From f559b33f2f12a6bb445d0ba99f4b0128a0fa41d0 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 9 Jun 2017 14:05:58 +0200 Subject: template, main topics placed --- ansible.html.markdown | 660 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 660 insertions(+) create mode 100644 ansible.html.markdown (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown new file mode 100644 index 00000000..b03b04fb --- /dev/null +++ b/ansible.html.markdown @@ -0,0 +1,660 @@ +--- +category: tool +tool: git +contributors: + - ["Jakub Muszynski" , "http://github.com/sirkubax"] +filename: LearnAnsible.txt +--- + +Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. +Ansible have great integration with multiple operating systems (even Windows using Power Shell) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) + +## Main cons and pros + +### Cons + +It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. +It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) + +### Pros + +It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. +It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! +It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) +Documentation is at the world-class standard! +The comunity (github, stackOverflow) would help you very fast. +Writing own modules and extension is fairly easy. + + +### Neutral +Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. + + +## Ansible naming and basic concept + +### Naming + +### ansible (run module (task)) + +### ansible-playbook (run set of tasks) + +### ansible-roles (a 'template-playbooks in right structure') + +### ansible - variables +lookup's + +### ansible-vault + +### inventory + +### dynamic inventory + +### Jinja2 and templates +jinja filters + +### ansible profiling - callback + +### facts-cache and ansible-cmdb + +### debugging ansible + +### Infrastructure as a code - what about Ansible +virtualenv + +### ansible - dynamic in AWS + +### create instance in AWS + +### create env in AWS + +## Bonus + +### writing own module + +### Python API + +### Web-UI: Ansible Tower, Jenkins, Rundeck + + +### Tips and tricks +AND,XOR +--check --diff +tags +meta +no_logs + +--- +Github template placeholder - to be removed + +### Centralized Versioning VS Distributed Versioning + +* Centralized version control focuses on synchronizing, tracking, and backing +up files. +* Distributed version control focuses on sharing changes. Every change has a +unique id. +* Distributed systems have no defined structure. You could easily have a SVN +style, centralized system, with git. + +[Additional Information](http://git-scm.com/book/en/Getting-Started-About-Version-Control) + +### Why Use Git? + +* Can work offline. +* Collaborating with others is easy! +* Branching is easy! +* Branching is fast! +* Merging is easy! +* Git is fast. +* Git is flexible. + +## Git Architecture + +### Repository + +A set of files, directories, historical records, commits, and heads. Imagine it +as a source code data structure, with the attribute that each source code +"element" gives you access to its revision history, among other things. + +A git repository is comprised of the .git directory & working tree. + +### .git Directory (component of repository) + +The .git directory contains all the configurations, logs, branches, HEAD, and +more. +[Detailed List.](http://gitready.com/advanced/2009/03/23/whats-inside-your-git-directory.html) + +### Working Tree (component of repository) + +This is basically the directories and files in your repository. It is often +referred to as your working directory. + +### Index (component of .git dir) + +The Index is the staging area in git. It's basically a layer that separates +your working tree from the Git repository. This gives developers more power +over what gets sent to the Git repository. + +### Commit + +A git commit is a snapshot of a set of changes, or manipulations to your +Working Tree. For example, if you added 5 files, and removed 2 others, these +changes will be contained in a commit (or snapshot). This commit can then be +pushed to other repositories, or not! + +### Branch + +A branch is essentially a pointer to the last commit you made. As you go on +committing, this pointer will automatically update to point the latest commit. + +### Tag + +A tag is a mark on specific point in history. Typically people use this +functionality to mark release points (v1.0, and so on) + +### HEAD and head (component of .git dir) + +HEAD is a pointer that points to the current branch. A repository only has 1 +*active* HEAD. +head is a pointer that points to any commit. A repository can have any number +of heads. + +### Stages of Git +* Modified - Changes have been made to a file but file has not been committed +to Git Database yet +* Staged - Marks a modified file to go into your next commit snapshot +* Committed - Files have been committed to the Git Database + +### Conceptual Resources + +* [Git For Computer Scientists](http://eagain.net/articles/git-for-computer-scientists/) +* [Git For Designers](http://hoth.entp.com/output/git_for_designers.html) + +## Commands + +### init + +Create an empty Git repository. The Git repository's settings, stored +information, and more is stored in a directory (a folder) named ".git". + +```bash +$ git init +``` + +### config + +To configure settings. Whether it be for the repository, the system itself, +or global configurations ( global config file is `~/.gitconfig` ). + +```bash +# Print & Set Some Basic Config Variables (Global) +$ git config --global user.email "MyEmail@Zoho.com" +$ git config --global user.name "My Name" +``` + +[Learn More About git config.](http://git-scm.com/docs/git-config) + +### help + +To give you quick access to an extremely detailed guide of each command. Or to +just give you a quick reminder of some semantics. + +```bash +# Quickly check available commands +$ git help + +# Check all available commands +$ git help -a + +# Command specific help - user manual +# git help +$ git help add +$ git help commit +$ git help init +# or git --help +$ git add --help +$ git commit --help +$ git init --help +``` + +### ignore files + +To intentionally untrack file(s) & folder(s) from git. Typically meant for +private & temp files which would otherwise be shared in the repository. +```bash +$ echo "temp/" >> .gitignore +$ echo "private_key" >> .gitignore +``` + +### status + +To show differences between the index file (basically your working copy/repo) +and the current HEAD commit. + +```bash +# Will display the branch, untracked files, changes and other differences +$ git status + +# To learn other "tid bits" about git status +$ git help status +``` + +### add + +To add files to the staging area/index. If you do not `git add` new files to +the staging area/index, they will not be included in commits! + +```bash +# add a file in your current working directory +$ git add HelloWorld.java + +# add a file in a nested dir +$ git add /path/to/file/HelloWorld.c + +# Regular Expression support! +$ git add ./*.java +``` + +This only adds a file to the staging area/index, it doesn't commit it to the +working directory/repo. + +### branch + +Manage your branches. You can view, edit, create, delete branches using this +command. + +```bash +# list existing branches & remotes +$ git branch -a + +# create a new branch +$ git branch myNewBranch + +# delete a branch +$ git branch -d myBranch + +# rename a branch +# git branch -m +$ git branch -m myBranchName myNewBranchName + +# edit a branch's description +$ git branch myBranchName --edit-description +``` + +### tag + +Manage your tags + +```bash +# List tags +$ git tag + +# Create a annotated tag +# The -m specifies a tagging message,which is stored with the tag. +# If you don’t specify a message for an annotated tag, +# Git launches your editor so you can type it in. +$ git tag -a v2.0 -m 'my version 2.0' + +# Show info about tag +# That shows the tagger information, the date the commit was tagged, +# and the annotation message before showing the commit information. +$ git show v2.0 + +# Push a single tag to remote +$ git push origin v2.0 + +# Push a lot of tags to remote +$ git push origin --tags +``` + +### checkout + +Updates all files in the working tree to match the version in the index, or +specified tree. + +```bash +# Checkout a repo - defaults to master branch +$ git checkout + +# Checkout a specified branch +$ git checkout branchName + +# Create a new branch & switch to it +# equivalent to "git branch ; git checkout " + +$ git checkout -b newBranch +``` + +### clone + +Clones, or copies, an existing repository into a new directory. It also adds +remote-tracking branches for each branch in the cloned repo, which allows you +to push to a remote branch. + +```bash +# Clone learnxinyminutes-docs +$ git clone https://github.com/adambard/learnxinyminutes-docs.git + +# shallow clone - faster cloning that pulls only latest snapshot +$ git clone --depth 1 https://github.com/adambard/learnxinyminutes-docs.git + +# clone only a specific branch +$ git clone -b master-cn https://github.com/adambard/learnxinyminutes-docs.git --single-branch +``` + +### commit + +Stores the current contents of the index in a new "commit." This commit +contains the changes made and a message created by the user. + +```bash +# commit with a message +$ git commit -m "Added multiplyNumbers() function to HelloWorld.c" + +# automatically stage modified or deleted files, except new files, and then commit +$ git commit -a -m "Modified foo.php and removed bar.php" + +# change last commit (this deletes previous commit with a fresh commit) +$ git commit --amend -m "Correct message" +``` + +### diff + +Shows differences between a file in the working directory, index and commits. + +```bash +# Show difference between your working dir and the index +$ git diff + +# Show differences between the index and the most recent commit. +$ git diff --cached + +# Show differences between your working dir and the most recent commit +$ git diff HEAD +``` + +### grep + +Allows you to quickly search a repository. + +Optional Configurations: + +```bash +# Thanks to Travis Jeffery for these +# Set line numbers to be shown in grep search results +$ git config --global grep.lineNumber true + +# Make search results more readable, including grouping +$ git config --global alias.g "grep --break --heading --line-number" +``` + +```bash +# Search for "variableName" in all java files +$ git grep 'variableName' -- '*.java' + +# Search for a line that contains "arrayListName" and, "add" or "remove" +$ git grep -e 'arrayListName' --and \( -e add -e remove \) +``` + +Google is your friend; for more examples +[Git Grep Ninja](http://travisjeffery.com/b/2012/02/search-a-git-repo-like-a-ninja) + +### log + +Display commits to the repository. + +```bash +# Show all commits +$ git log + +# Show only commit message & ref +$ git log --oneline + +# Show merge commits only +$ git log --merges + +# Show all commits represented by an ASCII graph +$ git log --graph +``` + +### merge + +"Merge" in changes from external commits into the current branch. + +```bash +# Merge the specified branch into the current. +$ git merge branchName + +# Always generate a merge commit when merging +$ git merge --no-ff branchName +``` + +### mv + +Rename or move a file + +```bash +# Renaming a file +$ git mv HelloWorld.c HelloNewWorld.c + +# Moving a file +$ git mv HelloWorld.c ./new/path/HelloWorld.c + +# Force rename or move +# "existingFile" already exists in the directory, will be overwritten +$ git mv -f myFile existingFile +``` + +### pull + +Pulls from a repository and merges it with another branch. + +```bash +# Update your local repo, by merging in new changes +# from the remote "origin" and "master" branch. +# git pull +$ git pull origin master + +# By default, git pull will update your current branch +# by merging in new changes from its remote-tracking branch +$ git pull + +# Merge in changes from remote branch and rebase +# branch commits onto your local repo, like: "git fetch , git +# rebase /" +$ git pull origin master --rebase +``` + +### push + +Push and merge changes from a branch to a remote & branch. + +```bash +# Push and merge changes from a local repo to a +# remote named "origin" and "master" branch. +# git push +$ git push origin master + +# By default, git push will push and merge changes from +# the current branch to its remote-tracking branch +$ git push + +# To link up current local branch with a remote branch, add -u flag: +$ git push -u origin master +# Now, anytime you want to push from that same local branch, use shortcut: +$ git push +``` + +### stash + +Stashing takes the dirty state of your working directory and saves it on a +stack of unfinished changes that you can reapply at any time. + +Let's say you've been doing some work in your git repo, but you want to pull +from the remote. Since you have dirty (uncommited) changes to some files, you +are not able to run `git pull`. Instead, you can run `git stash` to save your +changes onto a stack! + +```bash +$ git stash +Saved working directory and index state \ + "WIP on master: 049d078 added the index file" + HEAD is now at 049d078 added the index file + (To restore them type "git stash apply") +``` + +Now you can pull! + +```bash +git pull +``` +`...changes apply...` + +Now check that everything is OK + +```bash +$ git status +# On branch master +nothing to commit, working directory clean +``` + +You can see what "hunks" you've stashed so far using `git stash list`. +Since the "hunks" are stored in a Last-In-First-Out stack, our most recent +change will be at top. + +```bash +$ git stash list +stash@{0}: WIP on master: 049d078 added the index file +stash@{1}: WIP on master: c264051 Revert "added file_size" +stash@{2}: WIP on master: 21d80a5 added number to log +``` + +Now let's apply our dirty changes back by popping them off the stack. + +```bash +$ git stash pop +# On branch master +# Changes not staged for commit: +# (use "git add ..." to update what will be committed) +# +# modified: index.html +# modified: lib/simplegit.rb +# +``` + +`git stash apply` does the same thing + +Now you're ready to get back to work on your stuff! + +[Additional Reading.](http://git-scm.com/book/en/v1/Git-Tools-Stashing) + +### rebase (caution) + +Take all changes that were committed on one branch, and replay them onto +another branch. +*Do not rebase commits that you have pushed to a public repo*. + +```bash +# Rebase experimentBranch onto master +# git rebase +$ git rebase master experimentBranch +``` + +[Additional Reading.](http://git-scm.com/book/en/Git-Branching-Rebasing) + +### reset (caution) + +Reset the current HEAD to the specified state. This allows you to undo merges, +pulls, commits, adds, and more. It's a great command but also dangerous if you +don't know what you are doing. + +```bash +# Reset the staging area, to match the latest commit (leaves dir unchanged) +$ git reset + +# Reset the staging area, to match the latest commit, and overwrite working dir +$ git reset --hard + +# Moves the current branch tip to the specified commit (leaves dir unchanged) +# all changes still exist in the directory. +$ git reset 31f2bb1 + +# Moves the current branch tip backward to the specified commit +# and makes the working dir match (deletes uncommited changes and all commits +# after the specified commit). +$ git reset --hard 31f2bb1 +``` + +### reflog (caution) + +Reflog will list most of the git commands you have done for a given time period, +default 90 days. + +This give you the a change to reverse any git commands that have gone wrong +for instance if a rebase is has broken your application. + +You can do this: + +1. `git reflog` to list all of the git commands for the rebase +``` +38b323f HEAD@{0}: rebase -i (finish): returning to refs/heads/feature/add_git_reflog +38b323f HEAD@{1}: rebase -i (pick): Clarify inc/dec operators +4fff859 HEAD@{2}: rebase -i (pick): Update java.html.markdown +34ed963 HEAD@{3}: rebase -i (pick): [yaml/en] Add more resources (#1666) +ed8ddf2 HEAD@{4}: rebase -i (pick): pythonstatcomp spanish translation (#1748) +2e6c386 HEAD@{5}: rebase -i (start): checkout 02fb96d +``` +2. Select where to reset to, in our case its `2e6c386`, or `HEAD@{5}` +3. 