Differences

This shows you the differences between two versions of the page.

--- linux_wiki:ansible [2018/06/05 14:17]
billdozor [List Hosts]
+++ linux_wiki:ansible [2019/05/25 23:50] (current)
@@ Line 41: / Line 41: @@
   * Each system administrator would then clone a copy of the repo into their home directory for local changes/testing before committing working modifications to the repo.
   * Have an automated job sync the shared location every so often.
-    * Example: Have cron perform a git pull for /ansible/ at the top of every hour.
+    * Example: Have cron perform a git pull for /ansible/ every 30 mins.
 \\
@@ Line 68: / Line 68: @@
   * Cron Job to execute inventory generation script: /etc/cron.d/ansible-generate-inventory
-    * Example: Executes at the bottom of every hour. (30 *)
+    * Example: Executes every 30 minutes. (*/30 * * * *)
   * Script that generates inventory files: /ansible/scripts/inventory-file-gen.py
@@ Line 117: / Line 117: @@
 \\
-Test connection to webservers_nginx in dev inventory only<code bash>ansible webservers_nginx -i /ansible/dev -m ping</code>
+Test connection to webservers_nginx in dev inventory only<code bash>ansible webservers_nginx -i /ansible/inventories/development/hosts -m ping</code>
 \\
-Test connection to all systems in dev inventory<code bash>ansible all -i /ansible/dev -m ping</code>
+Test connection to all systems in dev inventory<code bash>ansible all -i /ansible/inventories/development/hosts -m ping</code>
 \\
@@ Line 152: / Line 152: @@
 \\
-Check uptime of the group 'webservers_nginx' from dev only<code bash>ansible webservers_nginx -i /ansible/dev -a 'uptime'</code>
+Check uptime of the group 'webservers_nginx' from dev only<code bash>ansible webservers_nginx -i /ansible/inventories/development/hosts -a 'uptime'</code>
 \\
-Check uptime of all systems in dev<code bash>ansible all -i /ansible/dev -a 'uptime'</code>
+Check uptime of all systems in dev<code bash>ansible all -i /ansible/inventories/development/hosts -a 'uptime'</code>
 \\
@@ Line 237: / Line 237: @@
 \\
 **Playbooks map ansible groups to roles**
-  * Example playbook<code bash># File: webservers_nginx.yml
+  * Example playbook<code yaml># File: webservers_nginx.yml
 # Description: Nginx Webservers
 # Last Updated: 2018-04-08
@@ Line 244: / Line 244: @@
 # hosts: group_name or 'all'
 - hosts: webservers_nginx
   # roles: located in ../roles/
   roles:
     # role: role to assign to hosts, tags: tag(s) to give entire role
     - { role: webservers-nginx, tags: webservers-nginx }
   # Gather host facts for this playbook
   gather_facts: yes</code>
@@ Line 255: / Line 257: @@
   * When a playbook is executed, all tasks in the assigned roles are run (unless only specific tasks/actions are selected using tags and/or limits).
+\\
+**Gather a subset of facts**
+If you do need to gather facts, consider gathering a subset of facts instead of everything in order to keep the fact collection fast.
+  * Example: Collect only the ansible_distribution facts<code yaml># Gather host facts for this playbook
+  gather_facts: yes
+  # Gather only ansible_distribution info (OS attributes)
+  gather_subset:
+    - '!all'
+    - '!min'
+    - 'distribution'</code>
+    * Facts returned by the above subset<code bash>"ansible_distribution": "CentOS",
+        "ansible_distribution_file_parsed": true,
+        "ansible_distribution_file_path": "/etc/redhat-release",
+        "ansible_distribution_file_variety": "RedHat",
+        "ansible_distribution_major_version": "7",
+        "ansible_distribution_release": "Core",
+        "ansible_distribution_version": "7.5.1804",
+        "ansible_os_family": "RedHat",</code>
+  * You can test your subset commands like this
+    * ad-hoc<code bash>ansible -m setup -a 'gather_subset=!all,!min,distribution' localhost</code>
+**Available Fact Subsets**:
+  * all
+  * min
+  * hardware
+  * network
+  * virtual
+  * ohai
+  * facter
+\\
 **See the Roles section** for what happens next.
@@ Line 312: / Line 346: @@
 cp -R template-role/ my-new-role</code>
     - Modify the role's files as needed to create tasks, files, handlers, etc.
