Ansible

---

# Ansible Certification: Red Hat EX407 
- Notes from O'Reilly Course by Sander van Vugt 

- tasks :
    - name: Ansible Fundamentals  # Space after - is mandatory !
   
    - name: Lession 1 Taking an Ansible Test-drive
        - ansible.cfg
        - inventory 
        - anisble modules location (in macOS) : /usr/local/lib/python3.7/site-packages/ansible/modules/
        - ansible localhost -m ping
        - ansible localhost -a "whoami"
        - anisble all -a "id"  # label all is implicit meaning all hosts in the inventory
        - ansible localhost -m command -a "id"
        - ansible localhost -m command -a "date"
        - ansible localhost -m shell -a "date"
        - privilege escalation : become become_user become_method become_ask_pass
        - pradeep ALL=(ALL) NOPASSWD: ALL (for sudo permissions) # /etc/sudoers.d/pradeep
        - ssh-keygen
        - ssh-copy-id user@remotehost
        - yum search epel
        - yum install epel-release
        - yum search ansible
        # ansible-lint package for syntax check

       

    - name: Lession 2 Understanding Ansible Architecture
      notes:
        - ansible-doc -l
        - ansible-doc -s ping
        - ansible-doc -s slack
        - ansible-doc -s copy
        - ansible-doc -s template
        - ansible-doc -s command
        - ansible-doc -s yum
        - ansible-doc -s file
        - ansible-doc -s junos_facts

   
    - name: Lession 3 Working with Playbooks
        - ansible-playbook --syntax-check pb_collect_facts.yml 
        - ansible-playbook pb_collect_facts.yml --list-hosts
        - ansible-playbook -C pb_collect_facts.yml # for Dry-Run
        - ansible-playbook --step pb_collect_facts.yml
        - lineinfile module # to modify an existing line in a file
        - firewalld module 


    - name: Lession 4 Working wiht Variables,Inclusions and Task Control, Facts
        - Highest level scope wins  Global, Play, Host
        - Global: command line or ansible.cfg file
        - Host: individula hosts or groups via inventory file
        - Playbook:
          - hosts: all
            vars: # keyword to define variables
              user: pradeep
              home: /home/pradeep
        - Variable files:
          - hosts: all
            vars_files: # keyword to specify exterbal variable files 
              - vars/users.yml
            
              # cat var/users.yml
              # user: pradeep
              # home: /home/pradeep
              # user: suma
              # home: /home/suma
        - Using variables 
        - tasks:
            - name : Creates the user  
              user:
                name: "" # if the variable is used as the first element , double quotes mandatory !

        - Importance of Project Directory wiht various files 
        - Host variables and Group variables
        # These may be defined in the inventory file, but that is deprecated
        # Recommended method to use group_vars and host_vars directories ...

        # [webservers]
        # server1.example.com

        # [webservers:vars] ## To define variables inside inventory file 
        # user=pradeep


        # Within the Project Directory , which contains the inventoru file create directories group_vars and host_vars

        # If we have a host group "webservers" defined in the inventory, 
        # create file with the same name "group_vars/webservers" and in this file, define the variable 

        # Similarly for individul hosts, create a file wiht the name of the host and put it in "host_vars"
        # for example, "host_vars/server1"

        # Variables can be overwritten from command line with -e "key=value" option to the ansible-playbook command 


        # (base) pradeep-mbp:Desktop pradeep$ tree vardemo/  #Project Directory
        # vardemo/
        # |-- group_vars
        # |   |-- ftpservers
        # |   `-- webservers
        # `-- inventory

        # 1 directory, 3 files

        # (base) pradeep-mbp:Desktop pradeep$ cat vardemo/inventory 
        # [webservers]
        # server1.exmaple.com
        # server2.example.com

        # [ftpservers]
        # server3.example.com
        # server4.example.com

        # A variable named "package" is defined which could be used in the respective playbooks as 
        # (base) pradeep-mbp:Desktop pradeep$ cat vardemo/group_vars/ftpservers 
        # package: vsftp
        # (base) pradeep-mbp:Desktop pradeep$ cat vardemo/group_vars/webservers 
        # package: http
        # (base) pradeep-mbp:Desktop pradeep$ 