'git reset --hard HEAD@{5}' this will reset your repo to that head +4. You can start the rebase again or leave it alone. + +[Additional Reading.](https://git-scm.com/docs/git-reflog) + +### revert + +Revert can be used to undo a commit. It should not be confused with reset which +restores the state of a project to a previous point. Revert will add a new +commit which is the inverse of the specified commit, thus reverting it. + +```bash +# Revert a specified commit +$ git revert +``` + +### rm + +The opposite of git add, git rm removes files from the current working tree. + +```bash +# remove HelloWorld.c +$ git rm HelloWorld.c + +# Remove a file from a nested dir +$ git rm /pather/to/the/file/HelloWorld.c +``` + +## Further Information + +* [tryGit - A fun interactive way to learn Git.](http://try.github.io/levels/1/challenges/1) + +* [Learn Git Branching - the most visual and interactive way to learn Git on the web](http://learngitbranching.js.org/) + +* [Udemy Git Tutorial: A Comprehensive Guide](https://blog.udemy.com/git-tutorial-a-comprehensive-guide/) + +* [Git Immersion - A Guided tour that walks through the fundamentals of git](http://gitimmersion.com/) + +* [git-scm - Video Tutorials](http://git-scm.com/videos) + +* [git-scm - Documentation](http://git-scm.com/docs) + +* [Atlassian Git - Tutorials & Workflows](https://www.atlassian.com/git/) + +* [SalesForce Cheat Sheet](http://res.cloudinary.com/hy4kyit2a/image/upload/SF_git_cheatsheet.pdf) + +* [GitGuys](http://www.gitguys.com/) + +* [Git - the simple guide](http://rogerdudler.github.io/git-guide/index.html) + +* [Pro Git](http://www.git-scm.com/book/en/v2) + +* [An introduction to Git and GitHub for Beginners (Tutorial)](http://product.hubspot.com/blog/git-and-github-tutorial-for-beginners) -- cgit v1.2.3 From d6468f27ea7abda52b9ed9fa4afa959c692aea3d Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 9 Jun 2017 14:07:58 +0200 Subject: tool name :) --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b03b04fb..f28abb68 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -1,6 +1,6 @@ --- category: tool -tool: git +tool: ansible contributors: - ["Jakub Muszynski" , "http://github.com/sirkubax"] filename: LearnAnsible.txt -- cgit v1.2.3 From cd21e6da04a5f9fcba49093984c03ffe6c0216dd Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 Aug 2017 21:44:20 +0200 Subject: add some lines --- ansible.html.markdown | 60 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 58 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index f28abb68..e074ed44 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -7,7 +7,7 @@ filename: LearnAnsible.txt --- Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -Ansible have great integration with multiple operating systems (even Windows using Power Shell) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) +Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) ## Main cons and pros @@ -15,10 +15,12 @@ Ansible have great integration with multiple operating systems (even Windows usi It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) +Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. ### Pros It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. +In some way you can use it as 'bash on steroids'. It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) @@ -30,12 +32,66 @@ Writing own modules and extension is fairly easy. ### Neutral Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. +## Basics on ansible + +Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. +In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. ## Ansible naming and basic concept ### Naming -### ansible (run module (task)) +#### Inventory +Inventory is a set of objects/hosts against which we are executing our playbooks +For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts_ + +#### Module - this is name for an logical program (usaly python) that consume proper JSON input and return proper output :) +This program perform certain task/action (like manage Amazon instances, execute shell command, any of your program). +Example: Module:shell - a module that executes shell command on a delegated host(s). +Example: Module:file - performs file operations (stat, link, dir, ...) + +##### Task +Execution of a single module is called a `task` + +Example of a Task run in CLI: +###### Run a ansible module + +ansible -m shell -a 'date; whoami' + +as a contrast - please note a module `command` that allows to execute a single command only + +ansible -m command -a 'date; whoami' # FAILURE + +ansible -m command -a 'date' +ansible -m command -a 'whoami' + +##### Playbook + +A list of tasks written in a file of proper structure is called a `playbook` +Playbook must have a list (or group) of hosts that is executed against, some task(s) or role(s) that are going to be executed, and multiple optional settings. + +Example of the playbook: + +``` +hosts: all + +tasks: + - name: "ping all" + ping: + - name: "execute a shell command" + shell: "date; whoami; df -h;" +``` + +### Basic ansible commands + +There are few binaries you should know + +`ansible` (to run modules in CLI) +`ansible-playbook` (to run playbooks) +`ansible-vault` (to manage secrets) +`ansible-galaxy` (to install roles from github/galaxy) +and other! ### ansible-playbook (run set of tasks) -- cgit v1.2.3 From bd05f751631d71d823a197cc5a506b05a60be849 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 Aug 2017 21:46:45 +0200 Subject: add some lines --- ansible.html.markdown | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index e074ed44..24821862 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -93,10 +93,15 @@ There are few binaries you should know `ansible-galaxy` (to install roles from github/galaxy) and other! -### ansible-playbook (run set of tasks) +### More on ansible concept ### ansible-roles (a 'template-playbooks in right structure') +There are tasks (modules) that can be run via CLI +The execution plans of multiple tasks (with variables and logic) are called playbooks. + +Fot parts of the code, that is reusable, a concept called `role` was introduced + ### ansible - variables lookup's -- cgit v1.2.3 From 3069c1b9451768369cee30ea22c3e150dafef294 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 Aug 2017 21:48:01 +0200 Subject: add some lines --- ansible.html.markdown | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 24821862..37c3e299 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -57,14 +57,18 @@ Execution of a single module is called a `task` Example of a Task run in CLI: ###### Run a ansible module +``` ansible -m shell -a 'date; whoami' +``` as a contrast - please note a module `command` that allows to execute a single command only +``` ansible -m command -a 'date; whoami' # FAILURE ansible -m command -a 'date' ansible -m command -a 'whoami' +``` ##### Playbook -- cgit v1.2.3 From dff02575a0a417e3d23802f4d115d52d1503232c Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 Aug 2017 21:55:44 +0200 Subject: add some lines --- ansible.html.markdown | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 37c3e299..c0de7ac0 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -38,6 +38,8 @@ Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. +But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! + ## Ansible naming and basic concept ### Naming @@ -104,7 +106,30 @@ and other! There are tasks (modules) that can be run via CLI The execution plans of multiple tasks (with variables and logic) are called playbooks. -Fot parts of the code, that is reusable, a concept called `role` was introduced +For parts of the code, that is reusable, a concept called `role` was introduced + +Role in a way is just a structured way to keep your set of tasks, your variables, handlers, default settings, and way more (meta, files, templates). +Rele allows to reuse the same parts of code in multiple plybooks (usually with some parametisation). +It is a great way to introduce `object oriented` management for your applications. + +Role can be included in your playbook (executed in your playbook). + + +``` +hosts: all + +tasks: + - name: "ping all" + ping: + - name: "execute a shell command" + shell: "date; whoami; df -h;" + +role: + - some_role + +pre_tasks: + - name: some pre-task + shell: echo 'this task is the last, but would be executed before roles, and before tasks' ### ansible - variables lookup's -- cgit v1.2.3 From fa55726a683cf5bdee1d5e262f60df9042db3db6 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 6 Sep 2017 23:20:52 +0200 Subject: continue description --- ansible.html.markdown | 136 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 87 insertions(+), 49 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index c0de7ac0..3234fe5c 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -7,38 +7,11 @@ filename: LearnAnsible.txt --- Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) - -## Main cons and pros - -### Cons - -It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. -It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) -Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. - -### Pros +'You can think as simple as writing in bash with python API :) +Of course the rabit hole is way deeper.' -It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. -In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' -I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! -It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) -Documentation is at the world-class standard! -The comunity (github, stackOverflow) would help you very fast. -Writing own modules and extension is fairly easy. - - -### Neutral -Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. - -## Basics on ansible - -Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). -On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. +Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) -But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! ## Ansible naming and basic concept @@ -56,42 +29,54 @@ Example: Module:file - performs file operations (stat, link, dir, ...) ##### Task Execution of a single module is called a `task` +The simplest module is called `ping`. +Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. + Example of a Task run in CLI: ###### Run a ansible module -``` -ansible -m shell -a 'date; whoami' +```bash +$ ansible -m ping hostname_or_a_group_name +$ ansible -m shell -a 'date; whoami' hostname_or_a_group_name ``` -as a contrast - please note a module `command` that allows to execute a single command only +another module - `command` that allows to execute a single command only with a simple shell #JM +We should also mention a module `raw` -``` -ansible -m command -a 'date; whoami' # FAILURE +```bash +$ ansible -m command -a 'date; whoami' # FAILURE -ansible -m command -a 'date' -ansible -m command -a 'whoami' +$ ansible -m command -a 'date' +$ ansible -m command -a 'whoami' ``` ##### Playbook -A list of tasks written in a file of proper structure is called a `playbook` -Playbook must have a list (or group) of hosts that is executed against, some task(s) or role(s) that are going to be executed, and multiple optional settings. +A common way to execute tasks is called `playbook`. +You have to define a list (or group) of hosts that is executed against, some `task(s)` or `role(s)` that are going to be executed. There are also multiple optional settings (like default variables, and way more). + +You can think that it is very advanced CLI script that you are executing. Example of the playbook: -``` +```yml hosts: all tasks: - - name: "ping all" - ping: - - name: "execute a shell command" - shell: "date; whoami; df -h;" + - name: "ping all" + ping: + - name: "execute a shell command" + shell: "date; whoami; df -h;" +``` + +You can execute a playbook with a command: +```bash +$ ansible-playbook path/name_of_the_playbook.yml ``` ### Basic ansible commands -There are few binaries you should know +There are few commands you should know about `ansible` (to run modules in CLI) `ansible-playbook` (to run playbooks) @@ -106,16 +91,16 @@ and other! There are tasks (modules) that can be run via CLI The execution plans of multiple tasks (with variables and logic) are called playbooks. -For parts of the code, that is reusable, a concept called `role` was introduced +For parts of the code, that should be reusable, a concept called `role` was introduced -Role in a way is just a structured way to keep your set of tasks, your variables, handlers, default settings, and way more (meta, files, templates). -Rele allows to reuse the same parts of code in multiple plybooks (usually with some parametisation). +Role is a structured way to keep your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). +Role allows to reuse the same parts of code in multiple plybooks (you can parametrize this). It is a great way to introduce `object oriented` management for your applications. Role can be included in your playbook (executed in your playbook). -``` +```yml hosts: all tasks: @@ -126,10 +111,28 @@ tasks: role: - some_role + - { role: another_role, some_variable: 'learnxiny', tags: ['my_tag'] } pre_tasks: - name: some pre-task shell: echo 'this task is the last, but would be executed before roles, and before tasks' +``` + +``` +roles/ + some_role/ + defaults/ + files/ + templates/ + tasks/ + handlers/ + vars/ + meta/ +``` + +#### Role Handlers +Handlers are a task that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. +It is a best way to restart a service, check if application port is open, etc. ### ansible - variables lookup's @@ -174,6 +177,41 @@ tags meta no_logs + +## Main cons and pros + +### Cons + +It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. +It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) +Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. + +### Pros + +It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. +In some way you can use it as 'bash on steroids'. +It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! +It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) +Documentation is at the world-class standard! +The comunity (github, stackOverflow) would help you very fast. +Writing own modules and extension is fairly easy. + + +### Neutral +Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. + +## Basics on ansible + +Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. +In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. + +But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! + + + + --- Github template placeholder - to be removed -- cgit v1.2.3 From 32b2f01d3652274f27dee4cf3d5957ac6aa7e95b Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 6 Sep 2017 23:34:29 +0200 Subject: continue --- ansible.html.markdown | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 3234fe5c..c1cddd35 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -54,6 +54,7 @@ $ ansible -m command -a 'whoami' A common way to execute tasks is called `playbook`. You have to define a list (or group) of hosts that is executed against, some `task(s)` or `role(s)` that are going to be executed. There are also multiple optional settings (like default variables, and way more). +Playbook script language is YAML You can think that it is very advanced CLI script that you are executing. @@ -118,6 +119,7 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` +Role directory structure: ``` roles/ some_role/ -- cgit v1.2.3 From 60ae84cf4123473a5685de21d1f1e5b09b52aaa5 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 6 Sep 2017 23:40:18 +0200 Subject: continue --- ansible.html.markdown | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index c1cddd35..cd619cc3 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -15,7 +15,15 @@ Ansible have great integration with multiple operating systems (even Windows) an ## Ansible naming and basic concept -### Naming +### Basic ansible commands + +There are few commands you should know about + +`ansible` (to run modules in CLI) +`ansible-playbook` (to run playbooks) +`ansible-vault` (to manage secrets) +`ansible-galaxy` (to install roles from github/galaxy) +and other! #### Inventory Inventory is a set of objects/hosts against which we are executing our playbooks @@ -23,6 +31,7 @@ For this few minutes, lets asume that we are using default ansible inventory (wh #### Module - this is name for an logical program (usaly python) that consume proper JSON input and return proper output :) This program perform certain task/action (like manage Amazon instances, execute shell command, any of your program). +The simplest module is called `ping` - it just returns a JSON with `pong` message and ansible variables. Example: Module:shell - a module that executes shell command on a delegated host(s). Example: Module:file - performs file operations (stat, link, dir, ...) @@ -75,17 +84,7 @@ You can execute a playbook with a command: $ ansible-playbook path/name_of_the_playbook.yml ``` -### Basic ansible commands - -There are few commands you should know about - -`ansible` (to run modules in CLI) -`ansible-playbook` (to run playbooks) -`ansible-vault` (to manage secrets) -`ansible-galaxy` (to install roles from github/galaxy) -and other! - -### More on ansible concept +## More on ansible concept ### ansible-roles (a 'template-playbooks in right structure') @@ -163,6 +162,8 @@ virtualenv ### create env in AWS +### Naming + ## Bonus ### writing own module -- cgit v1.2.3 From 4076cc53c0fcb1f8b85a71e0e395407ab43a05ab Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:21:42 +0200 Subject: change the concept of paragraphs --- ansible.html.markdown | 109 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 77 insertions(+), 32 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index cd619cc3..2eb6df2e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -6,17 +6,38 @@ contributors: filename: LearnAnsible.txt --- -Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -'You can think as simple as writing in bash with python API :) -Of course the rabit hole is way deeper.' +```yaml +--- +Ansible - the easiest orchestration tool -Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) +Why Ansible and Intro - in the second part of document +``` -## Ansible naming and basic concept +## Installation +```bash +# Universal way +$ pip install ansible -### Basic ansible commands +# Debian, Ubuntu +$ apt-get install ansible +``` +* Appendix A - How do I install ansible +[Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) + +### Basic ansible commands (shell execution) +```bash +# This command ping the localhost (defined in default inventory /etc/ansible/hosts) + +$ ansible -m ping localhost +localhost | SUCCESS => { + "changed": false, + "ping": "pong" +} + +``` +### Commands There are few commands you should know about `ansible` (to run modules in CLI) @@ -25,16 +46,37 @@ There are few commands you should know about `ansible-galaxy` (to install roles from github/galaxy) and other! +```bash +$ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name +``` + +The module `command` allows to execute a single command. It will not be processed through the shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work. Use shell :) +We should also mention a module `raw` that sometimes can save the day. + +```bash +$ ansible -m command -a 'date; whoami' # FAILURE + +$ ansible -m command -a 'date' +$ ansible -m command -a 'whoami' +``` + + +#### Module - program (usaly python) that execute, do some work and return proper output :) +This program perform specialized task/action (like manage instances in the cloud, execute shell command). +The simplest module is called `ping` - it just returns a JSON with `pong` message. + +Example of modules: +Module: `shell` - a module that executes shell command on a specified host(s). +Module: `file` - performs file operations (stat, link, dir, ...) + + +```yaml +``` + #### Inventory Inventory is a set of objects/hosts against which we are executing our playbooks For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts_ -#### Module - this is name for an logical program (usaly python) that consume proper JSON input and return proper output :) -This program perform certain task/action (like manage Amazon instances, execute shell command, any of your program). -The simplest module is called `ping` - it just returns a JSON with `pong` message and ansible variables. -Example: Module:shell - a module that executes shell command on a delegated host(s). -Example: Module:file - performs file operations (stat, link, dir, ...) - ##### Task Execution of a single module is called a `task` @@ -44,30 +86,22 @@ Another example of the module that allow you to execute command remotly on multi Example of a Task run in CLI: ###### Run a ansible module -```bash -$ ansible -m ping hostname_or_a_group_name -$ ansible -m shell -a 'date; whoami' hostname_or_a_group_name -``` - -another module - `command` that allows to execute a single command only with a simple shell #JM -We should also mention a module `raw` - -```bash -$ ansible -m command -a 'date; whoami' # FAILURE - -$ ansible -m command -a 'date' -$ ansible -m command -a 'whoami' -``` ##### Playbook - -A common way to execute tasks is called `playbook`. -You have to define a list (or group) of hosts that is executed against, some `task(s)` or `role(s)` that are going to be executed. There are also multiple optional settings (like default variables, and way more). +Execution plan written in a form of script file(s) is called `playbook`. +Playbook consist of multiple elements +* a list (or group) of hosts that 'the play' is executed against +* `task(s)` or `role(s)` that are going to be executed +* multiple optional settings (like default variables, and way more) Playbook script language is YAML -You can think that it is very advanced CLI script that you are executing. +You can think that playbook is very advanced CLI script that you are executing. + -Example of the playbook: +##### Example of the playbook: +This playbook would execute (on all hosts defined in the inventory) two tasks +*`ping` that would return message *pong* +* `shell` that execute three commands and return the output to our terminal ```yml hosts: all @@ -83,7 +117,7 @@ You can execute a playbook with a command: ```bash $ ansible-playbook path/name_of_the_playbook.yml ``` - +It is also possible to become a user other than root using --become-user: ## More on ansible concept ### ansible-roles (a 'template-playbooks in right structure') @@ -138,6 +172,9 @@ It is a best way to restart a service, check if application port is open, etc. ### ansible - variables lookup's +#### templates +JINJA2 + ### ansible-vault ### inventory @@ -180,6 +217,14 @@ tags meta no_logs +## Introduction +Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. +'You can think as simple as writing in bash with python API :) +Of course the rabit hole is way deeper.' + +Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) + + ## Main cons and pros -- cgit v1.2.3 From c7fbf44dd595d621fb1140d58e53c34be7494a20 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:23:09 +0200 Subject: test markdown --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 2eb6df2e..36d95532 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -8,7 +8,7 @@ filename: LearnAnsible.txt ```yaml --- -Ansible - the easiest orchestration tool +Ansible: 'the easiest orchestration tool' Why Ansible and Intro - in the second part of document -- cgit v1.2.3 From fdb26e4870ee45f9edb1e9df7abce7bf9edac878 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:24:22 +0200 Subject: test markdown --- ansible.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 36d95532..94fa20a0 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -8,9 +8,9 @@ filename: LearnAnsible.txt ```yaml --- -Ansible: 'the easiest orchestration tool' +Ansible: "the easiest orchestration tool" -Why Ansible and Intro - in the second part of document +"{{ Why Ansible and Intro }}" in the second part of document ``` -- cgit v1.2.3 From 6ba6076dea7bf3b6633cdb8e0005362f4619deaa Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:25:47 +0200 Subject: test markdown --- ansible.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 94fa20a0..b8d7eb70 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -6,10 +6,10 @@ contributors: filename: LearnAnsible.txt --- +## Ansible: the easiest orchestration tool + ```yaml --- -Ansible: "the easiest orchestration tool" - "{{ Why Ansible and Intro }}" in the second part of document ``` -- cgit v1.2.3 From 0601badf4f6557ead604e693a273726c282fce46 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:27:32 +0200 Subject: test markdown --- ansible.html.markdown | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b8d7eb70..12aefe5f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -24,17 +24,16 @@ $ apt-get install ansible ``` * Appendix A - How do I install ansible -[Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) +* [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) ### Basic ansible commands (shell execution) ```bash # This command ping the localhost (defined in default inventory /etc/ansible/hosts) - $ ansible -m ping localhost -localhost | SUCCESS => { +localhost | SUCCESS => { "changed": false, "ping": "pong" -} +} ``` ### Commands -- cgit v1.2.3 From 6ade03b92abfdc30917aa0f5188e7a0ed9a70ca9 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:29:12 +0200 Subject: test markdown --- ansible.html.markdown | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 12aefe5f..4409422b 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -39,10 +39,10 @@ localhost | SUCCESS => { ### Commands There are few commands you should know about -`ansible` (to run modules in CLI) -`ansible-playbook` (to run playbooks) -`ansible-vault` (to manage secrets) -`ansible-galaxy` (to install roles from github/galaxy) +* `ansible` (to run modules in CLI) +* `ansible-playbook` (to run playbooks) +* `ansible-vault` (to manage secrets) +* `ansible-galaxy` (to install roles from github/galaxy) and other! ```bash @@ -50,6 +50,7 @@ $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` The module `command` allows to execute a single command. It will not be processed through the shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work. Use shell :) + We should also mention a module `raw` that sometimes can save the day. ```bash -- cgit v1.2.3 From e7e43b01e66c158053acfd00d5317743f137abb4 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:30:27 +0200 Subject: test markdown --- ansible.html.markdown | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 4409422b..9408db18 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -43,7 +43,9 @@ There are few commands you should know about * `ansible-playbook` (to run playbooks) * `ansible-vault` (to manage secrets) * `ansible-galaxy` (to install roles from github/galaxy) -and other! +* and other! + +Example of usage - `shell` ```bash $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name -- cgit v1.2.3 From 688f9b686f70c7a0763e7e0e550b18f12bc1b7fb Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:41:27 +0200 Subject: test markdown --- ansible.html.markdown | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 9408db18..fff85563 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -45,15 +45,24 @@ There are few commands you should know about * `ansible-galaxy` (to install roles from github/galaxy) * and other! -Example of usage - `shell` + +#### Module - program (usaly python) that execute, do some work and return proper output :) +This program perform specialized task/action (like manage instances in the cloud, execute shell command). +The simplest module is called `ping` - it just returns a JSON with `pong` message. + +Example of modules: +* Module: `ping` - the simplest module that is usefull to verify host connectivity +* Module: `shell` - a module that executes shell command on a specified host(s). + +Example of usage - `ping`, `shell` ```bash +$ ansible -m ping $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` -The module `command` allows to execute a single command. It will not be processed through the shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work. Use shell :) +* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME will not work -We should also mention a module `raw` that sometimes can save the day. ```bash $ ansible -m command -a 'date; whoami' # FAILURE @@ -62,14 +71,8 @@ $ ansible -m command -a 'date' $ ansible -m command -a 'whoami' ``` - -#### Module - program (usaly python) that execute, do some work and return proper output :) -This program perform specialized task/action (like manage instances in the cloud, execute shell command). -The simplest module is called `ping` - it just returns a JSON with `pong` message. - -Example of modules: -Module: `shell` - a module that executes shell command on a specified host(s). -Module: `file` - performs file operations (stat, link, dir, ...) +* Module: `file` - performs file operations (stat, link, dir, ...) +* Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) ```yaml -- cgit v1.2.3 From 2baed7cd96532f90ec7619e828e58a0115b34f20 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:42:18 +0200 Subject: test markdown --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index fff85563..389eaaa1 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -46,7 +46,8 @@ There are few commands you should know about * and other! -#### Module - program (usaly python) that execute, do some work and return proper output :) +#### Module +*program (usaly python) that execute, do some work and return proper output :)* This program perform specialized task/action (like manage instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. -- cgit v1.2.3 From 6f0799d6078c117a59da7cc2ada0cee583d6db56 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:42:43 +0200 Subject: test markdown --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 389eaaa1..5fc103b7 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -47,7 +47,8 @@ There are few commands you should know about #### Module -*program (usaly python) that execute, do some work and return proper output :)* +_*program (usaly python) that execute, do some work and return proper output :)*_ + This program perform specialized task/action (like manage instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. -- cgit v1.2.3 From 7ba7ab471e340803e078a6cae0e24c7615dde0a2 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:43:50 +0200 Subject: test markdown --- ansible.html.markdown | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 5fc103b7..ea7bb47a 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -47,9 +47,10 @@ There are few commands you should know about #### Module -_*program (usaly python) that execute, do some work and return proper output :)*_ +_*program (usaly python) that execute, do some work and return proper JSON output :)*_ + +This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). -This program perform specialized task/action (like manage instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. Example of modules: -- cgit v1.2.3 From 8a1139dee670362ab4186cb9866d746f36d2d7e4 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:48:55 +0200 Subject: test markdown --- ansible.html.markdown | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ea7bb47a..13afeb3b 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -26,7 +26,7 @@ $ apt-get install ansible * Appendix A - How do I install ansible * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) -### Basic