Showing posts with label ansible-playbook. Show all posts

Wednesday, December 22, 2021

Ansible variables, Lists, Dictionaries

There are many boring tasks in your daily job which can be automated easily if you know some of the tools like here, Ansible. Let's explore more on how to use the variables in the playbooks.

In this post we will be covering :

Basic datatypes
List variables and using them
Dictionary variable and accessing them

Variables and Datatypes in Ansible

In Ansible variables can be defined under global tasks or they can be defined at local to a task level. support all the Python supported datatypes.

---
# Filename: varibles_datatypes.yml
 - name: varibles in ansible
   hosts: localhost
   gather_facts: false
   vars:
     a: "Vybhava Technologies"
     b: yes
     n: 100
     m: 500.99
   tasks:
     - debug:
         msg:
           - "a= {{ a }} a type: {{ a |type_debug }}"
           - "b= {{ b }} b type: {{ b |type_debug }}"
           - "n= {{ n }} n type: {{ n |type_debug }}"
           - "m= {{ m }} m type: {{ m |type_debug }}"

The execution output is :

ansible-playbook varibles_datatypes.yml

Screenshot

Ansible Lists

In Ansible List object is similar to the Python list. Which can be assigned alist variable within a single line or lease it can be represented in the column which will start by using "-" for each element. Here I've experimented with two options.

# File: hello.yml
 - name: List variables from ansible playbook
   hosts: localhost
   gather_facts: no
   vars:
     mylearning_list: ['Linux','git','Jenkins','Docker','Kubernetes','Ansible']
   tasks:
     - name: printing list
       debug:
         msg:
         - "mylearning_list:"
         - "{{  mylearning_list  }}"

     - name: Concatenate a list to string
       set_fact:
         my_string: "{{ mylearning_list | join(',') }}"
     - name: Print the String
       debug:
         msg: "{{ my_string }}"

     - name: printing list element
       debug:
         msg: "mylearning_list: {{  mylearning_list[1] }}"
     - name: printing list range of elements
       debug:
         msg:
         - "mylearning_list[3:5]:"
         - "{{  myle

Ansible list of element usage

Ansible list example 02

 hosts: localhost
  gather_facts: no
  vars:
    devops_team:
      - srinu
      - rajshekhar
      - arun
      - charan
      - suresh
      - elavarsi

  tasks:
  - name: Display all elements of List
    debug:
      msg: "{{ devops_team }}"

  - name: Display a elements of List
    debug:
        msg: "{{ devops_team[3] }}"

  - name: Display rage of elements from List
    debug:
        msg: "{{ devops_team[3:6] }}"
~

Ansible Dictionaries

The python dictionaries can be used in the Ansible plays. The representation is within {} when we have few key:value
The data item will be stored with key and value

We can dfine a dictionary variable as two forms : 1. single line

osfam_web: {"el": "httpd", "ubuntu": "apache2"}

2. multiline form

osfam_web:
  el: httpd 
  ubuntu: apache2

Example Execution

[ansible@master qa]$ cat mydict.yml
---
# Filename: mydict.yml
 - name: Dictionaries in ansible
   hosts: localhost
   gather_facts: false
   vars:
     osfam: {"el":"httpd","ubuntu":"apache2"}
   tasks:
     - debug:
         msg:
           - "osfam.keys {{ osfam.keys() }}"
           - "osfam {{ osfam }}"
           - "osfam type {{ osfam |type_debug }}"
           - "osfam[el] {{ osfam['el'] }}"

Execution output

ansible-playbook mydict.yml

More variable stories on Ansible Automations are share:

Saturday, September 11, 2021

Ansible the lineinfile, blockinfile and replace modules

Hello !!

This post is for exploring the "lineinfile" vs 'blockinfile' and "replace" modules. The replace and the lineinfile use the path parameter to mark: The file to modify. lineinfile module is used to ensure[s] a particular line is in a file, or [to] replace an existing line using a back-referenced (backref) regular expression (regex).

