Ansible

Quick Ansible test

This is memo when I want to run simple tasks quickly. Directory. $ tree . ├── ansible.cfg ├── hosts └── test.yml In hosts. [servers] server1.mydomain.com server2.mydomain.com server3.mydomain.com test.yml. - name: test-playbook hosts: servers tasks: - cron: name: "Add a cron when rebooting" special_time: reboot job: "echo $PATH" user: atlex00 ansible.cfg [defaults] host_key_checking = False deprecation_warnings=False Exec: ansible-playbook ./test.yml -i hosts -bD -C

Manage AWS Route53 with Ansible

I need to automate AWS Route 53 operation with Ansible, and here is a note. (As Ansible always does, most useful informations are in the official document.) Set up environment Install boto According to the Ansible official document, We need to install boto (AWS SDK for Python). pip install -U boto Get AWS API keys and export it boto uses two keys in order to use AWS API under the hood.

Loop in Ansible

Loop https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html If you are falifilar with any of program language, you can understand loop in Ansible as iteration like for. while, or etc.. Sample Loop lines in a file Answer from Cristian was the answer. https://stackoverflow.com/questions/33541870/how-do-i-loop-over-each-line-inside-a-file-with-ansible/33544101 directory structure ├── files │ └── list.txt └── tasks └── main.yml In tasks/main.yml, --- - debug: msg: "{{ item }}" loop: "{{ lookup('file', 'files/list.txt').splitlines() }}" In files/list.txt, This is the first line. I'm second line.

Ansible Vault

Prepare: a password file Create a simple password file. In this post, I store it at ~/.ansible_vault_password. How to use Here are the simple snippets: # Make encrypted file and start editing ansible-vault create --vault-password-file ~/.ansible_vault_password ./foo.key # Edit encrypted file ansible-vault edit --vault-password-file ~/.ansibe_vault_password ./foo.key # Encrypt original file ansible-vault encrypt --vault-password-file ~/.ansible_vault_password ./foo.key Tips Ansible-vault usees AES as its encryption algorithm. You can use executable file as a password file (don’t forget to add executable permission, unless you’ll get a HMAC error (you can check by appending -vvvv option).

Tips for Ansible

Before installing via pip (in WSL) sudo apt install libffi-dev Debugging step by step Run a playbook with option --step. Pipe (|) in variable It is called “filter”. https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#product-filters when, and, or, not https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html Group restriction If you have a large amount of servers in inventories, -l option can restrict the target of playbook. -l Server_group_name -l FQDN What ever the system use systemd or initd When your environment has different OSs, systemd module doesn’t work sometimes.