ansible commands (shell execution) +### Your first ansible command (shell execution) ```bash # This command ping the localhost (defined in default inventory /etc/ansible/hosts) $ ansible -m ping localhost @@ -36,7 +36,7 @@ localhost | SUCCESS => { } ``` -### Commands +### Shell Commands There are few commands you should know about * `ansible` (to run modules in CLI) @@ -45,8 +45,7 @@ There are few commands you should know about * `ansible-galaxy` (to install roles from github/galaxy) * and other! - -#### Module +### Module _*program (usaly python) that execute, do some work and return proper JSON output :)*_ This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). @@ -57,7 +56,7 @@ Example of modules: * Module: `ping` - the simplest module that is usefull to verify host connectivity * Module: `shell` - a module that executes shell command on a specified host(s). -Example of usage - `ping`, `shell` +Example of execution - `ping`, `shell` ```bash $ ansible -m ping -- cgit v1.2.3 From 7abd3b5017df4c698b8bd33a6e472483decf73a2 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 22:49:43 +0200 Subject: test markdown --- ansible.html.markdown | 1 + 1 file changed, 1 insertion(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 13afeb3b..6ef7bab7 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -30,6 +30,7 @@ $ apt-get install ansible ```bash # This command ping the localhost (defined in default inventory /etc/ansible/hosts) $ ansible -m ping localhost +# you should see this output localhost | SUCCESS => { "changed": false, "ping": "pong" -- cgit v1.2.3 From 21fb697b8899ea62bf83f11928d6f91c98c62ad1 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 22 Sep 2017 23:00:10 +0200 Subject: test markdown --- ansible.html.markdown | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 6ef7bab7..72a91a5c 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -47,7 +47,7 @@ There are few commands you should know about * and other! ### Module -_*program (usaly python) that execute, do some work and return proper JSON output :)*_ +_*program (usally python) that execute, do some work and return proper JSON output :)*_ This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). @@ -64,7 +64,7 @@ $ ansible -m ping $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` -* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME will not work +* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` will not work ```bash @@ -72,6 +72,7 @@ $ ansible -m command -a 'date; whoami' # FAILURE $ ansible -m command -a 'date' $ ansible -m command -a 'whoami' +$ ansible -m command -a 'echo $HOME' ``` * Module: `file` - performs file operations (stat, link, dir, ...) -- cgit v1.2.3 From 7b6f0757c23b2339692c9194e4e5c95614b145f1 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:43:25 +0200 Subject: test markdown --- ansible.html.markdown | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 72a91a5c..255715bd 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -64,7 +64,7 @@ $ ansible -m ping $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` -* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` will not work +* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` `;` will not work ```bash @@ -79,17 +79,27 @@ $ ansible -m command -a 'echo $HOME' * Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) -```yaml -``` +### Ansible - naming and basic concept #### Inventory -Inventory is a set of objects/hosts against which we are executing our playbooks -For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts_ +Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands +For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) -##### Task +`/etc/ansible/hosts` +``` +localhost + +[some_group] +hostA.mydomain.com +hostB.localdomain +``` +* [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) + +#### Task Execution of a single module is called a `task` -The simplest module is called `ping`. +The simplest module is called `ping` as you could see above + Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. Example of a Task run in CLI: @@ -180,6 +190,8 @@ It is a best way to restart a service, check if application port is open, etc. ### ansible - variables lookup's +```yaml +``` #### templates JINJA2 -- cgit v1.2.3 From 69c40ee1a2659ba9f150e04adb2822d66f18570f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:50:05 +0200 Subject: test markdown --- ansible.html.markdown | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 255715bd..a09c8b34 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -79,7 +79,7 @@ $ ansible -m command -a 'echo $HOME' * Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) -### Ansible - naming and basic concept +### Ansible - naming and quick intro #### Inventory Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands @@ -96,11 +96,10 @@ hostB.localdomain * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) #### Task -Execution of a single module is called a `task` +Execution of a single Ansible **module** is called a **task** -The simplest module is called `ping` as you could see above - -Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. + The simplest module is called `ping` as you could see above + Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. Example of a Task run in CLI: ###### Run a ansible module -- cgit v1.2.3 From e946c383fde705d20aa3342c372cc8ad22793d90 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:52:10 +0200 Subject: test markdown --- ansible.html.markdown | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index a09c8b34..02ee8694 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -106,12 +106,14 @@ Example of a Task run in CLI: ##### Playbook -Execution plan written in a form of script file(s) is called `playbook`. +Execution plan written in a form of script file(s) is called `playbook`.-- + Playbook consist of multiple elements * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed * multiple optional settings (like default variables, and way more) -Playbook script language is YAML +Playbook script language is YAML-- + You can think that playbook is very advanced CLI script that you are executing. -- cgit v1.2.3 From a6ea9118be2fe266ea89661b360707294b854725 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:53:10 +0200 Subject: test markdown --- ansible.html.markdown | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 02ee8694..44bce5b0 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -99,6 +99,7 @@ hostB.localdomain Execution of a single Ansible **module** is called a **task** The simplest module is called `ping` as you could see above + Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. Example of a Task run in CLI: @@ -106,14 +107,12 @@ Example of a Task run in CLI: ##### Playbook -Execution plan written in a form of script file(s) is called `playbook`.-- - +Execution plan written in a form of script file(s) is called `playbook`. Playbook consist of multiple elements * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed * multiple optional settings (like default variables, and way more) -Playbook script language is YAML-- - +Playbook script language is YAML You can think that playbook is very advanced CLI script that you are executing. -- cgit v1.2.3 From a5bec9b8efecbbda3415289325db37c911a0969e Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:54:26 +0200 Subject: test markdown --- ansible.html.markdown | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 44bce5b0..1e3fc138 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -96,10 +96,9 @@ hostB.localdomain * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) #### Task -Execution of a single Ansible **module** is called a **task** + Execution of a single Ansible **module** is called a **task** The simplest module is called `ping` as you could see above - Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. Example of a Task run in CLI: -- cgit v1.2.3 From eaf3e9c46154842509e58bdcadb1a863178bb976 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:56:13 +0200 Subject: test markdown --- ansible.html.markdown | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 1e3fc138..744f6394 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -98,11 +98,8 @@ hostB.localdomain #### Task Execution of a single Ansible **module** is called a **task** - The simplest module is called `ping` as you could see above - Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. - -Example of a Task run in CLI: -###### Run a ansible module + The simplest module is called `ping` as you could see above + Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. ##### Playbook -- cgit v1.2.3 From 656516a2b9c0951779b2450de24f46e8effad81c Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 23 Sep 2017 11:56:50 +0200 Subject: test markdown --- ansible.html.markdown | 1 + 1 file changed, 1 insertion(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 744f6394..27a467cc 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -99,6 +99,7 @@ hostB.localdomain Execution of a single Ansible **module** is called a **task** The simplest module is called `ping` as you could see above + Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. -- cgit v1.2.3 From 27c3e82f12f40c75bdd08e97aead14048a080505 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 16:47:10 +0200 Subject: test markdown --- ansible.html.markdown | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 27a467cc..14565057 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -79,9 +79,9 @@ $ ansible -m command -a 'echo $HOME' * Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) -### Ansible - naming and quick intro +## Ansible - naming and quick intro -#### Inventory +### Inventory Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) @@ -95,15 +95,15 @@ hostB.localdomain ``` * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) -#### Task +### Task Execution of a single Ansible **module** is called a **task** The simplest module is called `ping` as you could see above - Another example of the module that allow you to execute command remotly on multiple resources is called shell. It is the same as you would execute command remotely over ssh. + Another example of the module that allow you to execute command remotly on multiple resources is called `shell`. See above how you were using them already. -##### Playbook +### Playbook Execution plan written in a form of script file(s) is called `playbook`. Playbook consist of multiple elements * a list (or group) of hosts that 'the play' is executed against @@ -114,7 +114,7 @@ Playbook script language is YAML You can think that playbook is very advanced CLI script that you are executing. -##### Example of the playbook: +#### Example of the playbook: This playbook would execute (on all hosts defined in the inventory) two tasks *`ping` that would return message *pong* * `shell` that execute three commands and return the output to our terminal -- cgit v1.2.3 From bb3e71c52957561c425999a542c0fb9f47a3c4f7 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 17:00:23 +0200 Subject: test markdown --- ansible.html.markdown | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 14565057..b5de971c 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -10,7 +10,7 @@ filename: LearnAnsible.txt ```yaml --- -"{{ Why Ansible and Intro }}" in the second part of document +"{{ Why Ansible and detailed Intro }}" written in the second part of document ``` @@ -60,19 +60,19 @@ Example of modules: Example of execution - `ping`, `shell` ```bash -$ ansible -m ping +$ ansible -m ping all $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` * Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` `;` will not work +#JM ```bash $ ansible -m command -a 'date; whoami' # FAILURE -$ ansible -m command -a 'date' -$ ansible -m command -a 'whoami' -$ ansible -m command -a 'echo $HOME' +$ ansible -m command -a 'date' all +$ ansible -m command -a 'whoami' all ``` * Module: `file` - performs file operations (stat, link, dir, ...) @@ -92,6 +92,11 @@ localhost [some_group] hostA.mydomain.com hostB.localdomain + +[a_group_of_a_groups:children] +some_group +some_other_group + ``` * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) @@ -104,7 +109,7 @@ hostB.localdomain ### Playbook -Execution plan written in a form of script file(s) is called `playbook`. +**Execution plan** written in a form of script file(s) is called `playbook`. Playbook consist of multiple elements * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed @@ -116,7 +121,7 @@ You can think that playbook is very advanced CLI script that you are executing. #### Example of the playbook: This playbook would execute (on all hosts defined in the inventory) two tasks -*`ping` that would return message *pong* +* `ping` that would return message *pong* * `shell` that execute three commands and return the output to our terminal ```yml -- cgit v1.2.3 From c62c527f82cd6addd38fec966efed5390bf15bdc Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 17:06:17 +0200 Subject: test markdown --- ansible.html.markdown | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b5de971c..2b997340 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -109,18 +109,19 @@ some_other_group ### Playbook -**Execution plan** written in a form of script file(s) is called `playbook`. +**Execution plan** written in a form of script file(s) is called **playbook**. Playbook consist of multiple elements * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed * multiple optional settings (like default variables, and way more) -Playbook script language is YAML + +Playbook script language is YAML. You can think that playbook is very advanced CLI script that you are executing. #### Example of the playbook: -This playbook would execute (on all hosts defined in the inventory) two tasks +This example-playbook would execute (on all hosts defined in the inventory) two tasks: * `ping` that would return message *pong* * `shell` that execute three commands and return the output to our terminal @@ -134,11 +135,10 @@ tasks: shell: "date; whoami; df -h;" ``` -You can execute a playbook with a command: +You can run the playbook with the command: ```bash $ ansible-playbook path/name_of_the_playbook.yml ``` -It is also possible to become a user other than root using --become-user: ## More on ansible concept ### ansible-roles (a 'template-playbooks in right structure') @@ -232,6 +232,7 @@ virtualenv ### Web-UI: Ansible Tower, Jenkins, Rundeck +#become-user, become ### Tips and tricks AND,XOR -- cgit v1.2.3 From cbc9b5b2a5af550926f3232458432984951b5b53 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 17:52:48 +0200 Subject: test markdown --- ansible.html.markdown | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 2b997340..460faf82 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -139,20 +139,20 @@ You can run the playbook with the command: ```bash $ ansible-playbook path/name_of_the_playbook.yml ``` -## More on ansible concept +### More on ansible concept -### ansible-roles (a 'template-playbooks in right structure') +#### ansible-roles (a 'template-playbooks' with right structure) -There are tasks (modules) that can be run via CLI +You already know the tasks (modules) that can be run via CLI The execution plans of multiple tasks (with variables and logic) are called playbooks. -For parts of the code, that should be reusable, a concept called `role` was introduced +A concept called `role` was introduced for parts of the code that should be reusable. -Role is a structured way to keep your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). -Role allows to reuse the same parts of code in multiple plybooks (you can parametrize this). +**Role** is a structured way to manage your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). +Role allows to reuse the same parts of code in multiple plybooks (you can parametrize the role 'further' during it's execution). It is a great way to introduce `object oriented` management for your applications. -Role can be included in your playbook (executed in your playbook). +Role can be included in your playbook (executed via your playbook). ```yml @@ -173,6 +173,16 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` +Example-role + +We would clone the ready-to-use examples from additional repository +```bash +$ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git +$ cd ansible-for-learnXinYminutes +$ source environment +$(venv) ansible-playbook playbooks/role_example.yml +``` + Role directory structure: ``` roles/ -- cgit v1.2.3 From 04a88249c9ee8f1e611d67b782267289208ab310 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 17:53:42 +0200 Subject: test markdown --- ansible.