Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux_wiki:ansible_playbook_downloads [2018/07/01 00:43] billdozor [Python: Install Packages] |
linux_wiki:ansible_playbook_downloads [2019/06/24 23:41] (current) billdozor [Playbook Downloads] |
||
---|---|---|---|
Line 15: | Line 15: | ||
====== Playbook Downloads ====== | ====== Playbook Downloads ====== | ||
- | ^ Playbook | + | Example Ansible playbooks/roles are maintained |
- | | Playbook1 Name/Download link | Description goes here. | | + | |
---- | ---- | ||
Line 22: | Line 21: | ||
====== Playbook Snippets ====== | ====== Playbook Snippets ====== | ||
- | Snippets of tasks to provide examples of some commonly used Ansible modules in action. | + | Snippets of tasks to provide examples of some Ansible modules in action. |
+ | |||
+ | Most of these snippets are tasks that span multiple documentation sources or were discovered through searches and trial/error. | ||
\\ | \\ | ||
Line 34: | Line 35: | ||
**Examples** | **Examples** | ||
- | * Set default group permissions for " | + | * Set default group permissions for " |
acl: | acl: | ||
path: "/ | path: "/ | ||
Line 50: | Line 51: | ||
**Examples** | **Examples** | ||
- | * Copy a kernel tuning drop in file and load settings if file changes< | + | * Copy a kernel tuning drop in file and load settings if file changes< |
copy: | copy: | ||
src: " | src: " | ||
Line 65: | Line 66: | ||
command: sysctl --system</ | command: sysctl --system</ | ||
- | * Copy autofs config files and restart autofs< | + | * Copy autofs config files and restart autofs< |
- name: mounts|Copy Master AutoFS Config | - name: mounts|Copy Master AutoFS Config | ||
copy: | copy: | ||
Line 99: | Line 100: | ||
**Examples** | **Examples** | ||
- | * Recursively remove a list of directories< | + | * Recursively remove a list of directories< |
file: | file: | ||
path: "{{ item }}" | path: "{{ item }}" | ||
Line 108: | Line 109: | ||
- "/ | - "/ | ||
- | * Recursively set ownership to myappdaemon: | + | * Recursively set ownership to myappdaemon: |
file: | file: | ||
path: "/ | path: "/ | ||
Line 115: | Line 116: | ||
recurse: yes</ | recurse: yes</ | ||
| | ||
- | * Set ownership of all /data* directories for myappdaemon: | + | * Set ownership of all /data* directories for myappdaemon: |
- name: my_description|Info Gather find all Data dirs | - name: my_description|Info Gather find all Data dirs | ||
find: | find: | ||
Line 142: | Line 143: | ||
**Examples** | **Examples** | ||
- | * Ensure a certain mount point exists< | + | * Ensure a certain mount point exists< |
- name: pre_reqs|Info gather on /data1 | - name: pre_reqs|Info gather on /data1 | ||
command: mountpoint -q /data1 | command: mountpoint -q /data1 | ||
Line 155: | Line 156: | ||
when: mount_stat.rc != 0</ | when: mount_stat.rc != 0</ | ||
- | * Check for a specific configured network interface< | + | * Check for a specific configured network interface< |
- name: pre-reqs|Info gather on Storage Network (172.16.1.0/ | - name: pre-reqs|Info gather on Storage Network (172.16.1.0/ | ||
shell: ip address show | grep 172.16.1. | shell: ip address show | grep 172.16.1. | ||
Line 168: | Line 169: | ||
when: storage_network.rc != 0</ | when: storage_network.rc != 0</ | ||
- | * Check for the existence of a certain package, stop service if so< | + | * Check for the existence of a certain package, stop service if so< |
shell: rpm -q myapp | shell: rpm -q myapp | ||
register: myapp_rpm_exists | register: myapp_rpm_exists | ||
Line 190: | Line 191: | ||
One method of installing pip into a Python environment. | One method of installing pip into a Python environment. | ||
- | < | + | < |
- name: software|Check for pip | - name: software|Check for pip | ||
stat: | stat: | ||
Line 220: | Line 221: | ||
Installing Python packages via pip. | Installing Python packages via pip. | ||
- | * Install virtualenv< | + | * Install virtualenv< |
- name: software|Install virtualenv python package via pip | - name: software|Install virtualenv python package via pip | ||
pip: | pip: | ||
executable: "/ | executable: "/ | ||
name: " | name: " | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Remote Scripts ===== | ||
+ | |||
+ | Running remote scripts and capturing results. | ||
+ | |||
+ | **Examples** | ||
+ | * Copy a script to the remote system if it is different. Run the script as the app user and record as changed if the script outputs the string " | ||
+ | - name: script|Copy Calcuation Script to System | ||
+ | copy: | ||
+ | src: " | ||
+ | dest: "/ | ||
+ | owner: "{{ app_user }}" | ||
+ | group: "{{ app_group }}" | ||
+ | mode: 0700 | ||
+ | tags: calc_resources | ||
+ | |||
+ | # Run calculcation script - Mark as changed if std out contains ' | ||
+ | - name: script|Run Resource Calcuation Script | ||
+ | become: yes | ||
+ | become_method: | ||
+ | become_user: | ||
+ | environment: | ||
+ | LOCAL_ENV_VAR_NEEDED_IN_SCRIPT: | ||
+ | command: "/ | ||
