11. Ansible(Basic(Terminology:(
• Modules - accomplish dedicated Tasks (set values, use templates)
• Tasks - execute Module specific parameters, variables, etc.
• Variables - configuration-wide, Playbook / Roles specific vars
• Facts - gather information about the target system
• Handlers - like Tasks but usually get called by another Task
• Roles - group related Tasks, encapsulate data to accomplish Tasks
• Files - files directory contains files copied over to target
• Templates - Jinja2 format w/ placeholders to insert variables
• Vault - encrypt sensible data (i.e. files containing passwords)
• Plays - are lists of Tasks which apply to hosts / host groups
• Playbooks - YAML formatted files orchestrate steps sequentially
• Inventory - reference inside 'host' & 'ansible.cfg' files
Ansible(Meetup(Hamburg,(henry(stamerjohann,(12/2014
19. CLI$Commands$(overview)
ansible <host-pattern> [options] # run Ad hoc command
ansible-playbook <playbook-name> # run an Ansible playbook
ansible-galaxy <command> # share and download Ansible roles
ansible-pull [options] [playbook.yml] # setup Ansible pull architecture
ansible-doc [options] [module...] # show documentation
debug with -vvvv
dry run mode with --check
check playbooks with --syntax-check
Ansible(Meetup(Hamburg,(henry(stamerjohann,(12/2014
20. Ansible(AdHoc(commands
ansible <pattern_goes_here> -m <module_name> -a <arguments> # -s <optional sudo>
## single server node
ansible webserver -a reboot -i /path/to/hosts ## path to hosts-file
ansible db -s -m apt -a "pkg=postgresql state=present" ## -i use path to hosts-file
## multiple server nodes
ansible multi -s -m apt -a "pkg=ntp state=installed" ## -i use path to hosts-file
ansible multi -s -m service -a "name=ntpd state=started enabled=yes" ## -i
## module example, git checkout
ansible webserver -s -m git -a "repo=git://github.com/path/to/repo.git
dest=/opt/myapp update=yes version=1.2.4" ## -i use path to hosts-file
Ansible(Meetup(Hamburg,(henry(stamerjohann,(12/2014
28. ---
- hosts: multi
sudo: True
vars:
app_name: my-app
license_file: "{{ lookup('file','license.xml') }}"
# prompt during run
vars_prompt:
- name: "set_password for x"
prompt: "enter password for x"
default: "super_dumb_pw"
private: yes
pre_tasks:
- name: display facts, print name and ip
debug: msg="System {{ inventory_hostname }} has ip {{ ansible_default_ipv4 }}"
# run gerneral tasks
tasks:
- name: Install ntp
apt: name=ntp update_cache=yes cache_valid_time=3600
...
# install roles sequentially
roles:
- { role: database, tags: db }
- { role: nginx, tags: webapp }
- { role: tomcat, tags: webapp }
Ansible(Meetup(Hamburg,(henry(stamerjohann,(12/2014
29. Playbook(Anatomy
• name: display name of your playbook (optional)
• hosts: host or host group against run the tasks (mandatory)
• sudo: True/False (optional)
• vars: reference vars inline or /path/to/file (optional)
• tasks: list of actions to perform, call up modules use variables
• handlers: task that runs if it has been notified by another task
• roles: call role to execute bundled tasks
... and some more
Ansible(Meetup(Hamburg,(henry(stamerjohann,(12/2014