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 460faf82..1f04b520 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -143,8 +143,8 @@ $ ansible-playbook path/name_of_the_playbook.yml #### ansible-roles (a 'template-playbooks' with right structure) -You already know the tasks (modules) that can be run via CLI -The execution plans of multiple tasks (with variables and logic) are called playbooks. + You already know the tasks (modules) that can be run via CLI. + The execution plans of multiple tasks (with variables and logic) are called playbooks. A concept called `role` was introduced for parts of the code that should be reusable. -- cgit v1.2.3 From da0ca8fcbda3b035fa725e7746c9ee4f084b08cc Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 18:11:20 +0200 Subject: test markdown --- ansible.html.markdown | 64 ++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 18 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 1f04b520..25a38283 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -1,4 +1,4 @@ ---- +o-- category: tool tool: ansible contributors: @@ -143,10 +143,9 @@ $ ansible-playbook path/name_of_the_playbook.yml #### ansible-roles (a 'template-playbooks' with right structure) - You already know the tasks (modules) that can be run via CLI. - The execution plans of multiple tasks (with variables and logic) are called playbooks. + You already know the tasks (modules) that can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). -A concept called `role` was introduced for parts of the code that should be reusable. +A concept called `role` was introduced for parts of the code (playbooks) that should be reusable. **Role** is a structured way to manage your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). Role allows to reuse the same parts of code in multiple plybooks (you can parametrize the role 'further' during it's execution). @@ -173,7 +172,7 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` -Example-role +Example->role We would clone the ready-to-use examples from additional repository ```bash @@ -183,30 +182,59 @@ $ source environment $(venv) ansible-playbook playbooks/role_example.yml ``` -Role directory structure: +#### Role directory structure: ``` roles/ some_role/ - defaults/ - files/ - templates/ - tasks/ - handlers/ - vars/ - meta/ + defaults/ # contains default variables + files/ # for static files + templates/ # for jinja templates + tasks/ # tasks + handlers/ # handlers + vars/ # more variables (higher priority) + meta/ # meta - package (role) info ``` #### Role Handlers -Handlers are a task that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. -It is a best way to restart a service, check if application port is open, etc. +Handlers are a tasks that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. +It is a best way to restart a service, check if application port is active (successfull deployment criteria), etc. ### ansible - variables -lookup's + +Ansible is flexible - it has 21 levels of variable precedence + +[read more] + +For now you might like to know, that CLI variables has the top priority. + +You should also know, that a nice way to pool some data is a **lookup** + +##### Lookups + +* pipe +* file +* stream +* etcd + +You can use them in CLI too ```yaml +ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" + ``` -#### templates -JINJA2 +#### Templates + +Template is a powerfull way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. + +```jinja2 +Some static content + +{{ a_variable }} + +{% for item in loop_items %} + this line item is {{ item }} +{% endfor %} +``` ### ansible-vault -- cgit v1.2.3 From 05892ff7ddd69e5f01e9da6d9d602dd318d0485e Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 18:34:38 +0200 Subject: test markdown --- ansible.html.markdown | 63 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 57 insertions(+), 6 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 25a38283..cadf6301 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -1,4 +1,8 @@ -o-- +# JM inventory dynamic aws ec2 +# vault +# roles + +--- category: tool tool: ansible contributors: @@ -218,7 +222,7 @@ You should also know, that a nice way to pool some data is a **lookup** You can use them in CLI too ```yaml -ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" +ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" localhost ``` @@ -235,16 +239,63 @@ Some static content this line item is {{ item }} {% endfor %} ``` +Jinja may have some limitations, but it is a powerfull tool that you might like. -### ansible-vault - -### inventory +#### Jinja2 CLI +You can use the jinja in the CLI too +```bash +ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost +``` -### dynamic inventory ### Jinja2 and templates jinja filters + +#### ansible-vault +To maintain **ifrastructure as a code** you need to store secrets. + Ansible provides a way to encrypt the poufne files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. + +The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime. + +```bash +$ echo some_very_very_long_secret > ~/.ssh/secure_located_file + +$ vi ansible.cfg + ansible_vault_password_file = ~/.ssh/secure_located_file + +#or to use env +export ANSIBLE_VAULT_PASSWORD_FILE=~/.ssh/secure_located_file + +$ ansible-playbook playbooks/vault_example.yml + + # decrypt the file +$ ansible-vault encrypt path/somefile + + # view the file +$ ansible-vault view path/somefile + + # check the file content: +$ cat path/somefile + + # decrypt the file +$ ansible-vault decrypt path/somefile +``` + +#### dynamic inventory +You might like to know, that you can build your inventory dynamically. + +(For Ansible) inventory is just a JSON with proper structure - if you can deliver that to ansible - anything is possible. + +You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecaseses. + +```bash +$ etc/inv/ec2.py --refresh + +$ ansible -m ping all -i etc/inv/ec2.py +``` + + ### ansible profiling - callback ### facts-cache and ansible-cmdb -- cgit v1.2.3 From 3c7153633842717cb9de7a96f5cd3da5982ffe50 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Wed, 27 Sep 2017 23:57:45 +0200 Subject: test markdown --- ansible.html.markdown | 713 +++++++++----------------------------------------- 1 file changed, 119 insertions(+), 594 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index cadf6301..0023a718 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -1,7 +1,3 @@ -# JM inventory dynamic aws ec2 -# vault -# roles - --- category: tool tool: ansible @@ -247,10 +243,14 @@ You can use the jinja in the CLI too ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost ``` - -### Jinja2 and templates -jinja filters - +### Jinja2 filters +Junja is powerfull. It has built-in many usefull functions. +```jinja +# get first item of the list +{{ some_list | first() }} +# if variable is undefined - use default value +{{ some_variable | default('default_value') }} +``` #### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. @@ -295,655 +295,180 @@ $ etc/inv/ec2.py --refresh $ ansible -m ping all -i etc/inv/ec2.py ``` +#### ansible profiling - callback +It is ok that your playbook executes some time. Sometimes you may like to speed things up :) -### ansible profiling - callback - -### facts-cache and ansible-cmdb - -### debugging ansible - -### Infrastructure as a code - what about Ansible -virtualenv - -### ansible - dynamic in AWS - -### create instance in AWS - -### create env in AWS - -### Naming - -## Bonus - -### writing own module - -### Python API - -### Web-UI: Ansible Tower, Jenkins, Rundeck - -#become-user, become - -### Tips and tricks -AND,XOR ---check --diff -tags -meta -no_logs - -## Introduction -Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -'You can think as simple as writing in bash with python API :) -Of course the rabit hole is way deeper.' - -Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) - - - -## Main cons and pros - -### Cons - -It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. -It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) -Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. - -### Pros - -It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. -In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' -I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! -It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) -Documentation is at the world-class standard! -The comunity (github, stackOverflow) would help you very fast. -Writing own modules and extension is fairly easy. - - -### Neutral -Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. - -## Basics on ansible - -Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). -On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. - -But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! - - - - ---- -Github template placeholder - to be removed - -### Centralized Versioning VS Distributed Versioning - -* Centralized version control focuses on synchronizing, tracking, and backing -up files. -* Distributed version control focuses on sharing changes. Every change has a -unique id. -* Distributed systems have no defined structure. You could easily have a SVN -style, centralized system, with git. - -[Additional Information](http://git-scm.com/book/en/Getting-Started-About-Version-Control) - -### Why Use Git? - -* Can work offline. -* Collaborating with others is easy! -* Branching is easy! -* Branching is fast! -* Merging is easy! -* Git is fast. -* Git is flexible. - -## Git Architecture - -### Repository - -A set of files, directories, historical records, commits, and heads. Imagine it -as a source code data structure, with the attribute that each source code -"element" gives you access to its revision history, among other things. - -A git repository is comprised of the .git directory & working tree. - -### .git Directory (component of repository) - -The .git directory contains all the configurations, logs, branches, HEAD, and -more. -[Detailed List.](http://gitready.com/advanced/2009/03/23/whats-inside-your-git-directory.html) - -### Working Tree (component of repository) - -This is basically the directories and files in your repository. It is often -referred to as your working directory. - -### Index (component of .git dir) - -The Index is the staging area in git. It's basically a layer that separates -your working tree from the Git repository. This gives developers more power -over what gets sent to the Git repository. - -### Commit - -A git commit is a snapshot of a set of changes, or manipulations to your -Working Tree. For example, if you added 5 files, and removed 2 others, these -changes will be contained in a commit (or snapshot). This commit can then be -pushed to other repositories, or not! - -### Branch - -A branch is essentially a pointer to the last commit you made. As you go on -committing, this pointer will automatically update to point the latest commit. - -### Tag - -A tag is a mark on specific point in history. Typically people use this -functionality to mark release points (v1.0, and so on) - -### HEAD and head (component of .git dir) - -HEAD is a pointer that points to the current branch. A repository only has 1 -*active* HEAD. -head is a pointer that points to any commit. A repository can have any number -of heads. - -### Stages of Git -* Modified - Changes have been made to a file but file has not been committed -to Git Database yet -* Staged - Marks a modified file to go into your next commit snapshot -* Committed - Files have been committed to the Git Database - -### Conceptual Resources - -* [Git For Computer Scientists](http://eagain.net/articles/git-for-computer-scientists/) -* [Git For Designers](http://hoth.entp.com/output/git_for_designers.html) - -## Commands - -### init - -Create an empty Git repository. The Git repository's settings, stored -information, and more is stored in a directory (a folder) named ".git". - -```bash -$ git init -``` - -### config - -To configure settings. Whether it be for the repository, the system itself, -or global configurations ( global config file is `~/.gitconfig` ). +Since ansible 2.x there is bouilt-in callback for task execution profiling -```bash -# Print & Set Some Basic Config Variables (Global) -$ git config --global user.email "MyEmail@Zoho.com" -$ git config --global user.name "My Name" ``` - -[Learn More About git config.](http://git-scm.com/docs/git-config) - -### help - -To give you quick access to an extremely detailed guide of each command. Or to -just give you a quick reminder of some semantics. - -```bash -# Quickly check available commands -$ git help - -# Check all available commands -$ git help -a - -# Command specific help - user manual -# git help -$ git help add -$ git help commit -$ git help init -# or git --help -$ git add --help -$ git commit --help -$ git init --help +vi ansible.cfg +#set this to: +callback_whitelist = profile_tasks ``` -### ignore files +#### facts-cache and ansible-cmdb +You can pool some infrmations of you environment from another hosts. +If the informations does not change - you may consider using a facts_cache to speed things up. -To intentionally untrack file(s) & folder(s) from git. Typically meant for -private & temp files which would otherwise be shared in the repository. -```bash -$ echo "temp/" >> .gitignore -$ echo "private_key" >> .gitignore ``` +vi ansible.cfg -### status - -To show differences between the index file (basically your working copy/repo) -and the current HEAD commit. - -```bash -# Will display the branch, untracked files, changes and other differences -$ git status - -# To learn other "tid bits" about git status -$ git help status +# if set to a persistent type (not 'memory', for example 'redis') fact values +# from previous runs in Ansible will be stored. This may be useful when +# wanting to use, for example, IP information from one group of servers +# without having to talk to them in the same playbook run to get their +# current IP information. +fact_caching = jsonfile +fact_caching_connection = ~/facts_cache +fact_caching_timeout = 86400 ``` -### add +I like to use `jsonfile` as my backend. It allows to use another project +`ansible-cmdb` [github] that generates a HTML page of your inventory resources. A nice 'free' addition! -To add files to the staging area/index. If you do not `git add` new files to -the staging area/index, they will not be included in commits! +#### debugging ansible +When your job fails - it is good to be effective with debugging. -```bash -# add a file in your current working directory -$ git add HelloWorld.java - -# add a file in a nested dir -$ git add /path/to/file/HelloWorld.c - -# Regular Expression support! -$ git add ./*.java -``` +1. Increase verbosiy by using multiple -v **[ -vvvvv]** +2. If variable is undefined +3. If variable (dictionary or a list) is undefined +4. Jinja template debug -This only adds a file to the staging area/index, it doesn't commit it to the -working directory/repo. - -### branch - -Manage your branches. You can view, edit, create, delete branches using this -command. +#### Infrastructure as a code - what about Ansible +You already know, that ansible-vault