Use the replace module if you want to change multiple, similar lines

The "dest" parameter is used for modules creating new files like template or copy modules. Just replace dest with path and both provided examples should work as expected.

Adding lines in the file

Adding a line in a file, if a file does not exist then it will create it.

---
# Filename: adding_line.yml
 - name: testing LineInFile module
   hosts: localhost
   tasks:
   - name: Add a line to a file if the file does not exist
     lineinfile:
       path: /tmp/hosts
       line: 192.168.1.99 ansiblectl.devopshunter.com ctl
       create: yes

The execution of the above playbook gives us the, update of the file /tmp/hosts file created with the line value. check the content of the file.

Screenshot 1

Create file if does not exists add line in file

Adding a line in file create if not

Insert before

A line can be inserted before the pattern matched

---
 - name: testing inline
   hosts: localhost
   gather_facts: no
   tasks:
   - name: insert before
     lineinfile:
       dest: /tmp/hosts
       line: 192.168.0.19 bhagathsing.devops.com bhagathsing
       insertbefore: (192.168.0.18*)

Execution will gives as follows:

the lineinfile moduel using insertbefore

Ansible the lineinfile module using insertbefore parameter

Insert After

Insert after the pattern line

---
 - name: testing inline
   hosts: localhost
   gather_facts: no
   tasks:
   - name: insert after
     lineinfile:
       dest: /tmp/hosts
       line: 192.168.0.18 freedome.devops.com freedome
       insertafter: (192.*)

lineinfile module with 'insertafter' parameter

Removal lines in a file of httpd.conf

---
 - name: testing inline
   hosts: localhost
   gather_facts: no
   tasks:
   - name: remove commented lines
     lineinfile:
      dest: /tmp/sample
      regex: "(^#)"
      state: absent
      backup: yes
   - name: remove tabbed commented lines
     lineinfile:
      dest: /tmp/sample
      regex: "(#)"
      state: absent
   - name: remove blank lines
     lineinfile:
      dest: /tmp/sample
      regex: "(^\n)"
      state: absent

The execution of removal of lines from the httpd.conf file.

Remove lines as per regex pattern in file

The lineinfile module uses to remove comment lines of httpd.conf file

Replace module

This module will be helps you to find and replace the text in remote/target server files.

/tmp/mytest.txt Step 2: Create a playbook with the File name: test-replace.yml and the content as follows

---
# Ansile replace module example
 - name: Ansile replace module
   gather_facts: no
   hosts: localhost
   become: yes
   tasks:
     - name: mytest.txt replace
       replace:
         path: /tmp/mytest.txt
         regexp: "ofmw"
         replace: "Oracle Fusion Middleware"

Assume that you have inventory file having 'webserver' group with node1, node2
Step 3: Execution output is as follows:

ansible-playbook test-replace.yml

Execution Screen shots:

'blockinfile' module

If you have multiple lines that need to be inserted into a file in remote box with Ansible blockinfile module. It works similar ot lineinfile module but here multiple lines can be processed.

--- 
# Filename: file-blocking.yaml
# targets [optional] if you pass extra vars ok, otherwise localhost
- name: Creating File with blockinfile
  gather_facts: no
  hosts: "{{ targets | default('localhost') }}"

  tasks:
  - name: Create new file
    file:
      path: /tmp/ansible-slogun.txt
      state: touch
    
  - name: Block of text adds to file
    blockinfile:
      path: /tmp/ansible-slogun.txt
      block: Ansible has a large collection of inbuilt modules to manage various cloud resources. The book begins with the concepts needed to safeguard your credentials and explain how you interact with cloud providers to manage resources. Each chapter begins with an introduction and prerequisites to use the right modules to manage a given cloud provider. Learn about Amazon Web Services, Google Cloud, Microsoft Azure, and other providers.

