Slides presented at the London Ansible Meetup in October 2017.

2. ●
●
○
○
○
○
●
○
○

4. - file: path=/etc/foo.conf mode=0644
- file:
path=/etc/foo.conf
mode=0644
- file: "path=/etc/foo.conf mode=0644"
- file:
path: /etc/foo.conf
mode: 0644

6. - file:
path: "{{ my_path }}"
owner: "foo"
group: "bar"
mode: "0644"
- copy:
dest: "{{ my_path }}"
content: " Some very long line
which needs to be wrapped"
- copy:
dest: "{{ my_path }}"
content: "FirstnSecondn"
- file:
path: "{{ my_path }}"
owner: foo
group: bar
mode: 0644
- copy:
dest: "{{ my_path }}"
content: >2-
Some very long line
which needs to be wrapped
- copy:
dest: "{{ my_path }}"
content: |
First
Second

7. ● - { } [ ] * & ? | > ! % ` # @ :
- file:
path: "{{ my_path }}"
mode: 0644
●
- debug:
msg: "Path: {{ my_path }}"
● yes false
- copy:
dest: "{{ my_path }}"
content: "yes"
● yamllint
ansible all -i localhost, --connection local -m debug -a 'msg={{xxx}}' -e '{xxx: @asd}'

9. - file:
path: "{{ my_path }}"
owner: foo
group: bar
mode: 0644
- hosts: all
vars:
data:
aaa: bbb
ccc:
- ddd:
- eee
# Half tabs (4 spaces)
- file:
path: "{{ my_path }}"
owner: foo
group: bar
mode: 0644
# Inconsistent indentation
- hosts: all
vars:
data:
aaa: bbb
ccc:
- ddd:
- eee

11. ● .yml .yaml .jon .json
● .yaml meta

13. ●
●
○
●
○
○

15. # roles/role1/defaults/main.yaml
var1: aaa
# roles/role2/defaults/main.yaml
var1: bbb
# group_vars/all
var1: ccc
# role1/defaults/main.yaml
role1_var1: aaa
# role2/defaults/main.yaml
role2_var1: bbb
# group_vars/all
role2_var1: ccc

17. # roles/role1/defaults/main.yaml
role1_var1: aaa
# roles/role1/tasks/main.yaml
- debug:
msg: >
var1={{ role1_var1 }},
var2={{ role1_var2 }}
# group_vars/all
role1_var2: bbb
# roles/role1/defaults/main.yaml
role1_var1: aaa
# Must be defined by the user
role1_var2: null
# roles/role1/tasks/main.yaml
- debug:
msg: >
var1={{ role1_var1 }},
var2={{ role1_var2 }}
# group_vars/all
role1_var2: bbb

19. # roles/role1/defaults/main.yaml
role1_var1: aaa
# roles/role1/vars/main.yaml
role1_var2: bbb
# roles/role1/tasks/main.yaml
- debug:
msg: >
var1={{ role1_var1 }},
var2={{ role1_var2 }}
# roles/role1/defaults/main.yaml
role1_var1: aaa
role1_var2: bbb
# roles/role1/tasks/main.yaml
- debug:
msg: >
var1={{ role1_var1 }},
var2={{ role1_var2 }}

20. ● vars defaults
# roles/role1/meta/main.yaml
dependencies:
- role2
# roles/role1/vars/main.yaml
role1_var1: bbb
# roles/role2/defaults/main.yaml
role1_var1: aaa
●
○
○

22. - file:
path: /etc/foo.conf
mode: 0644
- name: Set foo.conf mode
file:
path: /etc/foo.conf
mode: 0644

24. - cron:
name: Run my command
job: /usr/bin/my_prog
minute: "*"
hour: "*"
state: present
- cron:
name: Run my command
job: /usr/bin/my_prog
- cron:
name: Run my command
minute: "{{ minute }}"
hour: "{{ hour }}"
job: /usr/bin/my_prog

