Vault is an encrypted store «It's used for storing variables or passwords or files in an encrypted format + Ituses an AES-256 cipher * The command line tool, ansible-vault, is used to work on the files + When using an encrypted file in a playbook, you need to use the following options when running the playbook: © -ask-vault-pass + -vault-password-file <14- OsnemieAnsible Vault Commands + Here is an example of using vault to encrypt a file ansible-vault encrypt Roles/apache-install/vars/main.yml Vault password: Encryption successful How You Use It + When you call a play that has an ecrypted file in it, you need to let Ansible know to ask for the decryption key. If you don't, then it will fail, as shown below: ansible-playbook testplay!.ym! ERROR! Decryption failed on /home/ansible/roles/Roles/apache-install/ vars/main.yml + Torun the playbook and decrypt the encrypted file you would use the following: ‘+ ansible-playbook testplay l_yml -ask-vault-pass Ansible Tower What is Ansible Tower? + Ansible Tower is a web-based solution that is designed to help you manage your Ansible installation. + Ansible Tower provides access control over your playbooks, inventory, SSH credentials. It can manage who has access to those credentials. It has logging that helps you monitor your systems. + Find out more about Tower features and how to download it on the Ansible Tower webpage. Tower is free for usage for up to 10 nodes. + https: /ansible.com/tower Osnemie