-      - FIXME -> Will upload an example role-template archive file for download from this page.
+      - Download zip archive of an {{ :linux_wiki:role-template.zip |example role template}}.
   - **New Playbook**
     - Navigate to the playbooks directory<code bash>cd ${HOME}/repos/ansible/playbooks/</code>
-    - Copy your playbook template to a new playbook yaml file.<code bash>cp template_playbook.yml my_new_playbook.yml</code>
+    - Copy your playbook template to a new playbook yaml file.<code bash>cp TEMPLATE_PLAYBOOK.yml my_new_playbook.yml</code>
-      - FIXME -> Will upload an example playbook template file for download from this page.
+      - Playbook Template<code yaml TEMPLATE_PLAYBOOK.yml># File: TEMPLATE_PLAYBOOK.yml
-    - Edit the new playbook<code bash>vim ansible/playbooks/my_new_playbook.yml
+# Description: PLAYBOOK DESCRIPTION HERE
+# Last Updated: 2018-03-15
+# Recent Changes:-Initial release
+# hosts: group_name or 'all'
+- hosts:
+    - group_name_here
+  # roles: located in ../roles/
+  roles:
+    # role: role to assign to hosts, tags: tag(s) to give entire role
+    - { role: role-name, tags: tag-name }
+  # Do not gather host facts for this playbook (comment out/remove if you need facts)
+  gather_facts: no
+</code>
+    - Edit the new playbook (vim ansible/playbooks/my_new_playbook.yml)<code yaml>
 - hosts: my_ansible_group
   roles:
@@ Line 338: / Line 388: @@
 # Enable Ansible test environment
-ansible_enable_local(){
+ansible_local_enable(){
   export ANSIBLE_INVENTORY="${HOME}/repos/ansible/inventories"
   export ANSIBLE_ROLES_PATH="${HOME}/repos/ansible/roles"
@@ Line 345: / Line 395: @@
 }
 # Disable Ansible test environment
-ansible_disable_local(){
+ansible_local_disable(){
   unset ANSIBLE_INVENTORY
   unset ANSIBLE_ROLES_PATH
@@ Line 356: / Line 406: @@
 #zsh
 source ~/.zshrc</code>
-  * Enable local variables<code bash>ansible_enable_local</code>
+  * Enable local variables<code bash>ansible_local_enable</code>
   * Test playbook locally
     * Syntax check<code bash>ansible-playbook --syntax-check ${HOME}/repos/ansible/playbooks/my_new_playbook.yml</code>
     * List tasks<code bash>ansible-playbook -b -i ${HOME}/repos/ansible/inventories/development/dev ${HOME}/repos/ansible/playbooks/my_new_playbook.yml --list-tasks</code>
     * Run against a test system<code bash>ansible-playbook -b -i ${HOME}/repos/ansible/inventories/development/dev ${HOME}/repos/ansible/playbooks/my_new_playbook.yml --limit mytestsystem</code>
-  * Tests successful, disable local variables<code bash>ansible_disable_local</code>
+  * Tests successful, disable local variables<code bash>ansible_local_disable</code>
   * Commit playbook/role to the repo
@@ Line 374: / Line 424: @@
 \\
-**NOTE**: If you need to use group_vars per inventory type (dev/test/prod), the full path to the inventory file needs to be used. (Example: /ansible/inventories/development/dev )
+**NOTE**: If you need to use group_vars per inventory type (dev/test/prod), the full path to the inventory file needs to be used. (Example: /ansible/inventories/development/hosts )
 ----
@@ Line 383: / Line 433: @@
 Run a syntax check (will NOT execute the playbook)<code bash>ansible-playbook --syntax-check /ansible/playbooks/my_playbook.yml</code>
+----
+==== Playbook Commands: Aliases ====
+Playbook commands can get rather long, some useful aliases to shorten them.
