Cheatography
https://cheatography.com
Ansible Playbook reminder
Playbook
---
- name: Create FW rule
hosts: all
gather_facts: no
roles:
- role: robertdebock.mysql
become: yes
vars:
mysql_user_name: tony
tasks:
- include-tasks: tasks/useful.yml
- firewalld:
var: ansible_facts`
port: "{{ http_port | default('88') }}/tcp"
service: http
source: 192.0.0.0/24
zone: public
state: enabled
permanent: yes #(persist reboot)
immediate: yes #(enable now)
- name: Generate password
shell: pwgen -N 1 -s 30
register: myPass
- name: Print the generated password
debug:
msg: "The password is {{ myPass }}";
|
- When the option expects a variable as parameter, you don't need double curly breaths around variables.
- When line start with a variable like on the port
line above, you must use double quote " around the variable.
- Boolean value accept: yes, true, True, TRUE and no, NO, false, FALSE
|
Block
- hosts: server1
tasks:
- name: Install git and restart nginx
block:
- name: install Git
yum: name=git state=present
- name: Restart nginx
service: name=nginx state=restarted
become: yes
when: ansible_facts['distribution']=='CentOS'
rescue: # Do this if the task fail
- mail:
to: admin@domain.com
subject: Houston, We've Got a Problem
body: task {{ ansible_failed_task.name }}
always: # Always do this
- mail:
to: user@domain.com
subject: "{{ ansible_play_name }} status"
body: "{{ ansible_failed_result }}"
|
|
Magic Variables
hostvars['srv1'].ip_address |
Get vars value defined for another host |
hostvars['srv1'].ansible_facts.mounts |
Get facts value from another host |
hostvars['srv1'][ansible_facts][mounts] |
Same as above writen diffrently |
group_names |
Get all groups the current host is part of |
inventory_hostname |
Get the current host name define in inventiry not the FQDN |
Performances tuning
gather_facts: False |
Disable facts gathering |
forks=50 (in ansible.cfg) |
or --forks 50 or -f 50 on CLI (default is 5) |
[ssh_connection] (in ansible.cfg)
ssh_args = -o ControlMaster=auto -o ControlPersist=60s |
pipelining = True (in ansible.cfg) |
Reduce the number of SSH connections |
strategy: free |
Execute tasks without waiting for other hosts to finish their tasks |
|
|
Inventory
all:
hosts:
mail.example.com:
ansible_host: 192.168.1.230
ansible_user: mailmin
children:
webservers:
hosts:
frcllweb001:
ansible_host: 192.168.1.231
|
ansible.cfg precedence
1. $ANSIBLE_CONFIG |
2. ansible.cfg in playbook dir |
3. ~/.ansible.cfg |
4. /etc/ansible/ansible.cfg |
Error Handling
any_errors_fatal: true |
Will stop & exit playbook if any error |
ignore_errors: true |
Execute next tasks on failed hosts |
failed_when: <condition> |
Task fail when condition is met |
Avoid using shell or command modules, they will simply execute the command without any validations, use the appropriate module.
Ansible tips & triks
Make your playbook executable
Add the following sheebang at the top of your palybook:
#!/usr/bin/ansible
and add the executable bit to your playbook file
chmod +x <my_playbook.yml>
Now you can execute your playbook like a regular script ./my_playbook.yml |
|
Created By
Metadata
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets