Tips for Ansible

Page content

Before installing via pip (in WSL)

sudo apt install libffi-dev

Debugging step by step

Run a playbook with option --step.

Pipe (|) in variable

It is called “filter”.

https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html

https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#product-filters

when, and, or, not

https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html

Group restriction

If you have a large amount of servers in inventories, -l option can restrict the target of playbook.

-l Server_group_name
-l FQDN

What ever the system use systemd or initd

When your environment has different OSs, systemd module doesn’t work sometimes. Instead, I want to recommend to use system`` module. It can handle both init.d/ and systemd.

Frequesntly used options in ansible-playbooks

  • -C: check = dry run.
  • -b: become root user in the target system.
  • -D: Show difference of changes if there is.

Handler

There are some frequently used operations such as “restarting a webserver (after its configuration is changed)” . If you need the template for such kind of an operation, you’d better to prepare a “handler” for this purpose.

When overwriting the files

In production deployments, backup=yes option is regarded as mandatory.

Magic variable for debug

ansible_check_mode

use pipe in command

not command, but shell.

devide tasks

include_tasks directive.

explicitry refer from the path of a root

{{ role_path }}

for with dict

with_dict.

Pass prompt

Someties command required prompt and ansible would fail. Here is a sample.

shell: echo "\n\n\n\n\n\n\n\n\n\n" | pecl install {{ item }}

Issue of operation

No execution log remained. Basically we don’t need the log if we can write a script to preserve idempotency.

Stote an execution result

- name: Check PHP version
  shell: pecl version
  register: pecl_version

- set_fact:
    pecl_version={{ pecl_version.stdout }}

- debug: var=pecl_version

Create role directory

ansible-galaxy role init {{ your_role_name }}

Get targets

Get all targets in an inventory.

ansible-inventory -i inventory --list

Debugging ansible tasks

Use tags option.

in tasks: task.yml

- name: Install the package "foo"
  apt:
    name: foo
    state: present
  tags: tag1

Exec:

ansible-playbook ./test.yml --tags "tag1"

Visualize playbooks

https://github.com/haidaraM/ansible-playbook-grapher

Fast deploy with Mitogen for Ansible (Oct. 2021)

https://mitogen.networkgenomics.com/ansible_detailed.html

All I had to do to use Mitogen for Ansible was, download the Mitogen source code and refer it from Ansible as described in official document. But there was a version issue. I downloaded release candidate version ()

https://github.com/mitogen-hq/mitogen/pull/715 https://github.com/mitogen-hq/mitogen/issues/652

My understanding of Mitogen is, it enables us to executre remote Python script quick and safe.

Groups which contain hosts and group

[mixed_group:children]
child_group

[mixed_group]
child_host

Don’t use a hyphen in names of groups and hosts

English grammar

https://docs.ansible.com/ansible/latest/dev_guide/style_guide/grammar_punctuation.html

Run playbook against a server which is not included in inventory

https://stackoverflow.com/a/18255256/9923806

Hostname (or IP) and a comma:

ansible-playbook playbooks/master.yml -CD -i 192.168.0.123,