+ | register: resource_calc_result | ||
+ | changed_when: | ||
+ | tags: calc_resources | ||
+ | |||
+ | # Uncomment debug to see variable contents of ' | ||
+ | - debug: | ||
+ | var: resource_calc_result | ||
+ | tags: calc_resources</ | ||
---- | ---- | ||
Line 231: | Line 266: | ||
Manipulating SSH keys on remote hosts. | Manipulating SSH keys on remote hosts. | ||
- | |||
- | FIXME -> to fill out these examples. | ||
**Examples** | **Examples** | ||
- | * Add a public key to a user's authorized_keys< | + | * Add a public key to a user's authorized_keys< |
- | * Generate a SSH Key Pair (public/ | + | authorized_key: |
- | * Fetch a remote SSH public key, save to the local Ansible system, then add that now local key to the other remote system< | + | user: "{{ app_user }}" |
- | * Add a list of system names to a remote system' | + | state: present |
+ | key: "{{ item }}" | ||
+ | with_file: | ||
+ | - " | ||
+ | |||
+ | * Generate a SSH Key Pair (public/ | ||
+ | user: | ||
+ | name: "{{ app_user }}" | ||
+ | generate_ssh_key: | ||
+ | ssh_key_bits: | ||
+ | |||
+ | * Fetch a remote SSH public key, save to the local Ansible system, then add that now local key to the remote system< | ||
+ | - name: ssh-access|Fetching remote ssh public key | ||
+ | fetch: | ||
+ | src: "/ | ||
+ | dest: "/ | ||
+ | flat: yes | ||
+ | |||
+ | # Add fetched key to authorized_keys | ||
+ | - name: ssh-access|Add Local SSH Key to authorized_keys | ||
+ | authorized_key: | ||
+ | user: "{{ app_user }}" | ||
+ | state: present | ||
+ | key: "{{ lookup(' | ||
+ | |||
+ | * Add a list of system names to a remote system' | ||
+ | - name: ssh-access|Check to see if host name is in known_hosts | ||
+ | shell: " | ||
+ | with_items: | ||
+ | - " | ||
+ | - " | ||
+ | - "{{ ansible_nodename|lower }}" | ||
+ | - "{{ ansible_hostname|lower }}" | ||
+ | register: ssh_known_host_results | ||
+ | changed_when: | ||
+ | ignore_errors: | ||
+ | |||
+ | # Uncomment debug to see stored object | ||
+ | - debug: | ||
+ | var: ssh_known_host_results | ||
+ | |||
+ | # If the saved results from above do not contain output, add the host to known_hosts | ||
+ | - name: ssh-access|Scan public keys (add to known_hosts) | ||
+ | shell: " | ||
+ | when: item.stdout == "" | ||
+ | with_items: "{{ ssh_known_host_results.results }}" | ||
+ | |||
+ | # Ensure known_hosts is owned by app user and group | ||
+ | - name: ssh-access|Ensure known_hosts is owned by the application user | ||
+ | file: | ||
+ | path: "/ | ||
+ | state: file | ||
+ | owner: "{{ app_user }}" | ||
+ | group: "{{ app_group }}" | ||
+ | mode: 0644</ | ||
---- | ---- | ||
Line 246: | Line 333: | ||
Copying tarballs to a remote system only if newer and un-archiving only if the tarball changed. | Copying tarballs to a remote system only if newer and un-archiving only if the tarball changed. | ||
- | < | + | < |
- name: my_app|MyApp tarball copy | - name: my_app|MyApp tarball copy | ||
copy: | copy: | ||
Line 273: | Line 360: | ||
**Examples** | **Examples** | ||
- | * Add a list of users to a local group.< | + | * Add a list of users to a local group.< |
- name: my_description|Add users to the local awesome group | - name: my_description|Add users to the local awesome group | ||
user: | user: | ||
Line 295: | Line 382: | ||
**Examples** | **Examples** | ||
- | * Do not execute any of the imported " | + | * Do not execute any of the imported " |
when: | when: | ||
- inventory_hostname != " | - inventory_hostname != " | ||
- inventory_hostname != " | - inventory_hostname != " | ||
- | * Execute a task if a host is in the " | + | * Execute a task if a host is in the " |
when: inventory_hostname in groups.special</ | when: inventory_hostname in groups.special</ | ||
- | * Execute a task if a host is NOT in the " | + | * Execute a task if a host is NOT in the " |
when: inventory_hostname not in groups.special</ | when: inventory_hostname not in groups.special</ | ||
| | ||
- | * Execute a task if the distribution major version is 7 (EL 7)< | + | * Execute a task if the distribution major version is 7 (EL 7)< |
- name: my_service|Enable and Start Service (EL7) | - name: my_service|Enable and Start Service (EL7) | ||
systemd: | systemd: | ||
Line 315: | Line 402: | ||
when: ansible_distribution_major_version == " | when: ansible_distribution_major_version == " | ||
- | * Execute a task when an inventory group_var variable matches< | + | * Execute a task when an inventory group_var variable matches< |
when: env == " | when: env == " | ||
Line 325: | Line 412: | ||
**Examples** | **Examples** | ||
- | * Apache Cassandra< | + | * Apache Cassandra< |
- name: cassandra|Add Repo | - name: cassandra|Add Repo | ||
yum_repository: | yum_repository: | ||
Line 331: | Line 418: | ||
description: | description: | ||
baseurl: https:// | baseurl: https:// | ||
- | enabled: | + | enabled: |
gpgcheck: yes | gpgcheck: yes | ||
repo_gpgcheck: | repo_gpgcheck: |