Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux_wiki:ansible [2018/06/05 14:20] billdozor [Playbook Testing] |
linux_wiki:ansible [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 41: | Line 41: | ||
* Each system administrator would then clone a copy of the repo into their home directory for local changes/ | * Each system administrator would then clone a copy of the repo into their home directory for local changes/ | ||
* Have an automated job sync the shared location every so often. | * Have an automated job sync the shared location every so often. | ||
- | * Example: Have cron perform a git pull for / | + | * Example: Have cron perform a git pull for /ansible/ every 30 mins. |
\\ | \\ | ||
Line 68: | Line 68: | ||
* Cron Job to execute inventory generation script: / | * Cron Job to execute inventory generation script: / | ||
- | * Example: Executes | + | * Example: Executes every 30 minutes. (*/30 * * * *) |
* Script that generates inventory files: / | * Script that generates inventory files: / | ||
Line 237: | Line 237: | ||
\\ | \\ | ||
**Playbooks map ansible groups to roles** | **Playbooks map ansible groups to roles** | ||
- | * Example playbook< | + | * Example playbook< |
# Description: | # Description: | ||
# Last Updated: 2018-04-08 | # Last Updated: 2018-04-08 | ||
Line 244: | Line 244: | ||
# hosts: group_name or ' | # hosts: group_name or ' | ||
- hosts: webservers_nginx | - hosts: webservers_nginx | ||
+ | |||
# roles: located in ../roles/ | # roles: located in ../roles/ | ||
roles: | roles: | ||
# role: role to assign to hosts, tags: tag(s) to give entire role | # role: role to assign to hosts, tags: tag(s) to give entire role | ||
- { role: webservers-nginx, | - { role: webservers-nginx, | ||
+ | |||
# Gather host facts for this playbook | # Gather host facts for this playbook | ||
gather_facts: | gather_facts: | ||
Line 255: | Line 257: | ||
* When a playbook is executed, all tasks in the assigned roles are run (unless only specific tasks/ | * When a playbook is executed, all tasks in the assigned roles are run (unless only specific tasks/ | ||
+ | \\ | ||
+ | **Gather a subset of facts** | ||
+ | |||
+ | If you do need to gather facts, consider gathering a subset of facts instead of everything in order to keep the fact collection fast. | ||
+ | * Example: Collect only the ansible_distribution facts< | ||
+ | gather_facts: | ||
+ | # Gather only ansible_distribution info (OS attributes) | ||
+ | gather_subset: | ||
+ | - ' | ||
+ | - ' | ||
+ | - ' | ||
+ | * Facts returned by the above subset< | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | * You can test your subset commands like this | ||
+ | * ad-hoc< | ||
+ | |||
+ | **Available Fact Subsets**: | ||
+ | * all | ||
+ | * min | ||
+ | * hardware | ||
+ | * network | ||
+ | * virtual | ||
+ | * ohai | ||
+ | * facter | ||
+ | |||
+ | \\ | ||
**See the Roles section** for what happens next. | **See the Roles section** for what happens next. | ||
Line 312: | Line 346: | ||
cp -R template-role/ | cp -R template-role/ | ||
- Modify the role's files as needed to create tasks, files, handlers, etc. | - Modify the role's files as needed to create tasks, files, handlers, etc. | ||
- | - FIXME -> Will upload | + | - Download zip archive of an {{ : |
- **New Playbook** | - **New Playbook** | ||
- Navigate to the playbooks directory< | - Navigate to the playbooks directory< | ||
- | - Copy your playbook template to a new playbook yaml file.< | + | - Copy your playbook template to a new playbook yaml file.< |
- | - FIXME -> Will upload an example playbook template file for download from this page. | + | - Playbook Template< |
- | - Edit the new playbook<code bash>vim ansible/ | + | # Description: |
+ | # Last Updated: 2018-03-15 | ||
+ | # Recent Changes: | ||
+ | |||
+ | # hosts: group_name or ' | ||
+ | - hosts: | ||
+ | - group_name_here | ||
+ | |||
+ | # roles: located in ../roles/ | ||
+ | roles: | ||
+ | # role: role to assign to hosts, tags: tag(s) to give entire role | ||
+ | - { role: role-name, tags: tag-name } | ||
+ | |||
