This is an old revision of the document!
Ansible Playbook Downloads
General Information
This page will contain Ansible playbook/role downloads.
In order to install/configure Ansible, see this page first.
Checklist
- Ansible installed and configured
Playbook Downloads
Playbook | Description |
---|---|
Playbook1 Name/Download link | Description goes here. |
Playbook Snippets
Snippets of tasks to provide examples of some commonly used Ansible modules in action.
Ansible Module Index: https://docs.ansible.com/ansible/2.4/modules_by_category.html
ACLs
ACL module.
Examples
- Set default group permissions for “awesome” group. (so any files created in the directory will get those group permissions)
- name: my_description|ACL of MyApp config dir acl: path: "/etc/myapp" entity: awesome etype: group default: yes permissions: rw state: present
Copy Module
Copy module examples.
Examples
- Copy a kernel tuning drop in file and load settings if file changes
- name: tuning|MyApp kernel tuning copy: src: "sysctl_myapp_{{env}}" dest: "/etc/sysctl.d/55-myapp.conf" owner: root group: root mode: 0600 notify: reload sysctl # Handler file contents (../handlers/main.yml) ##-- Service Reloads --## # Sysctl reload - name: reload sysctl command: sysctl --system
File Module
Some file module examples.
Examples
- Recursively remove a list of directories
- name: my_app|Remove MyApp directories file: path: "{{ item }}" state: absent with_items: - "/opt/MyApp/" - "/var/log/myapp/" - "/usr/local/lib/myapp/"
- Recursively set ownership to myappdaemon:awesome
- name: my_description|Ownership of MyApp Log dir file: path: "/var/log/myapp" owner: myappdaemon group: awesome recurse: yes
- Set ownership of all /data* directories for myappdaemon:awesome
# Find all /data* directories - name: my_description|Info Gather find all Data dirs find: paths: "/" patterns: 'data*' recurse: no file_type: directory register: dirs_data # Set ownership of all /data* directories - name: my_description|Ownership of Data dirs file: path: "{{item.path}}" owner: myappdaemon group: awesome recurse: no with_items: "{{dirs_data.files}}"
Pre Req Tests
Using a combination of the command module, registering variables, and the fail module, any command can be checked for a certain return code.
This can be useful for pre-req checks.
Examples
- Ensure a certain mount point exists
# Info gather for /data1 to see if its a mountpoint - name: pre_reqs|Info gather on /data1 command: mountpoint -q /data1 register: mount_stat failed_when: False changed_when: False # Exit playbook if /data1 is not a configured mountpoint - name: pre_regs|Exit if /data1 is NOT a mountpoint fail: msg: "/data1 is not a mountpoint! Exiting." when: mount_stat.rc != 0
- Check for a specific configured network interface
# Info gather for all ip addresses to ensure storage network is setup - name: pre-reqs|Info gather on Storage Network (172.16.1.0/24) shell: ip address show | grep 172.16.1. register: storage_network failed_when: False changed_when: False # Exit playbook if Storage Network interface is not configured - name: pre-reqs|Exit if Storage Network (172.16.1.0/24) interface not found fail: msg: "Storage Network (172.16.1.0/24) interface not found! Exiting." when: storage_network.rc != 0
- Check for the existence of a certain package, stop service if so
- name: my_app|Check for myapp RPM shell: rpm -q myapp register: myapp_rpm_exists changed_when: False failed_when: False # EL7: Stop service if RPM exists - name: my_app|Stop service (EL7 if RPM exists) systemd: name: myapp state: stopped when: - myapp_rpm_exists.rc == 0 - ansible_distribution_major_version == "7"
When Conditional
Only execute certain tasks under certain conditions.
Examples
- Do not execute any of the imported “mytasks.yml” if host is “server01” or “server02”
- import_tasks: mytasks.yml when: - inventory_hostname != "server01" - inventory_hostname != "server02"
- Execute a task if a host is in the “special” inventory group
- import_tasks: mytasks.yml when: inventory_hostname in groups.special
- Execute a task if a host is NOT in the “special” inventory group
- import_tasks: mytasks.yml when: inventory_hostname not in groups.special
- Execute a task if the distribution major version is 7 (EL 7)
# Enable and start service (EL7) - name: my_service|Enable and Start Service (EL7) systemd: name: myservice enabled: yes state: started daemon_reload: yes when: ansible_distribution_major_version == "7"
- Execute a task when an inventory group_var variable matches
- import_tasks: mytasks.yml when: env == "prod"
Unarchive
Copying tarballs to a remote system only if newer and un-archiving only if the tarball changed.
# Copy myapp tarball if source is newer - name: my_app|MyApp tarball copy copy: src: "myapp_current.tar" dest: "/var/opt/myapp/" owner: root group: root mode: 0755 follow: yes register: myapp_new_archive # Unarchive tarball on remote system if it was changed - name: my_app|MyApp tarball unarchive if newer unarchive: src: "/var/opt/myapp/myapp_current.tar" dest: "/var/opt/myapp/" copy: no when: - myapp_new_archive is changed
User
The user module.
Examples
- Add a list of users to a local group.
# Local "awesome" group - name: my_description|Add users to the local awesome group user: name: "{{item}}" groups: awesome append: yes with_items: "{{awesome_users}}" # Variable file (../vars/main.yml) # Awesome Group Users awesome_users: - yoda - vader - rjones
Yum Repository
Adding a yum repo with the yum_repository module.
Examples
- Apache Cassandra
# Apache Cassandra Repo - name: cassandra|Add Repo yum_repository: name: cassandra description: Apache Cassandra baseurl: https://www.apache.org/dist/cassandra/redhat/311x/ enabled: no gpgcheck: yes repo_gpgcheck: yes gpgkey: https://www.apache.org/dist/cassandra/KEYS