The playbook can be using no extra vars that means localhost will be target host, the executed as follows :

ansible-playbook file-blocking.yaml

References:

Saturday, August 7, 2021

Ansible 5: Commands and their examples

Hello Automation specialists, This post is for trying all the Ansible Command-line tools, it's like a cheat sheet for ansible CLI with executed examples to better understand their usage.

Ansible command-line utilities can be executed only on the box where the Ansible engine is installed and running.

ansible

ansible command is used for define and run a single task 'playbook' against a set of hosts. ansible command is an extra-simple tool/framework/API for doing 'remote operations'.

Case 1:

ansible -i inventory.yml all  --list-hosts # all 
   ansible -i inventory.yml dbserver  --list-hosts  #Specific group
   ansible -i inventory.yml common  --list-hosts # same as all if inventory is yml

Listing host using ansible command

Case 2:

   # inventory set in the ansible.cfg
    ansible all --list-hosts
    # a group specific
    ansible web --list-hosts
    # checking for a specific host in a group
    ansible web --list-hosts -l 192.168.33.220

Listing inventory host using ansible command

The ansible command list host option with limiting

ansible-config

Ansible uses configuration definations in the ansible.cfg file located in the /etc/ansible/ansible.cfg

ansible-config --help show help

The state of your Ansible configuration settings

ansible-config view

The list of variables we can retrieve using the following command:

ansible-config list

Ansible configuration list

You can see another list of configurations but you can also store it in a file

ansible-config dump

ansible configuration dump

You can get the list of overloaded variable values using :

ansible-config dump --only-change

Custom configurations

ansible-config command on awx docker container

ansible-console

This command allows for running ad-hoc commands or tasks against a chosen inventory from a shell with built-in tab auto-completion. It will supports several Linux like commands and you can modify its configuration at the runtime. You can get full help about some of the modules which is very simple in this shell.

ansible-console help for 'copy' command

ansible-console root@all ansibleprompt$ copy /tmp/hello.txt /home/ansibleuser

Task like copying files from the remote managed clients is simple.

You may be confused some commands same as in Linux, but the meaning is different in Ansible. Example 'cd' which change the hosts instead of changing the directory.

ansible-console help of cd command

You can explore any module from ansible-console and then you can add that into your playbook as task.

ansible-doc

To get help on the plug-ins and modules you can use this ansible-doc command.

 ansible-doc modulename

Example1:

ansible-doc stat

ansible-doc command applied against stat module

Example 2: To get the list of all modules

    ansible-doc -l

ansible-doc for list of modules

ansible-galaxy

The ansible-galaxy command will be used to create roles directory structure offline, you can also download community provided roles from the Galaxy website in online mode

ansible-galaxy search elk Searching for a module is similar to the search for image in docker cli. For example search for 'elk' role on Galaxy

ansible-galaxy search elk

searching for elk roles on galaxy

Let's try to install a module from Galaxy now:

ansible-galaxy search elk

elk installation using ansible-galaxy

ansible-inventory

If there are any host specific variable used then you can use --vars option against a host.

ansible-inventory --host 192.168.33.220 --vars

Which doesnot returns empty because the default inventory having only hosts and groups. # When you define inventory file as:

[vagrant@mstr prod]$ cat prod_inv_host_group
[prod]
localhost
[db]
192.168.33.200
[web]
192.168.33.210 ansible_user=vagrant
192.168.33.220 ansible_user=devadmin

then you can see the host vars as follows:

ansible-inventory -i prod_inv_host_group --host 192.168.33.220 --vars

# to get the graph which is similar to linux tree command to show the connection between groups and their host association

ansible-inventory --graph

ansible-inventory vars and graph

ansible-playbook

The actual Ansible automation will be happen with this command. You need to write task in a play then we can execute it by providing the playbook yaml file as argument.

