Show Menu
Cheatography

Ansible Playbook Cheat Sheet by

Ansible Playbook reminder

Playbook

---
- name: Create FW rule
  hosts: all
  gather_facts: no
  roles:
  - role: robertdebock.mysql
    become: yes
    vars:
      mysql_user_name: tony
  tasks:
  - include-tasks: tasks/useful.yml
  - firewalld:
      var: ansible_facts`
      port: "{{ http_port | default('88') }}/tcp"
      service: http
      source: 192.0.0.0/24
      zone: public
      state: enabled
      permanent: yes #(persist reboot)
      immediate: yes #(enable now)

  - name: Generate password
    shell: pwgen -N 1 -s 30
    register: myPass

  - name: Print the generated password
    debug:
      msg: "The password is {{ myPass }}";
- When the option expects a variable as parameter, you don't need double curly breaths around variables.
- When line start with a variable like on the
port
line above, you must use double quote " around the variable.
- Boolean value accept: yes, true, True, TRUE and no, NO, false, FALSE

Block

- hosts: server1
  tasks:
  - name: Install git and restart nginx
    block:
    - name: install Git
      yum: name=git state=present
    - name: Restart nginx
      service: name=nginx state=restarted
    become: yes
    when: ansible_facts['distribution']=='CentOS'
    rescue: # Do this if the task fail
     - mail:
         to: admin@domain.com
         subject: Houston, We've Got a Problem
         body: task {{ ansible_failed_task.name }}
    always: # Always do this
    - mail:
        to: user@domain.com
        subject: "{{ ansible_play_name }} status"
        body: "{{ ansible_failed_result }}"

Variables preced­ences

Magic Variables

hostva­rs[­'sr­v1'­].i­p_a­ddress
Get vars value defined for another host
hostva­rs[­'sr­v1'­].a­nsi­ble­_fa­cts.mounts
Get facts value from another host
hostva­rs[­'sr­v1'­][a­nsi­ble­_fa­cts­][m­ounts]
Same as above writen diffrently
group_­names
Get all groups the current host is part of
invent­ory­_ho­stname
Get the current host name define in inventiry not the FQDN

Perfor­mances tuning

gather­_facts: False
Disable facts gathering
forks=50 (in ansibl­e.cfg)
or --forks 50 or -f 50 on CLI (default is 5)
[ssh_c­onn­ection] (in ansible.cfg)
ssh_args = -o Contro­lMa­ste­r=auto -o Contro­lPe­rsi­st=60s
pipelining = True (in ansibl­e.cfg)
Reduce the number of SSH connec­tions
strategy: free
Execute tasks without waiting for other hosts to finish their tasks
 

Inventory

all:
  hosts:
    mail.example.com:
      ansible_host: 192.168.1.230
      ansible_user: mailmin
  children:
    webservers:
      hosts:
        frcllweb001:
          ansible_host: 192.168.1.231

ansibl­e.cfg precedence

1. $ANSIB­LE_­CONFIG
2. ansibl­e.cfg in playbook dir
3. ~/.ans­ibl­e.cfg
4. /etc/a­nsi­ble­/an­sib­le.cfg

Error Handling

any_er­ror­s_f­atal: true
Will stop & exit playbook if any error
ignore­_er­rors: true
Execute next tasks on failed hosts
failed­_when: <co­ndi­tio­n>
Task fail when condition is met
Avoid using shell or command modules, they will simply execute the command without any valida­tions, use the approp­riate module.

Ansible tips & triks

Make your playbook executable
Add the following sheebang at the top of your palybook:
#!/usr­/bi­n/a­nsible

and add the executable bit to your playbook file
chmod +x <my­_pl­ayb­ook.ym­l>
Now you can execute your playbook like a regular script ./my_p­lay­boo­k.yml
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Ansible Cheat Sheet