Section 6 Flashcards
What statement do you use to perform a conditional?
If this_is_true then do this
How are variables different here?
when
You don’t use curly braces
when: ansible_facts[‘thing’] == ‘Debian’
How do you determine what is an ansible_fact from:
ansible ansible2 -m setup
why does ansible_os_family work as well as ansible_facts[‘os_family’]
To find ansible facts, they start with ansible_
The reason ansible_os_family works is because it’s an injected variable
ansible_facts[‘os_family’] is the new way of doing things.
What are the main conditionals you can test?
variable is defined - if the var exists
variable is not defined - if the variable doesn’t exist
ansible_distribution in distributions - first variable is present in list mentioned as second
EXAMPLE:
when: ansible_os_family in [‘Debian’, ‘RedHat’, ‘Suse’]
variable - variabe is true, 1, or yes
not variable - variable is false, 0, or no
key == ‘value’
key > ‘value’
key <= ‘value’
key > ‘value’
key >= ‘value’
key != value
Create a playbook that check if sda, sdb exists, the last should check that sdc DOESN’T exist
tasks:
- name: Does SDA exist
debug:
msg: ‘SDA does exist’
when: ansible_facts[‘devices’][‘sda’] is defined
- name: Does SDB exist
debug:
msg: ‘SDB does exist’
when: ansible_facts[‘devices’][‘sdb’] is defined
- name: Does SDC exist
debug:
msg: ‘SDB does not exist’
when: ansible_facts[‘devices’][‘sdc’] is not defined
…
Create a playbook, have it ask the user a question on what package to install and store it in a variable.
Create a variable with a list of packages.
If the defined package doesn’t exist in the list, let the user know
- name: Testing with the IN statement
hosts: all
vars_prompt:- name: my_answer
prompt: Which package do you want to install?
vars:
supported_packages:- httpd
- nmap
gather_facts: false
tasks:
- name: Something
debug:
msg: ‘You are trying to install a supported package’
when: my_answer in supported_packages
- name: my_answer
Create a variable with a boolean value. Check if it’s true
- name: test
hosts: all
vars:
aged: True
tasks:- name: Check if aged is True
debug:
msg: ‘aged is True’
when: aged
- name: Check if aged is True
Create a playbook that check is the memory of the managed node is about 50 megs
What form of measurement is disk space measured in?
debug:
msg: ‘test’
when: ansible_facts[‘memory_mb’][‘real’][‘free’] > 50
disks are measured in bytes
Create a playbook that says ‘using CentOS 8.1’ if the distribution is 8.1 and the distribution is centos
debug:
msg: ‘using CentOS 8.8’
when: ansible_facts[‘distribution_version’] == ‘8.1’ and ansible_facts[‘distribution’] == ‘CentOS’
Over multiple lines, write a conditional that needs the distribution to be redhat and have 512 megs free memory or is CentOS and has 256 megs of memory free
when: >
( ansible_facts[‘distribution’] == ‘RedHat’ and ansible_facts[‘memfree_mb’] == 512 )
or
( ansible_facts[‘distribution’] == ‘CentOS’ and ansible_facts[‘memfree_mb’] == 256 )
Update the kernel if there is a drive mounted to /boot and there is 200000000 disk space available on it
- name:
package:
name: kernel
state: latest
loop: “{{ ansible_facts[‘mounts’] }}”
when: item.mount == “/boot/ and item.size_available > 200000000
Create a playbook that opens /etc/passwd and stores the output in a variable. If the user lisa is found print a message
- shell: cat /etc/passwd
register: passwd_contents - debug:
msg: passwd contains user lisa
when: passwd_contents.stdout.find(‘lisa’) != -1
this uses the password find command. The output for ‘not’ found is -1
find will output the index of the first occurence. This means if you wanted to redo this code you could put
when: passwd_contents.stdout.find(‘lisa’) == >= 0
How do you let a playbook know to run even if a certain task failes?
ignore_errors: yes
Create a playbook that tries to get the status of httpd but will run regardless of errors. Place the output in a variable.
Next print the results.
Next start the httpd service only if the return of the first task is a success.
tasks:
- name: get httpd service status
command: systemctl is-active httpd
ignore_errors: yes
register: result
- name: show result variable contents
debug:
msg: printing contents of registered variable {{ result }}
- name restart sshd service
service:
name: sshd
state: restarted
when: result.rc ==0
What is a handler?
Conditional task ran if another specific task CHANGES something
Create a playbook with two plays in it.
the only task in the first play is for the localhost and it should create a file named index.html in its tmp directory.
The next play should have the below tasks:
install httpd
copy the index file to var/www/html/index.html - if this is successful then you should run a handler that restarts httpd
- name: Create file on localhost
hosts: localhost
tasks:- name: Create index.html on localhost
copy:
content: ‘welcome to the webserver’
dest: /tmp/index.html
- name: Create index.html on localhost
- name: Set up Web Server
hosts: all
tasks:- name: Install httpd
dnf:
name: httpd
state: latest - name: copy over index.html
copy:
src: /tmp/index.html
dest: /var/www/html/
notify: restart_web
- name: restart_web
service:
name: httpd
state: restarted
… - name: Install httpd
If a task fails, make it to where the previous tasks that were changed have their handlers ran
force_handlers: true <- all handlers notified prior to error will run. They still need to notify the handlers by being changed.
ignore_errors
__ __
|_ | | | |/ | |
s|_| ( k |) | C k
|| | |\ |_|
When do handlers run
After the play they’re in finishes
If there are two plays and a handler is called in the first play, it will run after all tasks in the first play have been ran. After it is ran, the next play will be ran.
Create a playbook that forces the handlers to run, updates the kernel, and then reboots the server if the kernel update results in a change
- name: Update the kernel
hosts: all
force_handlers: true
tasks:- name: Update kernel
yum:
name: kernel
state: latest
notify: reboot_server
handlers: - name: reboot_server
command: rebootforce_handlers just means that handlers will be ran even if nothing changes. It does NOT mean that they will run if there is an error prior to them.
- name: Update kernel
When a failing task is encountered, how do you stop the playbook from proceeding on all servers
any_errors_fatal: true
Create a playbook with two tasks:
print hello world
if world exists in the output make the task fail
don’t let the failure prevent the next task from running
- name: Update the kernel
hosts: all
tasks:- name: Print
command: echo hello world
ignore_errors: true
register: command_result
failed_when: “‘world’ in command_result.stdout” - name: See if we get here
debug:
msg: second task executed
- name: Print
Create a playbook that prints a fail message when the word ‘word’ is found in an echo command but continues going
- name: Update the kernel
hosts: all
register_errors: yes
tasks:- name: Print
command: echo hello world
ignore_errors: true
register: command_result - name: Error
fail:
msg: Command has failed
when: “‘world’ in command_result.stdout” - name: See if we get here
debug:
msg: second task executed
- name: Print
What directive can we used to make sure that the output of a command never comes out as ‘changed’ only ‘ok’ and ‘failed’
changed_when: false
What is a block?
How would you create a block statement?
Group of tasks that a when statement can be applied to
- name: Setting up http
block:- name: List everything else here and put a conditional at the end
How do you make a block statment
each task is indented two spaces and the when statement is placed at the same indentation as the top level task
