Section 8 and further Flashcards
What are the key terms to make a loop in ansible?
loop
with_*
Create users using a loop
There are two different ways
- name: Create users through loop
hosts: localhost
tasks:- name: Create Users
user:
name: “{{ item }}”
loop:- jerry
- kramer
- elaine
- name: Create Users
or
- name: Create users through loop
hosts: localhost
vars:
users: [jerry,kramer,elain]
tasks:
- name: Create Users
user:
name: ‘{{item}}’
with_items: ‘{{users}}’
install htop and telnet using an ansible for loop
- name: Install loop
hosts: localhost
vars:
packages: [htop,telnet]
tasks:- name: Installation
yum:
name: “{{item}}
state: present
with_items: “{{packages}}”
or just
name: “{{packages}}”
- name: Installation
or
tasks:
- name: installation
yum:
name: “{{item}}”
state: present
loop:
- htop
- telnet
What do roles do?
What do roles allow you to group the entire configuration in?
Roles simplify long playbooks by grouping tasks into smaller playbooks
The roles are the way of breaking the playbook into multiple files. This simplifies writing complex playbooks and makes them easier to reuse.
Roles allow the entire configuration to be grouped in:
- tasks
- modules
- variables
- handlers
Create a role for fullinstall and basicinstall
Go into the roles directory
create two new directories here called:
- fullinstall
- basicinstall
In these newly created directories, create a new directory for each called:
- tasks
Create yml files in these directories
- main.yml
- make a normal yaml file for whatever you want to do like httpd install. Start with — and just add the tasks
(Do these have to be in the inventory?)
To use these create a playbook
- name: Full Install
hosts: all
roles:
- fullinstall
Create separate application roles for installing
httpd
chrony
named
Next install them via a playbook
cd /etc/ansible/roles
mkdir httpd
mkdir chrony
mkdir named
cd into all of them and create directories called ‘tasks’
Inside each of these create a file called main.yml and inside just put the task info
- name: Install apache
yum:
name: httpd
state: present
…
- name: Installation
hosts: all
roles:- httpd
- chrony
- named
Download predefined roles via ansible galaxy
Get the users role
www.galaxy.ansible.com
search
look up users
click filters
type = Roles
ansible-galaxy install singleplatform-eng.users
Click ‘Read Me’ to learn more about
This will install to a hiddent directory called /root/.ansible/roles/singleplatform-eng.users
Move this to /etc/ansible/roles to use
What are tags used for?
Create a playbook to install and start httpd
Give each task a tag and use these tags
Show all tags in a playbook
Run the playbook but skip a tag
Try running mulitple tasks, skipping multiple tasks
They or references or aliases to a specific task in a playbook
- name: Install and Start HTTPD
hosts: all
tasks:- name: Install httpd
yum:
name: httpd
state: present
tags: i-httpd - name: Start HTTPD
service:
name: httpd
state: started
tags: s-httpd
- name: Install httpd
Remember, ‘tags’ is not part of the module so it shouldn’t be indented like it is.
ansible-playbook httpd.yml -t i-httpd,task2,task3
This is different than start-at-task because it will only run the one task in the playbook.
ansible-playbook httpd.yml –list-tags
ansible-playbook httpd.yml –skip-tags i-httpd,task2,task3
What can variables contain in their names?
Name some import variable info/rules
Letters, numbers, undersdcore
Should always start with a letter
Cannot have . or -
Variables can be defined inside of inventory files as well
Create a variablee and use it in a playbook
These are really good for long names and things that you will most likely misspell
Create a list of packages to install
- name: Install A package
hosts: all
vars:
package: httpd
tasks:- name: Install Package
yum:
name: “{{ package }}”
state: present
- name: Install Package
LIST OF PACKAGES
- name: Install
hosts: all
vars:
packages:
- httpd
- named
tasks:
- name: Install packages
yum:
name: “{{ packages }}”
state: present
Using a variable, copy a file from the Control node to the managed node
– name: Copy
hosts: all
vars:
flpth: /home/delsinm/file.txt
tasks:
- name: Copy a file
copy:
src: “{{ flpth }}”
dest: /tmp
owner: root
group: root
mode: 0777
Using a variable, create a file on a server but don’t append the .txt to the end in the variable. Provide .txt later in the playbook
- name: File Creation
hosts: all
vars:
fl: freddy
tasks:- name: Create file
file:
path: “/etc/{{ fl }}.txt”
state: touch
- name: Create file
STUDY VARIABLES BECAUSE THIS HAS NOT BEEN GONE OVER IN-DEPTH
Create a web_servers group in the host file
give these web_servers their very own specific variables to use in a playbook.
How would you use these?
vi /etc/ansible/hosts
[web_servers]
server1 ansible_host=192.168.10.10
server2 ansible_host=192.168.10.11
[web_servers:vars]
dns=ns1.example.com
proxy=proxy.example.com
You can use these specifically for the web_servers group like the below:
– name: Show dns name
hosts: web_servers
tasks:
- name: Show web servers
debug:
msg: “The dns server is {{ dns }}”
If you wanted to call a server called server9’s dns variable that’s in another group you could use:
msg: “The dns for the db_servers is {{ hostvars[‘webhost1’][‘dns’] }}”
What is Ansible Vault used for?
You often have to share code with others on your network/team. Sharing over the network is always risky.
Ansible vault gives password protection to your code
Create a password protected playbook and then open it
View the vaulted file
Edit it
ansible-vault create httpbyvault.yml
put whatever you want in your playbook here
TO OPEN
ansible-playbook httpbyvault.yml – ask-vault-pass
ansible-vault view httpbyvault.yml
ansible-vault edit httpbyvault.yml
