Ansible

Quick Ansible test

This is memo when I want to run simple tasks quickly. Directory. $ tree . ├── ansible.cfg ├── hosts └── test.yml In hosts. [servers] server1.mydomain.com server2.mydomain.com server3.mydomain.com test.yml. - name: test-playbook hosts: servers tasks: - cron: name: "Add a cron when rebooting" special_time: reboot job: "echo $PATH" user: atlex00 ansible.cfg [defaults] host_key_checking = False deprecation_warnings=False Exec: ansible-playbook ./test.yml -i hosts -bD -C

Manage AWS Route53 with Ansible

I have a chance to automate AWS Route 53 manipulation with Ansible and here is a note. As Ansible always does, most useful informations are in the official document. Set up environment Install boto According to an Ansible official document, We need to install boto (AWS SDK for Python). boto: https://aws.amazon.com/de/developers/getting-started/python/ pip install -U boto Get AWS API keys and export it boto used two keys in order to use AWS API under the hood.

Loop in Ansible

Loop https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html If you are falifilar with any of program language, you can understand loop in Ansible as iteration like for. while, or etc.. Sample Loop lines in a file Answer from Cristian was the answer. https://stackoverflow.com/questions/33541870/how-do-i-loop-over-each-line-inside-a-file-with-ansible/33544101 directory structure ├── files │ └── list.txt └── tasks └── main.yml In tasks/main.yml, --- - debug: msg: "{{ item }}" loop: "{{ lookup('file', 'files/list.txt').splitlines() }}" In files/list.txt, This is the first line. I'm second line.

Ansible Vault

Prepare: password file Create a simple password file. In the following case, I store it at ~/.ansible_vault_password. How to use Here is the simple snippets. ansible-vault create --vault-password-file ~/.ansible_vault_password ./foo.key # Make encrypted file and start editing. ansible-vault edit --vault-password-file ~/.ansibe_vault_password ./foo.key ansible-vault encrypt --vault-password-file ~/.ansible_vault_password ./foo.key # Encrypt existing file. Further Ansible-vault usees AES for its encryption. You can use executable file as a password file (don’t forget to add executable permission, unless you’ll get HMAC error when you append -vvvv option).

Tips for Ansible

Before installing via pip (in WSL) sudo apt install libffi-dev Debugging step by step Run a playbook with option --step. Pipe (|) in variable It is called “filter”. https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#product-filters when, and, or, not https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html Group restriction If you have a large amount of servers in inventories, -l option can restrict the target of playbook. -l Server_group_name -l FQDN What ever the system use systemd or initd When your environment has different OSs, systemd module doesn’t work sometimes.