Ansible

Newer Documentation:

Ansible - Tutorial - Training

OLD Documentation

Ansible Control Node Requires	Python 2.7 and up or Python 3.5 and up
Ansible Managed Node	Python 2.6 and up or Python 3.5 and up

libselinux-python

ssh keys are needed


ansible myhost --become -m raw -a "yum install -y python2"

install with yum, dnf, apt, pip, etc

clone the git repo

download a tagged release tarball

Tagged releases:

https://github.com/ansible/ansible/releases
https://releases.ansible.com/ansible/


git clone https://github.com/ansible/ansible.git
cd ./ansible
source ./hacking/env-setup

NOTE - file locations depend on

default inventory: /etc/ansible/hosts

different inventory:


echo "127.0.0.1" > ~/ansible_hosts
export ANSIBLE_INVENTORY=~/ansible_hosts


ansible all -m ping --ask-pass

python-argcomplete - exists, I don’t need it

ansible.cfg

inventory:

/etc/ansible/hosts


192.0.2.50
aserver.example.org
bserver.example.org


ansible all -m ping
ansible all -a "/bin/echo hello"
# as bruce
$ ansible all -m ping -u bruce
# as bruce, sudoing to root (sudo is default method)
$ ansible all -m ping -u bruce --become
# as bruce, sudoing to batman
$ ansible all -m ping -u bruce --become --become-user batman

Ansible Inventory INI Format:

/etc/ansible/hosts


mail.example.com

[webservers]
foo.example.com
bar.example.com

[dbservers]
one.example.com
two.example.com
three.example.com

Ansible Inventory YAML Format: /etc/ansible/hosts


all:
  hosts:
    mail.example.com:
  children:
    webservers:
      hosts:
        foo.example.com:
        bar.example.com:
    dbservers:
      hosts:
        one.example.com:
        two.example.com:
        three.example.com:
    east:
      hosts:
        foo.example.com:
        one.example.com:
        two.example.com:
    west:
      hosts:
        bar.example.com:
        three.example.com:
    prod:
      children:
        east:
    test:
      children:
        west:

two default groups: all and ungrouped
hosts can be nested
hosts can be in multiple groups

ranges of hosts:


[webservers]
www[01:50].example.com


...
  webservers:
    hosts:
      www[01:50].example.com:


[databases]
db-[a:f].example.com

Inventory variables:


[atlanta]
host1 http_port=80 maxRequestsPerChild=808
host2 http_port=303 maxRequestsPerChild=909


atlanta:
  host1:
    http_port: 80
    maxRequestsPerChild: 808
  host2:
    http_port: 303
    maxRequestsPerChild: 909

Non-standard html ports:


badwolf.example.com:5309

Connection variables:


[targets]

localhost              ansible_connection=local
other1.example.com     ansible_connection=ssh        ansible_user=myuser
other2.example.com     ansible_connection=ssh        ansible_user=myotheruser

Connection aliases:


jumper ansible_port=5555 ansible_host=192.0.2.50


...
  hosts:
    jumper:
      ansible_port: 5555
      ansible_host: 192.0.2.50

Group Variables:


[atlanta]
host1
host2

[atlanta:vars]
ntp_server=ntp.atlanta.example.com
proxy=proxy.atlanta.example.com


atlanta:
  hosts:
    host1:
    host2:
  vars:
    ntp_server: ntp.atlanta.example.com
    proxy: proxy.atlanta.example.com

Variable files are relative to inventory or playbook files:

/etc/ansible/group_vars/raleigh
/etc/ansible/group_vars/webservers
/etc/ansible/host_vars/foosball

They can optionally end in ‘.yml’, ‘.yaml’, or ‘.json’.


---
ntp_server: acme.example.org
database_server: storage.example.org

You can have directories named after hosts or groups. All files in these directories will be read.

/etc/ansible/group_vars/raleigh/db_settings
/etc/ansible/group_vars/raleigh/cluster_settings

In case you want to load vars from a playbook dir but aren’t using the ansible-playbook command:


--playbook-dir

“variables in the playbook directory will override variables set in the inventory directory.”

Variable priority:

all group
parent group
child group
host
same level groups are merged, in alphabetical order, later groups overwrite earlier files

ansible_group_priority - override order, only set in inventory source


a_group:
    testvar: a
    ansible_group_priority: 10
b_group:
    testvar: b

ANSIBLE_INVENTORY - set inventory location with this var, can use more than one

ansible-playbook get_logs.yml -i staging -i production # use two inventory files

inventory directory for mutliple inventory sources:

inventory/ openstack.yml # configure inventory plugin to get hosts from Openstack cloud dynamic-inventory.py # add additional hosts with dynamic inventory script static-inventory # add static hosts and groups group_vars/ all.yml # assign variables to all hosts

ansible-playbook example.yml -i inventory # use inventory dir like this

Parameters:

ansible_connection

ansible_host

ansible_port

ansible_user

ansible_password

ansible_ssh_private_key_file

ansible_ssh_common_args

ansible_sftp_extra_args

ansible_scp_extra_args

ansible_ssh_extra_args

ansible_ssh_pipelining

ansible_become

ansible_become_method

ansible_become_user

ansible_become_password

ansible_become_exe

ansible_become_flags

ansible_shell_type

ansible_python_interpreter

ansible_*_interpreter

ansible_shell_executable

Non-SSH connection types

local
docker

External Inventory

external inventory: Inventory Plugins and inventory scripts

Cobbler Example

wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/cobbler.py cp cobbler.py /etc/ansible/cobbler.py chmod +x /etc/ansible/cobbler.py


vi /etc/ansible/cobbler.ini

[cobbler]
host = http://127.0.0.1/cobbler_api
cache_path = /tmp
cache_max_age = 900

-i /etc/ansible/cobbler.py


cobbler profile add --name=webserver --distro=CentOS6-x86_64
cobbler profile edit --name=webserver --mgmt-classes="webserver" --ksmeta="a=2 b=3"
cobbler system edit --name=foo --dns-name="foo.example.com" --mgmt-classes="atlanta" --ksmeta="c=4"
cobbler system edit --name=bar --dns-name="bar.example.com" --mgmt-classes="atlanta" --ksmeta="c=5"

AWS example
Openstack example
more on inventory scripts ……

Ansible Official Documentation