26. - package:
name: mysql-server
- template:
src: my.cnf.j2
dest: /etc/my.cnf
- service:
name: mysql
enabled: yes
state: started
- package:
name: mysql-server
tags:
- mysql_pkg
- template:
src: my.cnf.j2
dest: /etc/my.cnf
tags:
- mysql_config
- service:
name: mysql
enabled: yes
state: started
tags:
- mysql_service

27. # roles/mysql/tasks/main.yaml
- package:
name: "{{ mysql_pkg }}"
notify: Restart MySQL service
tags: mysql_pkg
- template:
src: my.cnf.j2
dest: "{{ mysql_config_path }}"
notify: Restart MySQL service
tags: mysql_config
- service:
name: "{{ mysql_service }}"
enabled: yes
tags: mysql_service
- service:
name: "{{ mysql_service }}"
state: started
register: mysql_service_started
tags: mysql_service
# roles/mysql/handlers/main.yaml
- name: Restart MySQL service
service:
name: "{{ mysql_service }}"
state: restarted
when: >
mysql_service_started is not defined or
not mysql_service_started.changed
# roles/mysql/defaults/main.yaml
mysql_pkg: mysql-server
mysql_config_path: /etc/my.cnf
mysql_service: mysql

29. - lineinfile:
path: /etc/selinux/config
regexp: ^SELINUX=
line: SELINUX=enforcing
- template:
src: selinux_config.j2
dest: /etc/selinux/config

31. ●
●

32. # Desired config file (myapp.cfg):
[section1]
option11=value11
option12=value12
# myapp_role/templates/myapp.cfg.j2:
{{ myapp_config | encode_ini }}
# myapp_role/defaults/main.yaml:
myapp_config:
section1:
option11: value11
option12: value12
# myapp_role/tasks/main.yaml:
- name: Create config file
template:
dest: /etc/myapp/ myapp.cfg
src: myapp.cfg.j2

33. # myapp_role/defaults/main.yaml:
myapp_section1_option11: value1
myapp_section1_option12: value2
myapp_section1__default:
option11: "{{ myapp_section1_option11 }}"
option12: "{{ myapp_section1_option12 }}"
myapp_section1__custom: []
myapp_section1: "{{
myapp_section1__default.update(myapp_section1__custom)}}{{
myapp_section1__default}}"
myapp_config__default:
section1: "{{ myapp_section1 }}"
myapp_config__custom: {}
myapp_config: "{{
myapp_config__default.update(myapp_config__custom) }}{{
myapp_config__default }}"

34. # Desired config file (/etc/selinux/config):
SELINUX=enforcing
SELINUXTYPE=targeted
# roles/sudo/templates/selinux_config.j2:
{{ ansible_managed | comment }}
{{ selinux_config | encode_ini(ucase_prop=true) }}
# roles/selinux/defaults/main.yaml:
selinux_config:
selinux: enforcing
selinuxtype: targeted
# roles/selinux/tasks/main.yaml:
- name: Create config file
template:
dest: /etc/selinux/config
src: selinux_config.j2

36. ● README.md
●
○
○
○
○
○
■
○
○

38. ●
●
●
●
●
●
●
●
●

39. git clone https://github.com/jtyr/vagrantfile_config.git /tmp/vagrantfile_config
mkdir -p /tmp/test/roles && cd /tmp/test
git clone https://github.com/jtyr/ansible-nginx.git roles/nginx
git clone https://github.com/jtyr/ansible-config_encoder_filters.git roles/config_encoder_filters
ln -s /tmp/vagrantfile_config/Vagrantfile ./
cat > vagrant.yaml <<END
---
defaults:
provision_individual: yes
vms:
testvm1:
ports:
HTTP:
host: 8080
guest: 80
END
cat > site.yaml <<END
---
- hosts: all
become: yes
roles:
- nginx
END
vagrant up
vagrant provision
ansible-playbook -i .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory site.yaml
vagrant ssh
ssh -p 10000 -i .vagrant/machines/test/virtualbox/private_key -l vagrant localhost
vagrant destroy -f