Sample playbook

  ---
 - name: Hello from DevOpsHunter
   hosts: localhost
    
   tasks:
   - name: Greeting message
     debug:
       msg: "Welcome to DevOps Jungle... Start Hunting..."

Execution command

ansible-playbook /root/welcome.yaml

ansible-pull

Tuesday, August 3, 2021

Ansible 9 Custom Roles - Reusability

Hello Guys, welcome back to DevSecOps Automations!!

In this post, we will be exploring the Custom role create and usage in a playbook, which is a most industry requirement.

It depends on your use cases. It's always recommended to write a role if you have a complex set of tasks consist of handlers and jinja templates. Roles break down a complex playbook into simple and multiple reusable plays easy to read!

In the last post, we have learned about how ansible-galaxy helps us to install, create, modify the ready-made roles which are provided by the Ansible community freely on the Galaxy site.

What are the roles why we should use them in Ansible?

As per my understanding so far following points :

A role can be defined when we have to do one or many tasks
It is a set of tasks with a single objective (for example reboot of box - stop all process, reboot, start process)
You can organize the code in more readable form using roles it is like functions in Python or C
Here the main objective is that roles can be exchanged within the company playbooks and if it is more genric public can share in community
You can publish your roles to ansible galaxy community (public roles repository)
Ansible roles can be defined with specific structure of directories and files, role name can be directory vars directory contains main.yml file to define the variables that can be reused in the role's play

Steps to define your Ansible Custom Roles

Step 1: Create the directory structure using the ansible-galaxy command

cd roles
ansible-galaxy init apache --offline
cd apache/tasks

Step 2: to make more managable vim tasks/main.yml

- include: install.yml
- include: configure.yml
- include: service.yml

Let's create these files which are mentioned in the main.yml file, first install.yml file with

---
# install apache server
- name: install apache
  yum:
    name: httpd
    state: latest

Next configure.yml file with :

---
 - name: httpd configure
   copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
   notify:
     - restart apache service

 - name: send index.html
   copy: src=index.html dest=/var/www/html/index.html
   /var/www/html/

The third file is service.yml with:

---
 - name: start httpd service
   service: name=httpd state=started

Using static files by roles

Step 3: Let's create two static files as index.html file and httpd.conf file

 cp /etc/httpd/conf/httpd.conf .
 vi httpd.conf
 head httpd.conf
#
# ============== This is from ANSIBLE Configuration ======================
# This is the main Apache HTTP server configuration file.  It contains the

The web-page created from index.html file. cat roles/apache/files/index.html

Namaste Ansible configured Apache

Wishing you great learning... HAPPY A N S I B L E automations!!

Event Handlers - notify from roles

Now go to the apache/handlers where the main.yml entry you can use :

---
# Apache handler file
- name: restart apache service
  service: name=httpd state=restarted

Ensure that name of the handler should match to the name in the notify section in the configure.yml otherwise it wont trigger. cat main.yml Now update the meta information about this role

cd /home/vagrant/prod/roles
vim apache/meta/main.yml

Modify the following lines:

  author: Pavan Devarakonda
  description: Sample apache role
  company: Vybhava Technologies
  platforms:
  - name: EL
    versions:
    - all

Now goto the folder roles check with the tree command for 'apache'

tree apache
apache
├── defaults
│   └── main.yml
├── files
│   ├── httpd.conf
│   └── index.html
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   ├── configure.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

now back to the root of your project (in my casse path is /home/vagrant/prod) or else /etc/ansible vime apache-site.yml

---
- hosts: web
  gather_facts: false
  roles:
    - apache
    #- ntp you can add more roles

Now all set to go, check the syntax

ansible-playbook apache-site.yml --syntax-check

Run the playbook:

ansible-playbook apache-site.yml -b

Here -b is given to become all the install, configure, service commands need root access, where you can mention this inside playbook 'become: yes'

Once the playbook is executed successfully there will be 3 changes. Validate that

DevOps Hunter