+ | # Do not gather host facts for this playbook (comment out/remove if you need facts) | ||
+ | gather_facts: | ||
+ | </ | ||
+ | - Edit the new playbook | ||
- hosts: my_ansible_group | - hosts: my_ansible_group | ||
roles: | roles: | ||
Line 356: | Line 406: | ||
#zsh | #zsh | ||
source ~/ | source ~/ | ||
- | * Enable local variables< | + | * Enable local variables< |
* Test playbook locally | * Test playbook locally | ||
* Syntax check< | * Syntax check< | ||
* List tasks< | * List tasks< | ||
* Run against a test system< | * Run against a test system< | ||
- | * Tests successful, disable local variables< | + | * Tests successful, disable local variables< |
* Commit playbook/ | * Commit playbook/ | ||
Line 374: | Line 424: | ||
\\ | \\ | ||
- | **NOTE**: If you need to use group_vars per inventory type (dev/ | + | **NOTE**: If you need to use group_vars per inventory type (dev/ |
---- | ---- | ||
Line 383: | Line 433: | ||
Run a syntax check (will NOT execute the playbook)< | Run a syntax check (will NOT execute the playbook)< | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ==== Playbook Commands: Aliases ==== | ||
+ | |||
+ | Playbook commands can get rather long, some useful aliases to shorten them. | ||
+ | |||
+ | Put in your ~/.bashrc or ~/.zshrc file | ||
+ | <code bash># Ansible aliases | ||
+ | alias apd=' | ||
+ | alias apt=' | ||
+ | alias app=' | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Additionally, | ||
+ | <code bash> | ||
+ | ln -s / | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Now, your playbook commands can look like this | ||
+ | <code bash> | ||
+ | # Dev inventory | ||
+ | apd / | ||
+ | |||
+ | # Test inventory | ||
+ | apt / | ||
+ | |||
+ | # Prod inventory | ||
+ | app / | ||
+ | </ | ||
+ | * limits, tags, etc can also be appended as normal. | ||
---- | ---- | ||
Line 391: | Line 474: | ||
\\ | \\ | ||
- | **List** what hosts the playbook will run against (**from dev inventory**)< | + | **List** what hosts the playbook will run against (**from dev inventory**)< |
* -i or --inventory -> Path to the inventory (alternative is a comma separated list of hosts or single hostname with a trailing comma) | * -i or --inventory -> Path to the inventory (alternative is a comma separated list of hosts or single hostname with a trailing comma) | ||
\\ | \\ | ||
- | **List** what tasks the playbook will execute (**from dev inventory**)< | + | **List** what tasks the playbook will execute (**from dev inventory**)< |
---- | ---- | ||
Line 405: | Line 488: | ||
\\ | \\ | ||
- | **Run playbook (dev env; all in group)** against all system groups defined in playbook **from dev inventory** using sudo for privilege escalation< | + | **Run playbook (dev env; all in group)** against all system groups defined in playbook **from dev inventory** using sudo for privilege escalation< |
* -b or --become -> Use privilege escalation (default of sudo) | * -b or --become -> Use privilege escalation (default of sudo) | ||
\\ | \\ | ||
- | **Run playbook (dev env; all in group; only configure)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, only execute actions with the matched tags " | + | **Run playbook (dev env; all in group; only configure)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, only execute actions with the matched tags " |
* --tags configure -> Only execute tasks in the playbook that have been tagged " | * --tags configure -> Only execute tasks in the playbook that have been tagged " | ||
* roles, import_tasks, | * roles, import_tasks, | ||
\\ | \\ | ||
- | **Run playbook (dev env; range of systems)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, further limit to hosts web01-05"< | + | **Run playbook (dev env; range of systems)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, further limit to hosts web01-05"< |
* --limit " | * --limit " | ||
\\ | \\ | ||
- | **Run playbook (dev env; one system)** against all groups defined in playbook **from dev inventory**, | + | **Run playbook (dev env; one system)** against all groups defined in playbook **from dev inventory**, |
---- | ---- | ||