Ansible 10 Shell vs Command module

By -

Hello DevSecOps Automation learners!! You can do wonders by learning Ansible Automations along with me.

The Ansible can run the command module as default that is you don't need to mentioned with -m option for command. That means when you don't mention any module then it is working with the 'command module'

Ansible Shell vs Command module
Ansible Shell vs Command module


Here we will execute in details of experiment with 4 different use cases which could be part of your automation playbook construct:

  1. Both operate similarly
  2. When redirect operator used
  3. When pipes used between commands
  4. Multiple commands need to run

Let's examine these use cases

1. Both operate similarly

If we need to run single Linux command to be executed then both shell, commands modules operates same way there is no difference. Here I'm using "who -r" command to be run. If we don't mention any module name then command module by default.


# Using default command module
ansible web -a "who -r"

#or
ansible web -m command -a "who -r"

# trying with localhost also fine
ansible localhost -m command -a "who -r"

# using shell module here	
ansible web -m shell -a "who -r"
Image
Ansible Shell vs Command module usage




2. When the redirection operator used

when we need to store the command execution stdout to a file we will be either using redirection operator such as greater-than or double greater-than operators. Let's see the execution of whoami command output store to user.dat file.
# Using shell module creating a redirecting file
ansible localhost -m shell -a "whoami >user.dat"


3. When pipe used between commands

Command has its limitation to execute single Linux command and output it. whereas, shell can be used for multiple commands with pipe operator allowed. let's see how it works here:
# Using shell module with pipe
ansible web -m shell -a "who -r|awk -F' ' '{print $3}'"

# pipe is not allowed in the command module ...  so fails 
ansible web -m command  -a "who -r|awk -F' ' '{print $3}'"

Image:

Ansible Shell vs Command module example
Ansible Shell vs Command module using pipe


4. When multiple commands to be run


If you need to run the multiple Linux commands, where we can use either double-ampersand && or semi-colon ; operators in between those Linux commands, This can works good with Shell module but doesn't works with command module. Hence we need to understand the limitations of command module.
# works good with shell
ansible web -m shell -a "who -r && uptime"

# fails to output with command module 
ansible web -m command -a "who -r && uptime"

# command fails when ; used
ansible web -m command -a "who -r; uptime"

# It is okay for shell module for ; separate multiple commands
ansible web -m shell -a "who -r; uptime"
The execution of the above commands output Image:
Shell vs command modules using && and ;
Ansible Shell vs Command module using && and ;

Conclusion: 

If you want to run a command securely and predictably, it may be better to use the 'command module'.

Ansible 'shell module' can run most commands that can run from bash script or CLI. They are powerful, but also opens up the doors for attachers so be careful.

 There is no file storage and usage of the process to process piped for connecting one command with other in command module not possible. You can see the error when you use '>' or '|; with com

Comments

Post a Comment

Popular posts from this blog

Ansible Jinja2 Templates: A Complete Guide with Examples

By -
Image
Here I'm starting this post with famous ARISTOTLE quote. "We are what we repeatedly do. Excellence, then is not an act, but a Habit" Welcome back Ansible Automations and who are habituated as Ansible automation specialists this post for them to give boosted walk through, In this post, I would like to share my experiments with Jinja2 templates usage on the Ansible playbook. Of-course Jinja is from Japan it is world famous for templatization capabilities badvanced Ansible templating techniquesy integrating with multiple languages such as Python, Ruby, Salt talk etc. In this post we will be cover the following topics: What is Jinja2 template do in Ansible? Template with filters Template with Lists and sets Template module in Ansible Template with Flow Control Template using Looping Template inheritance** What is Jinja2 template do in Ansible? Jinja2 is another Python library created for Flask web framework, that comes part of Ansible installation. It is special ability as i...
Read more

Ansible 11 The uri module with examples

By -
Image
 Hey DevSecOps Automation specialist, Welcome back to the DevOps Hunter blog. In this post, I made it for learning more about all possible parameters that we can use when an application validation is done with the Ansible 'uri' module.  Why uri module? Web Application returns status HTTPCode 200 for success, 404 for failures, and also for 503 for Server internal issues. When you work on the restart of a web application we need to know the status of the application to proceed with the next move. So this uri module is most important for reboot and restart of web applications using ansible. The uri module parameters Supported parameters include: attributes, backup, body, body_format, client_cert, client_key, content, creates, delimiter, dest, directory_mode, follow, follow_redirects, force, force_basic_auth, group, headers, http_agent, method, mode, owner, regexp, remote_src, removes, return_content, selevel, serole, setype, seuser, src, status_code, timeout,...
Read more

Jenkins Active choices parameter - Dynamic input

By -
Image
Hello DevOps team!! Today I've revisited the experiment with the Jenkins ACTIVE CHOICE Parameter  to get the Dynamic parameters effect on the Build Job parameters. Installation Active Choice parameter - Groovy Script Prerequisite: Jenkins installed Up and running on your target master machine. Jenkins URL accessible   Step 1: Install Active Choice plugin On the Jenkins Dashboard, select the Manage Jenkins, Plugin- Manager, In the Available tab search for word 'Active', where you can see Active Choice plugin and choose installation option, and this will enables three different parameters in the "Add Paramters" list. They are : 1. Active choice parameter 2. Active Choice Reactive parameter 3. Active choice Reactive Reference parameter Here In my example I will use two of them, Firstly Active Choice Parameter for "environment". Create new item Name: active_project select a freestyle project click OK button. In the General tab, select the checkbo...
Read more