        # Arrays : Variables that define multiple values 
        - example array 
          users:
            pradeep:
              first_name: pradeep
              last_name: gadde
              home_dir: /home/pradeep
            suma:
              first_name: suma
              last_name: gadde
              home_dir: /home/suma

        # we may refer to these using the following syntax -  users.pradeep.first_name , users.suma.home_dir etc ..


        - Using Facts  # discovered information about a host, can be used as conditions to run specific tasks only when necessary
        # The "setup" module is used to gather facts
        - ansible server1.example.com -m setup

        # We can filter facts with -a 'filter=..'  Level 1 info
        - ansible server1.example.com -m setup -a 'filter=ansible_kernel'
        - ansible localhost -m setup -a 'filter=ansible_kernel'
          # [WARNING]: No inventory was parsed, only implicit localhost is available
          # localhost | SUCCESS => {
          #     "ansible_facts": {  
          #         "ansible_kernel": "19.4.0"
          #     },
          #     "changed": false
          # }

        - Custom Facts : manually created by Admins
        # INI or JSON format wiht .fact extension stored in /etc/ansible/facts.d 
        # will be shown as "ansible_local"
        

        # Inclusions both for tasks and variables
        - include_vars
        - include 

        # Variable Precedence  include_vars > Global Scope (command line -e option or ansible.cfg) > Playbook > Host Level
        tasks:
         - name: Read the tasks.yml to find what to do 
           include: tasks.yml  # Main task definition  included here 
           vars: # vaiables will be defined in the main file
             package: samba
             service: smb
             state: started
           register: output


          # cat tasks.yml 
          # - name: install the 
          #   yum:
          #     name: ""
          #     state: latest
          
          # - name: start the 
          #   service:
          #     name: ""
          #     state: ""

        # Include_vars Example
          - name: Install some packages
            hosts: all
            tasks:
              - name: include packages
                include_vars: packages.yml ## variables are defined here in this file 
              
              - name: installs 
                yum:
                  name:""
                  state: latest
        
        # cat packages.yml
        # ---
        # packages:
        # my_pkg: httpd

       - name: Lession 5 Using Flow Control, Conditionals, Jinja Templates
        # A loop is used to process a series of values in an array
        # simple loop  "with_items" statement

         - yum:
              name: ""  # the item variable follows from the with_items loop type
              state: latest
           with_items:
              - nmap
              - net-tools

        # - name: create users
        #   hosts: all
        #   tasks:
        #     - user:
        #         name: ""
        #         state: present
        #         groups: "
        #       with_items:
        #         - { name: 'pradeep',groups: 'wheel'}
        #         - { name: 'suma',groups: 'root'}


        # Nested Loops - a loop inside a loop 
        # Ansible iterates over the first array and applies the values in the second array to each item in the first array

        # with_nested is the keyword for this type of loop
        - name: give users access to multiple databases
          mysql_user:
            name: ""
            priv: ".*:ALL"
            append_privs: yes
            password: 'foo'
          with_nested:
            - [ 'pradeep','suma']
            - [ 'clientdb','employeedb','providerdb']


        # Other loop types are with_file, with_fileglob,with_sequence, with_random_choice ..

        # Working with Conditionals
        # To run tasks only on hosts that meet specific conditions

        # == < > <= != isdefined is not defined  etc 

        # When statement is used to implement a condition

        # when statement must be indented outside a module, at the top level of the task

        - name: Install the mariadb package
          package:
            name: mariadb
          when: inventory_hostname in groups["databases"]

        # multiple conditions can be combined with and or 

        # we can use "register" to save the information about the result of a task into a variable
        # result.rc  could be used in when conditions 


        # Jinja2 templates

        # cat motd.j2
        # This is the system .
        # Today it is .
        # Only use this system if  has granted you permission !

        # cat motd.yml
        # - hosts: all
            user: user
            become: true
            vars:
              system_owner: pradeep@example.com
            tasks:
              - template:
                  src: motd.j2
                  dest: /etc/motd
                  owner: root
                  group: root
                  mode: 0644
                  
Back to Top ↑