+Put in your ~/.bashrc or ~/.zshrc file
+<code bash># Ansible aliases
+alias apd='ansible-playbook -b -i /ansible/inventories/development/hosts'
+alias apt='ansible-playbook -b -i /ansible/inventories/systest/hosts'
+alias app='ansible-playbook -b -i /ansible/inventories/production/hosts'
+</code>
+\\
+Additionally, create a symlink to playbooks
+<code bash>
+ln -s /ansible/playbooks /playbooks
+</code>
+\\
+Now, your playbook commands can look like this
+<code bash>
+# Dev inventory
+apd /playbooks/myplaybook.yml
+# Test inventory
+apt /playbooks/myplaybook.yml
+# Prod inventory
+app /playbooks/myplaybook.yml
+</code>
+  * limits, tags, etc can also be appended as normal.
 ----
@@ Line 391: / Line 474: @@
 \\
-**List** what hosts the playbook will run against (**from dev inventory**)<code bash>ansible-playbook -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml --list-hosts</code>
+**List** what hosts the playbook will run against (**from dev inventory**)<code bash>ansible-playbook -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml --list-hosts</code>
   * -i or --inventory -> Path to the inventory (alternative is a comma separated list of hosts or single hostname with a trailing comma)
 \\
-**List** what tasks the playbook will execute (**from dev inventory**)<code bash>ansible-playbook -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml --list-tasks</code>
+**List** what tasks the playbook will execute (**from dev inventory**)<code bash>ansible-playbook -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml --list-tasks</code>
 ----
@@ Line 405: / Line 488: @@
 \\
-**Run playbook (dev env; all in group)** against all system groups defined in playbook **from dev inventory** using sudo for privilege escalation<code bash>ansible-playbook -b -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml</code>
+**Run playbook (dev env; all in group)** against all system groups defined in playbook **from dev inventory** using sudo for privilege escalation<code bash>ansible-playbook -b -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml</code>
   * -b or --become -> Use privilege escalation (default of sudo)
 \\
-**Run playbook (dev env; all in group; only configure)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, only execute actions with the matched tags "configure"<code bash>ansible-playbook -b -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml --tags configure</code>
+**Run playbook (dev env; all in group; only configure)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, only execute actions with the matched tags "configure"<code bash>ansible-playbook -b -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml --tags configure</code>
   * --tags configure -> Only execute tasks in the playbook that have been tagged "configure"
     * roles, import_tasks, or individual tasks can be tagged
 \\
-**Run playbook (dev env; range of systems)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, further limit to hosts web01-05"<code bash>ansible-playbook -b -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml --limit "$(echo web{01..05})"</code>
+**Run playbook (dev env; range of systems)** against all groups defined in playbook **from dev inventory** using sudo for privilege escalation, further limit to hosts web01-05"<code bash>ansible-playbook -b -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml --limit "$(echo web{01..05})"</code>
   * --limit "$(echo web{01..05})" -> Filter results of host match to only include these systems
 \\
-**Run playbook (dev env; one system)** against all groups defined in playbook **from dev inventory**, limit to a single hostname (MYHOSTNAME)<code bash>ansible-playbook -i /ansible/inventories/development/dev /ansible/playbooks/my_playbook.yml --limit MYHOSTNAME</code>
+**Run playbook (dev env; one system)** against all groups defined in playbook **from dev inventory**, limit to a single hostname (MYHOSTNAME)<code bash>ansible-playbook -i /ansible/inventories/development/hosts /ansible/playbooks/my_playbook.yml --limit MYHOSTNAME</code>
 ----