allow you to store your poufne data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. +See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additiinal benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. You can have multiple versions of Ansible present in the same time. This is very helpfull! ```bash -# list existing branches & remotes -$ git branch -a - -# create a new branch -$ git branch myNewBranch - -# delete a branch -$ git branch -d myBranch + # recreate ansible 2.x venv +$ rm -rf venv2 +$ source environment2.sh + # execute playbook +(venv2)$ ansible-playbook playbooks/ansible1.9_playbook.yml # would fail - deprecated syntax -# rename a branch -# git branch -m -$ git branch -m myBranchName myNewBranchName + # now lets install ansible 1.9.x next to ansible 2.x +(venv2)$ deactivate +$ source environment.1.9.sh + # execute playbook +(venv1.9)$ ansible-playbook playbooks/ansible1.9_playbook.yml # works! -# edit a branch's description -$ git branch myBranchName --edit-description -``` - -### tag - -Manage your tags - -```bash -# List tags -$ git tag - -# Create a annotated tag -# The -m specifies a tagging message,which is stored with the tag. -# If you don’t specify a message for an annotated tag, -# Git launches your editor so you can type it in. -$ git tag -a v2.0 -m 'my version 2.0' - -# Show info about tag -# That shows the tagger information, the date the commit was tagged, -# and the annotation message before showing the commit information. -$ git show v2.0 - -# Push a single tag to remote -$ git push origin v2.0 - -# Push a lot of tags to remote -$ git push origin --tags -``` - -### checkout - -Updates all files in the working tree to match the version in the index, or -specified tree. - -```bash -# Checkout a repo - defaults to master branch -$ git checkout - -# Checkout a specified branch -$ git checkout branchName - -# Create a new branch & switch to it -# equivalent to "git branch ; git checkout " - -$ git checkout -b newBranch -``` - -### clone - -Clones, or copies, an existing repository into a new directory. It also adds -remote-tracking branches for each branch in the cloned repo, which allows you -to push to a remote branch. - -```bash -# Clone learnxinyminutes-docs -$ git clone https://github.com/adambard/learnxinyminutes-docs.git - -# shallow clone - faster cloning that pulls only latest snapshot -$ git clone --depth 1 https://github.com/adambard/learnxinyminutes-docs.git - -# clone only a specific branch -$ git clone -b master-cn https://github.com/adambard/learnxinyminutes-docs.git --single-branch -``` - -### commit - -Stores the current contents of the index in a new "commit." This commit -contains the changes made and a message created by the user. - -```bash -# commit with a message -$ git commit -m "Added multiplyNumbers() function to HelloWorld.c" - -# automatically stage modified or deleted files, except new files, and then commit -$ git commit -a -m "Modified foo.php and removed bar.php" - -# change last commit (this deletes previous commit with a fresh commit) -$ git commit --amend -m "Correct message" -``` - -### diff - -Shows differences between a file in the working directory, index and commits. - -```bash -# Show difference between your working dir and the index -$ git diff - -# Show differences between the index and the most recent commit. -$ git diff --cached - -# Show differences between your working dir and the most recent commit -$ git diff HEAD -``` - -### grep - -Allows you to quickly search a repository. - -Optional Configurations: - -```bash -# Thanks to Travis Jeffery for these -# Set line numbers to be shown in grep search results -$ git config --global grep.lineNumber true - -# Make search results more readable, including grouping -$ git config --global alias.g "grep --break --heading --line-number" -``` - -```bash -# Search for "variableName" in all java files -$ git grep 'variableName' -- '*.java' - -# Search for a line that contains "arrayListName" and, "add" or "remove" -$ git grep -e 'arrayListName' --and \( -e add -e remove \) -``` - -Google is your friend; for more examples -[Git Grep Ninja](http://travisjeffery.com/b/2012/02/search-a-git-repo-like-a-ninja) - -### log - -Display commits to the repository. - -```bash -# Show all commits -$ git log - -# Show only commit message & ref -$ git log --oneline - -# Show merge commits only -$ git log --merges - -# Show all commits represented by an ASCII graph -$ git log --graph -``` - -### merge - -"Merge" in changes from external commits into the current branch. - -```bash -# Merge the specified branch into the current. -$ git merge branchName - -# Always generate a merge commit when merging -$ git merge --no-ff branchName -``` - -### mv - -Rename or move a file - -```bash -# Renaming a file -$ git mv HelloWorld.c HelloNewWorld.c - -# Moving a file -$ git mv HelloWorld.c ./new/path/HelloWorld.c - -# Force rename or move -# "existingFile" already exists in the directory, will be overwritten -$ git mv -f myFile existingFile -``` - -### pull - -Pulls from a repository and merges it with another branch. - -```bash -# Update your local repo, by merging in new changes -# from the remote "origin" and "master" branch. -# git pull -$ git pull origin master - -# By default, git pull will update your current branch -# by merging in new changes from its remote-tracking branch -$ git pull - -# Merge in changes from remote branch and rebase -# branch commits onto your local repo, like: "git fetch , git -# rebase /" -$ git pull origin master --rebase -``` - -### push - -Push and merge changes from a branch to a remote & branch. - -```bash -# Push and merge changes from a local repo to a -# remote named "origin" and "master" branch. -# git push -$ git push origin master - -# By default, git push will push and merge changes from -# the current branch to its remote-tracking branch -$ git push - -# To link up current local branch with a remote branch, add -u flag: -$ git push -u origin master -# Now, anytime you want to push from that same local branch, use shortcut: -$ git push + # please note that you have both venv1.9 and venv2 present - you need to (de)activate one - that is all ``` +### Naming -### stash +### Bonus -Stashing takes the dirty state of your working directory and saves it on a -stack of unfinished changes that you can reapply at any time. +### writing own module -Let's say you've been doing some work in your git repo, but you want to pull -from the remote. Since you have dirty (uncommited) changes to some files, you -are not able to run `git pull`. Instead, you can run `git stash` to save your -changes onto a stack! +### Python API -```bash -$ git stash -Saved working directory and index state \ - "WIP on master: 049d078 added the index file" - HEAD is now at 049d078 added the index file - (To restore them type "git stash apply") -``` +### Web-UI: Ansible Tower, Jenkins, Rundeck -Now you can pull! +#### Ansible Tower +Ansible provides a Web User Interface called `Ansible Tower`. +It is a convienient way to run Ansible Playbooks, have proper user management, log retention, and cron (periodic jobs). -```bash -git pull -``` -`...changes apply...` +Personaly I'm not a fan of it - it's to expensive for my cases, and the trial is 10 inventory-hosts only. -Now check that everything is OK +For my usecases I hide the 'pure ansible' commands behind other projects. -```bash -$ git status -# On branch master -nothing to commit, working directory clean -``` +#### Rundeck +This is nice, secure interface, that allows you to execute a jobs of your choice (CLI, script, execution plan). +It can perform roling-deployment (without Ansible), can integrate with clouds, etc. -You can see what "hunks" you've stashed so far using `git stash list`. -Since the "hunks" are stored in a Last-In-First-Out stack, our most recent -change will be at top. +#### Jenkins +For my 'business cases' I use Jenkins - it has a 'cron', jobs can be binded into 'pipelines'. -```bash -$ git stash list -stash@{0}: WIP on master: 049d078 added the index file -stash@{1}: WIP on master: c264051 Revert "added file_size" -stash@{2}: WIP on master: 21d80a5 added number to log -``` - -Now let's apply our dirty changes back by popping them off the stack. - -```bash -$ git stash pop -# On branch master -# Changes not staged for commit: -# (use "git add ..." to update what will be committed) -# -# modified: index.html -# modified: lib/simplegit.rb -# -``` +### become-user, become +### ansible - dynamic in AWS +### create instance in AWS +### create env in AWS -`git stash apply` does the same thing +### Tips and tricks -Now you're ready to get back to work on your stuff! +##### --check -C +Always make sure that your playbook can executes in 'dry run' mode (--check), and it's execution is not declaring 'Changed' objects. -[Additional Reading.](http://git-scm.com/book/en/v1/Git-Tools-Stashing) +##### --diff -D +Diff is usefull to see nice detail of the files changed -### rebase (caution) +It compare 'in memory' the files like `diff -BbruN fileA fileB` -Take all changes that were committed on one branch, and replay them onto -another branch. -*Do not rebase commits that you have pushed to a public repo*. +##### Execute hosts with 'regex' ```bash -# Rebase experimentBranch onto master -# git rebase -$ git rebase master experimentBranch +ansible -m ping web* ``` -[Additional Reading.](http://git-scm.com/book/en/Git-Branching-Rebasing) - -### reset (caution) - -Reset the current HEAD to the specified state. This allows you to undo merges, -pulls, commits, adds, and more. It's a great command but also dangerous if you -don't know what you are doing. +##### +Host groups can be joined, negated, etc ```bash -# Reset the staging area, to match the latest commit (leaves dir unchanged) -$ git reset - -# Reset the staging area, to match the latest commit, and overwrite working dir -$ git reset --hard - -# Moves the current branch tip to the specified commit (leaves dir unchanged) -# all changes still exist in the directory. -$ git reset 31f2bb1 - -# Moves the current branch tip backward to the specified commit -# and makes the working dir match (deletes uncommited changes and all commits -# after the specified commit). -$ git reset --hard 31f2bb1 +ansible -m ping web*:!backend:monitoring:&allow_change ``` -### reflog (caution) +##### Tagging +You should tag some (not all) objects - a task in a playbook, all tasks included form a role, etc. +It allwos you to execute the choosen parts of the playbook. -Reflog will list most of the git commands you have done for a given time period, -default 90 days. +##### no_logs: True +You may see, that some roles print a lot of output in verbose mode. There is also a debug module. +This is the place where credentials may leak. Use `no_log` to hide the output. -This give you the a change to reverse any git commands that have gone wrong -for instance if a rebase is has broken your application. +##### Debug module +allows to print a value to the screen -You can do this: +##### Register the output of a task +You can register the output (stdout), rc (return code), stderr of a task with the `register` command. -1. `git reflog` to list all of the git commands for the rebase -``` -38b323f HEAD@{0}: rebase -i (finish): returning to refs/heads/feature/add_git_reflog -38b323f HEAD@{1}: rebase -i (pick): Clarify inc/dec operators -4fff859 HEAD@{2}: rebase -i (pick): Update java.html.markdown -34ed963 HEAD@{3}: rebase -i (pick): [yaml/en] Add more resources (#1666) -ed8ddf2 HEAD@{4}: rebase -i (pick): pythonstatcomp spanish translation (#1748) -2e6c386 HEAD@{5}: rebase -i (start): checkout 02fb96d -``` -2. Select where to reset to, in our case its `2e6c386`, or `HEAD@{5}` -3. 'git reset --hard HEAD@{5}' this will reset your repo to that head -4. You can start the rebase again or leave it alone. +##### Conditionals: when: -[Additional Reading.](https://git-scm.com/docs/git-reflog) +##### Loop: with, with_items, with_dict, with_together -### revert -Revert can be used to undo a commit. It should not be confused with reset which -restores the state of a project to a previous point. Revert will add a new -commit which is the inverse of the specified commit, thus reverting it. +## Introduction +Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. +'You can think as simple as writing in bash with python API :) +Of course the rabit hole is way deeper.' -```bash -# Revert a specified commit -$ git revert -``` +Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) -### rm -The opposite of git add, git rm removes files from the current working tree. -```bash -# remove HelloWorld.c -$ git rm HelloWorld.c +## Main cons and pros -# Remove a file from a nested dir -$ git rm /pather/to/the/file/HelloWorld.c -``` +### Cons -## Further Information +It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. +It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) +Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. -* [tryGit - A fun interactive way to learn Git.](http://try.github.io/levels/1/challenges/1) +### Pros -* [Learn Git Branching - the most visual and interactive way to learn Git on the web](http://learngitbranching.js.org/) +It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. +In some way you can use it as 'bash on steroids'. +It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! +It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) +Documentation is at the world-class standard! +The comunity (github, stackOverflow) would help you very fast. +Writing own modules and extension is fairly easy. -* [Udemy Git Tutorial: A Comprehensive Guide](https://blog.udemy.com/git-tutorial-a-comprehensive-guide/) -* [Git Immersion - A Guided tour that walks through the fundamentals of git](http://gitimmersion.com/) +### Neutral +Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. -* [git-scm - Video Tutorials](http://git-scm.com/videos) +## Basics on ansible -* [git-scm - Documentation](http://git-scm.com/docs) +Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. +In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. -* [Atlassian Git - Tutorials & Workflows](https://www.atlassian.com/git/) +But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! -* [SalesForce Cheat Sheet](http://res.cloudinary.com/hy4kyit2a/image/upload/SF_git_cheatsheet.pdf) -* [GitGuys](http://www.gitguys.com/) -* [Git - the simple guide](http://rogerdudler.github.io/git-guide/index.html) -* [Pro Git](http://www.git-scm.com/book/en/v2) +# JM inventory dynamic aws ec2 +# vault +# roles -* [An introduction to Git and GitHub for Beginners (Tutorial)](http://product.hubspot.com/blog/git-and-github-tutorial-for-beginners) -- cgit v1.2.3 From bb4deacd225d410e6c0b09c67cc2b889c4825ff3 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Thu, 28 Sep 2017 00:02:01 +0200 Subject: test markdown --- ansible.html.markdown | 50 +++++++++++++++++++++++--------------------------- 1 file changed, 23 insertions(+), 27 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 0023a718..9c1b86e8 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -47,7 +47,7 @@ There are few commands you should know about * and other! ### Module -_*program (usally python) that execute, do some work and return proper JSON output :)*_ +_*program (usally python) that execute, do some work and return proper JSON output *_ This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). @@ -78,28 +78,6 @@ $ ansible -m command -a 'whoami' all * Module: `file` - performs file operations (stat, link, dir, ...) * Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) - -## Ansible - naming and quick intro - -### Inventory -Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands -For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) - -`/etc/ansible/hosts` -``` -localhost - -[some_group] -hostA.mydomain.com -hostB.localdomain - -[a_group_of_a_groups:children] -some_group -some_other_group - -``` -* [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) - ### Task Execution of a single Ansible **module** is called a **task** @@ -141,6 +119,24 @@ $ ansible-playbook path/name_of_the_playbook.yml ``` ### More on ansible concept +### Inventory +Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands +For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) + +`/etc/ansible/hosts` +``` +localhost + +[some_group] +hostA.mydomain.com +hostB.localdomain + +[a_group_of_a_groups:children] +some_group +some_other_group + +``` +* [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) #### ansible-roles (a 'template-playbooks' with right structure) You already know the tasks (modules) that can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). @@ -296,7 +292,7 @@ $ ansible -m ping all -i etc/inv/ec2.py ``` #### ansible profiling - callback -It is ok that your playbook executes some time. Sometimes you may like to speed things up :) +It is ok that your playbook executes some time. Sometimes you may like to speed things up Since ansible 2.x there is bouilt-in callback for task execution profiling @@ -427,7 +423,7 @@ You can register the output (stdout), rc (return code), stderr of a task with th ## Introduction Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -'You can think as simple as writing in bash with python API :) +'You can think as simple as writing in bash with python API Of course the rabit hole is way deeper.' Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) @@ -444,9 +440,9 @@ Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is ### Pros -It is an agent-less tools :) In most scenarios, it use ssh as a transport layer. +It is an agent-less tools In most scenarios, it use ssh as a transport layer. In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible :) (almost). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) Documentation is at the world-class standard! -- cgit v1.2.3 From 6c378a858964a5c5d656e39f8fec110b584e7bd0 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Thu, 28 Sep 2017 00:02:50 +0200 Subject: test markdown --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 9c1b86e8..1cf77033 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -47,7 +47,7 @@ There are few commands you should know about * and other! ### Module -_*program (usally python) that execute, do some work and return proper JSON output *_ +_program (usally python) that execute, do some work and return proper JSON output_ This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). -- cgit v1.2.3 From c2bcf94c80e1bfc2314014a8e7dd0858c6e4207c Mon Sep 17 00:00:00 2001 From: sirkubax Date: Thu, 28 Sep 2017 00:05:12 +0200 Subject: test markdown --- ansible.html.markdown | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 1cf77033..d68eafd8 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -137,7 +137,7 @@ some_other_group ``` * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) -#### ansible-roles (a 'template-playbooks' with right structure) +### ansible-roles (a 'template-playbooks' with right structure) You already know the tasks (modules) that can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). @@ -205,7 +205,7 @@ For now you might like to know, that CLI variables has the top priority. You should also know, that a nice way to pool some data is a **lookup** -##### Lookups +### Lookups * pipe * file @@ -218,7 +218,7 @@ ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" lo ``` -#### Templates +### Templates Template is a powerfull way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. @@ -233,7 +233,7 @@ Some static content ``` Jinja may have some limitations, but it is a powerfull tool that you might like. -#### Jinja2 CLI +### Jinja2 CLI You can use the jinja in the CLI too ```bash ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost @@ -248,7 +248,7 @@ Junja is powerfull. It has built-in many usefull functions. {{ some_variable | default('default_value') }} ``` -#### ansible-vault +### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. Ansible provides a way to encrypt the poufne files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. @@ -278,7 +278,7 @@ $ cat path/somefile $ ansible-vault decrypt path/somefile ``` -#### dynamic inventory +### dynamic inventory You might like to know, that you can build your inventory dynamically. (For Ansible) inventory is just a JSON with proper structure - if you can deliver that to ansible - anything is possible. @@ -291,7 +291,7 @@ $ etc/inv/ec2.py --refresh $ ansible -m ping all -i etc/inv/ec2.py ``` -#### ansible profiling - callback +### ansible profiling - callback It is ok that your playbook executes some time. Sometimes you may like to speed things up Since ansible 2.x there is bouilt-in callback for task execution profiling @@ -302,7 +302,7 @@ vi ansible.cfg callback_whitelist = profile_tasks ``` -#### facts-cache and ansible-cmdb +### facts-cache and ansible-cmdb You can pool some infrmations of you environment from another hosts. If the informations does not change - you may consider using a facts_cache to speed things up. @@ -322,7 +322,7 @@ fact_caching_timeout = 86400 I like to use `jsonfile` as my backend. It allows to use another project `ansible-cmdb` [github] that generates a HTML page of your inventory resources. A nice 'free' addition! -#### debugging ansible +### debugging ansible When your job fails - it is good to be effective with debugging. 1. Increase verbosiy by using multiple -v **[ -vvvvv]** @@ -330,7 +330,7 @@ When your job fails - it is good to be effective with debugging. 3. If variable (dictionary or a list) is undefined 4. Jinja template debug -#### Infrastructure as a code - what about Ansible +### Infrastructure as a code - what about Ansible You already know, that ansible-vault allow you to store your poufne data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additiinal benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. You can have multiple versions of Ansible present in the same time. This is very helpfull! @@ -379,46 +379,46 @@ For my 'business cases' I use Jenkins - it has a 'cron', jobs can be binded into ### create instance in AWS ### create env in AWS -### Tips and tricks +## Tips and tricks -##### --check -C +#### --check -C Always make sure that your playbook can executes in 'dry run' mode (--check), and it's execution is not declaring 'Changed' objects. -##### --diff -D +#### --diff -D Diff is usefull to see nice detail of the files changed It compare 'in memory' the files like `diff -BbruN fileA fileB` -##### Execute hosts with 'regex' +#### Execute hosts with 'regex' ```bash ansible -m ping web* ``` -##### +#### Host groups can be joined, negated, etc ```bash ansible -m ping web*:!backend:monitoring:&allow_change ``` -##### Tagging +#### Tagging You should tag some (not all) objects - a task in a playbook, all tasks included form a role, etc. It allwos you to execute the choosen parts of the playbook. -##### no_logs: True +#### no_logs: True You may see, that some roles print a lot of output in verbose mode. There is also a debug module. This is the place where credentials may leak. Use `no_log` to hide the output. -##### Debug module +#### Debug module allows to print a value to the screen -##### Register the output of a task +#### Register the output of a task You can register the output (stdout), rc (return code), stderr of a task with the `register` command. -##### Conditionals: when: +#### Conditionals: when: -##### Loop: with, with_items, with_dict, with_together +#### Loop: with, with_items, with_dict, with_together ## Introduction -- cgit v1.2.3 From a090f8fd0af03ca558d57392a60edf6aa7184f4f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Thu, 28 Sep 2017 00:07:12 +0200 Subject: test markdown --- ansible.html.markdown | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index d68eafd8..699e4419 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -291,6 +291,8 @@ $ etc/inv/ec2.py --refresh $ ansible -m ping all -i etc/inv/ec2.py ``` +Read also about `dynamic inventory` below + ### ansible profiling - callback It is ok that your playbook executes some time. Sometimes you may like to speed things up -- cgit v1.2.3 From 1f035686ef8f6605d8e43c1c6138bae10c4f9b0d Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 21:42:16 +0200 Subject: set -e - again --- ansible.html.markdown | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 699e4419..e17e543f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -376,10 +376,7 @@ It can perform roling-deployment (without Ansible), can integrate with clouds, #### Jenkins For my 'business cases' I use Jenkins - it has a 'cron', jobs can be binded into 'pipelines'. -### become-user, become -### ansible - dynamic in AWS -### create instance in AWS -### create env in AWS +#### become-user, become ## Tips and tricks @@ -470,3 +467,6 @@ But ansible is way more! It provides an execution plans, an API, library, callba # vault # roles +#### ansible - dynamic in AWS +#### create instance in AWS +#### create env in AWS -- cgit v1.2.3 From 66055cf822018d1c2f38b352919c5ccdc4aeb437 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 22:31:58 +0200 Subject: set -e - again --- ansible.html.markdown | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index e17e543f..c495b308 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -109,6 +109,7 @@ hosts: all tasks: - name: "ping all" ping: + - name: "execute a shell command" shell: "date; whoami; df -h;" ``` @@ -174,8 +175,12 @@ We would clone the ready-to-use examples from additional repository ```bash $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git $ cd ansible-for-learnXinYminutes -$ source environment -$(venv) ansible-playbook playbooks/role_example.yml +$ source environment.sh +(venv) u@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/role_example.yml + +# First lets execute the simple_playbook.yml +(venv) user@host:~/ansible-for-learnXinYminute$ ansible-playbook playbook/simple_playbook.yml + ``` #### Role directory structure: -- cgit v1.2.3 From d81ed7f3b7bfdc748b74f75debd5451cb5bbee59 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:24:45 +0200 Subject: set -e - again --- ansible.html.markdown | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index c495b308..d134c073 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -169,18 +169,23 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` -Example->role - -We would clone the ready-to-use examples from additional repository +#### We would use repository with *ready to use* examples +We would clone the repository ```bash $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git $ cd ansible-for-learnXinYminutes $ source environment.sh -(venv) u@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/role_example.yml +$ +$# First lets execute the simple_playbook.yml +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbook/simple_playbook.yml -# First lets execute the simple_playbook.yml -(venv) user@host:~/ansible-for-learnXinYminute$ ansible-playbook playbook/simple_playbook.yml +``` +```bash +$ source environment.sh +$ +$# Now we would run the above playbook with roles +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/role_example.yml ``` #### Role directory structure: -- cgit v1.2.3 From 340f30f3410602e649c224eb9804f826d2fc8e0e Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:26:03 +0200 Subject: set -e - again --- ansible.html.markdown | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index d134c073..d3a0fb34 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -176,15 +176,14 @@ $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git $ cd ansible-for-learnXinYminutes $ source environment.sh $ -$# First lets execute the simple_playbook.yml +$ # First lets execute the simple_playbook.yml (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbook/simple_playbook.yml ``` ```bash $ source environment.sh -$ -$# Now we would run the above playbook with roles +$ # Now we would run the above playbook with roles (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/role_example.yml ``` -- cgit v1.2.3 From 1a935188969deac50f30fe356422d8003188afbb Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:29:13 +0200 Subject: set -e - again --- ansible.html.markdown | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index d3a0fb34..91442dbf 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -171,10 +171,12 @@ pre_tasks: #### We would use repository with *ready to use* examples We would clone the repository +This example install ansible in `virtualenv` so it is independend from a system. You need to init it with `source environment.sh` command + ```bash $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git -$ cd ansible-for-learnXinYminutes -$ source environment.sh +user@host:~/$ cd ansible-for-learnXinYminutes +user@host:~/ansible-for-learnXinYminutes$ source environment.sh $ $ # First lets execute the simple_playbook.yml (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbook/simple_playbook.yml -- cgit v1.2.3 From 738f09d92596b3c9f12477d4e0ac88f9ad9c7c76 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:30:15 +0200 Subject: set -e - again --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 91442dbf..ee313f2c 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -170,7 +170,7 @@ pre_tasks: ``` #### We would use repository with *ready to use* examples -We would clone the repository +For remaining examples we would clone the repository This example install ansible in `virtualenv` so it is independend from a system. You need to init it with `source environment.sh` command ```bash -- cgit v1.2.3 From a3e6e2bb3b4ed325cd6fea0cc4f7590cb198849f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:31:14 +0200 Subject: set -e - again --- ansible.html.markdown | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ee313f2c..57f559ef 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -169,8 +169,7 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` -#### We would use repository with *ready to use* examples -For remaining examples we would clone the repository +#### For remaining examples we would use repository with *ready to use* examples This example install ansible in `virtualenv` so it is independend from a system. You need to init it with `source environment.sh` command ```bash -- cgit v1.2.3 From 68eae69fb5471f645265216967044905f3471a29 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:32:41 +0200 Subject: set -e - again --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 57f559ef..04862a14 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -169,7 +169,7 @@ pre_tasks: shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` -#### For remaining examples we would use repository with *ready to use* examples +#### For remaining examples we would use additional repository This example install ansible in `virtualenv` so it is independend from a system. You need to init it with `source environment.sh` command ```bash @@ -182,6 +182,7 @@ $ # First lets execute the simple_playbook.yml ``` +Run the above playbook with roles example ```bash $ source environment.sh $ # Now we would run the above playbook with roles -- cgit v1.2.3 From ceac9628c238b8835df8d7c0154c7a91d60ac74f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 20 Oct 2017 23:45:03 +0200 Subject: set -e - again --- ansible.html.markdown | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 04862a14..bd0200f6 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -104,14 +104,14 @@ This example-playbook would execute (on all hosts defined in the inventory) two * `shell` that execute three commands and return the output to our terminal ```yml -hosts: all - -tasks: - - name: "ping all" - ping: - - - name: "execute a shell command" - shell: "date; whoami; df -h;" +- hosts: all + + tasks: + - name: "ping all" + ping: + + - name: "execute a shell command" + shell: "date; whoami; df -h;" ``` You can run the playbook with the command: @@ -152,21 +152,21 @@ Role can be included in your playbook (executed via your playbook). ```yml -hosts: all - -tasks: - - name: "ping all" - ping: - - name: "execute a shell command" - shell: "date; whoami; df -h;" - -role: - - some_role - - { role: another_role, some_variable: 'learnxiny', tags: ['my_tag'] } - -pre_tasks: - - name: some pre-task - shell: echo 'this task is the last, but would be executed before roles, and before tasks' +- hosts: all + + tasks: + - name: "ping all" + ping: + - name: "execute a shell command" + shell: "date; whoami; df -h;" + + roles: + - some_role + - { role: another_role, some_variable: 'learnxiny', tags: ['my_tag'] } + + pre_tasks: + - name: some pre-task + shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` #### For remaining examples we would use additional repository -- cgit v1.2.3 From bb31a53eb2c559d327b6bc7f58735b410ae4815f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Sat, 21 Oct 2017 00:01:29 +0200 Subject: set -e - again --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index bd0200f6..e41d1a6a 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -225,7 +225,8 @@ You should also know, that a nice way to pool some data is a **lookup** You can use them in CLI too ```yaml -ansible -m shell -a 'echo {{ my_variable }}` -e '{{ lookup('pipe'; 'date' }}" localhost +ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "date") }}"' localhost +ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "hostname") }}"' all ``` -- cgit v1.2.3 From 8f803122808e802b8bc0bf7b2ecb057207c5f46f Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:42:44 +0200 Subject: copy into docker --- ansible.html.markdown | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index e41d1a6a..53ea153f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -178,7 +178,7 @@ user@host:~/$ cd ansible-for-learnXinYminutes user@host:~/ansible-for-learnXinYminutes$ source environment.sh $ $ # First lets execute the simple_playbook.yml -(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbook/simple_playbook.yml +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_playbook.yml ``` @@ -186,7 +186,7 @@ Run the above playbook with roles example ```bash $ source environment.sh $ # Now we would run the above playbook with roles -(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/role_example.yml +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_role.yml ``` #### Role directory structure: @@ -206,6 +206,15 @@ roles/ Handlers are a tasks that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. It is a best way to restart a service, check if application port is active (successfull deployment criteria), etc. +Please get familiar how you can use role in simple_apache_role example +``` +playbooks/roles/simple_apache_role/ +├── tasks +│   └── main.yml +└── templates + └── main.yml +``` + ### ansible - variables Ansible is flexible - it has 21 levels of variable precedence @@ -223,11 +232,29 @@ You should also know, that a nice way to pool some data is a **lookup** * stream * etcd +```bash +# read playbooks/lookup.yml +# run +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/lookup.yml +``` + You can use them in CLI too ```yaml ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "date") }}"' localhost ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "hostname") }}"' all +# Or use in playbook + +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/lookup.yml + +``` + +### Register +Another way to dynamicaly generate the variable content is a `register` command +`Register` is also useful to store an output of a task, and use it's value as a logic +for execution further tasks. +``` +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/register_and_when.yml ``` ### Templates @@ -259,6 +286,7 @@ Junja is powerfull. It has built-in many usefull functions. # if variable is undefined - use default value {{ some_variable | default('default_value') }} ``` +### ansible - tags, limmit, diff, check_mode ### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. -- cgit v1.2.3 From c56a644fb3a9acc0687746f3dfd34be0dc1408d9 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:55:16 +0200 Subject: copy into docker --- ansible.html.markdown | 55 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 53 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 53ea153f..ae5ca01e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -249,7 +249,9 @@ ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe" ``` -### Register +### Register and Conditional + +#### Register Another way to dynamicaly generate the variable content is a `register` command `Register` is also useful to store an output of a task, and use it's value as a logic for execution further tasks. @@ -257,6 +259,56 @@ for execution further tasks. (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/register_and_when.yml ``` +```yaml +#file content +--- +- hosts: localhost + tasks: + - name: check the system capacity + shell: df -h / + register: root_size + + - name: debug root_size + debug: + msg: "{{ root_size }}" + + - name: debug root_size return code + debug: + msg: "{{ root_size.rc }}" + + + - name: Print this message when return code of 'check the system capacity' was ok + debug: + msg: "{{ root_size.rc }}" + when: root_size.rc == 0 + +``` +#### Conditionals + +You can define complex logic with ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) + + + +### ansible - tags, limmit + +You should know about a way to increase efficiency by this simple functionality + +#### TAGS + You can tag a task, role (and its tasks), include, etc... + You can then limit an execution by using + --tags tagA, other_tag,... + + There are special tags: always + + --skip-tags can be used to exclude a block of code + +#### LIMMIT + You can limmit an execution of your tasks to defined hosts + --limit my_hostname + --limit groupname + --limit some_prefix* + --limit hostname:group #JM + ### Templates Template is a powerfull way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. @@ -286,7 +338,6 @@ Junja is powerfull. It has built-in many usefull functions. # if variable is undefined - use default value {{ some_variable | default('default_value') }} ``` -### ansible - tags, limmit, diff, check_mode ### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. -- cgit v1.2.3 From 75379d6b672ed34b5f593c9aea60564e90a0cc3d Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:56:38 +0200 Subject: update --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ae5ca01e..155a3b0e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -285,7 +285,7 @@ for execution further tasks. ``` #### Conditionals -You can define complex logic with ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) +You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) -- cgit v1.2.3 From a3bbb085b06d640b4807c296358f4569599fcd5b Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:57:54 +0200 Subject: update --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 155a3b0e..236fca99 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -276,7 +276,8 @@ for execution further tasks. debug: msg: "{{ root_size.rc }}" - +# when: example + - name: Print this message when return code of 'check the system capacity' was ok debug: msg: "{{ root_size.rc }}" -- cgit v1.2.3 From 6c6dfb1884d216983b685ebb2683df7d53779f5a Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:58:23 +0200 Subject: update --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 236fca99..b076c11f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -284,7 +284,7 @@ for execution further tasks. when: root_size.rc == 0 ``` -#### Conditionals +#### Conditionals - when: You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) -- cgit v1.2.3 From 41b345c69be430a535345b5dac0a972f85493b0c Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:59:23 +0200 Subject: update --- ansible.html.markdown | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b076c11f..a6ce656b 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -295,7 +295,8 @@ You can define complex logic with Ansible and Jinja functions. Most common is us You should know about a way to increase efficiency by this simple functionality #### TAGS - You can tag a task, role (and its tasks), include, etc... +You can tag a task, role (and its tasks), include, etc... + You can then limit an execution by using --tags tagA, other_tag,... @@ -304,7 +305,7 @@ You should know about a way to increase efficiency by this simple functionality --skip-tags can be used to exclude a block of code #### LIMMIT - You can limmit an execution of your tasks to defined hosts +You can limmit an execution of your tasks to defined hosts --limit my_hostname --limit groupname --limit some_prefix* -- cgit v1.2.3 From 8fc4b38c1010e7e85ef396ff045becc8a998c459 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 14:59:51 +0200 Subject: update --- ansible.html.markdown | 1 + 1 file changed, 1 insertion(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index a6ce656b..41d9d62f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -306,6 +306,7 @@ You can tag a task, role (and its tasks), include, etc... #### LIMMIT You can limmit an execution of your tasks to defined hosts + --limit my_hostname --limit groupname --limit some_prefix* -- cgit v1.2.3 From 844e24899e022a948c52cc68b8af33e2d8b28208 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 15:00:25 +0200 Subject: update --- ansible.html.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 41d9d62f..a10540d3 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -290,7 +290,7 @@ You can define complex logic with Ansible and Jinja functions. Most common is us -### ansible - tags, limmit +### ansible - tags, limit You should know about a way to increase efficiency by this simple functionality @@ -304,8 +304,8 @@ You can tag a task, role (and its tasks), include, etc... --skip-tags can be used to exclude a block of code -#### LIMMIT -You can limmit an execution of your tasks to defined hosts +#### LIMIT +You can limit an execution of your tasks to defined hosts --limit my_hostname --limit groupname -- cgit v1.2.3 From 147533c849733dadc2c3db31e9365ff4b4943cbe Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 15:05:56 +0200 Subject: update --- ansible.html.markdown | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index a10540d3..95735e21 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -298,7 +298,7 @@ You should know about a way to increase efficiency by this simple functionality You can tag a task, role (and its tasks), include, etc... You can then limit an execution by using - --tags tagA, other_tag,... + ansible-playbook playbooks/simple_playbook.yml --tags tagA, tag_other There are special tags: always @@ -307,6 +307,8 @@ You can tag a task, role (and its tasks), include, etc... #### LIMIT You can limit an execution of your tasks to defined hosts + ansible-playbook playbooks/simple_playbook.yml --limmit localhost + --limit my_hostname --limit groupname --limit some_prefix* -- cgit v1.2.3 From c8ef9d6d874da784b3e1de7bce300f37f92292c1 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Fri, 27 Oct 2017 15:08:30 +0200 Subject: update --- ansible.html.markdown | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 95735e21..0ad58d45 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -295,14 +295,16 @@ You can define complex logic with Ansible and Jinja functions. Most common is us You should know about a way to increase efficiency by this simple functionality #### TAGS -You can tag a task, role (and its tasks), include, etc... +You can tag a task, role (and its tasks), include, etc, and then run only the tagged resources - You can then limit an execution by using - ansible-playbook playbooks/simple_playbook.yml --tags tagA, tag_other + ansible-playbook playbooks/simple_playbook.yml --tags=tagA,tag_other + ansible-playbook playbooks/simple_playbook.yml -t tagA,tag_other - There are special tags: always + There are special tags: + always --skip-tags can be used to exclude a block of code + --list-tags to list available tags #### LIMIT You can limit an execution of your tasks to defined hosts -- cgit v1.2.3 From d3fdfa1260f7f0f46823dd2df15d50e5c472e41b Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 20:54:32 +0100 Subject: update --- ansible.html.markdown | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 0ad58d45..61ff6cff 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -10,7 +10,7 @@ filename: LearnAnsible.txt ```yaml --- -"{{ Why Ansible and detailed Intro }}" written in the second part of document +"{{ Explanation: Why Ansible and detailed Intro }}" written in the second part of document ``` @@ -64,8 +64,7 @@ $ ansible -m ping all $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` -* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` `;` will not work -#JM +* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` `;` will not work. The command module is more secure, because it will not be affected by the user’s environment. For more complex command - use shell module. ```bash @@ -114,10 +113,11 @@ This example-playbook would execute (on all hosts defined in the inventory) two shell: "date; whoami; df -h;" ``` -You can run the playbook with the command: +Run the playbook with the command: ```bash $ ansible-playbook path/name_of_the_playbook.yml ``` +_Note: Example playbook is explained in the next chapter: 'Roles' ### More on ansible concept ### Inventory @@ -131,6 +131,7 @@ localhost [some_group] hostA.mydomain.com hostB.localdomain +1.2.3.4 [a_group_of_a_groups:children] some_group @@ -140,7 +141,7 @@ some_other_group * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) ### ansible-roles (a 'template-playbooks' with right structure) - You already know the tasks (modules) that can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). + You already know that the tasks (modules) can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). A concept called `role` was introduced for parts of the code (playbooks) that should be reusable. @@ -170,7 +171,9 @@ Role can be included in your playbook (executed via your playbook). ``` #### For remaining examples we would use additional repository -This example install ansible in `virtualenv` so it is independend from a system. You need to init it with `source environment.sh` command +This example install ansible in `virtualenv` so it is independend from a system. You need to initialize it into your shell-context with `source environment.sh` command. + +We are going to use repository with examples: sirkubax/ansible-for-learnXinYminutes.git ```bash $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git @@ -331,13 +334,13 @@ Some static content ``` Jinja may have some limitations, but it is a powerfull tool that you might like. -### Jinja2 CLI +#### Jinja2 CLI You can use the jinja in the CLI too ```bash ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost ``` -### Jinja2 filters +#### Jinja2 filters Junja is powerfull. It has built-in many usefull functions. ```jinja # get first item of the list @@ -345,6 +348,7 @@ Junja is powerfull. It has built-in many usefull functions. # if variable is undefined - use default value {{ some_variable | default('default_value') }} ``` +[Read More] ### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. @@ -353,13 +357,17 @@ To maintain **ifrastructure as a code** you need to store secrets. The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime. ```bash +# Try (this would fail) +$ ansible-playbook playbooks/vault_example.yml + $ echo some_very_very_long_secret > ~/.ssh/secure_located_file +# in ansible.cfg set the path to your secret file $ vi ansible.cfg ansible_vault_password_file = ~/.ssh/secure_located_file -#or to use env -export ANSIBLE_VAULT_PASSWORD_FILE=~/.ssh/secure_located_file +#or use env +$ export ANSIBLE_VAULT_PASSWORD_FILE=~/.ssh/secure_located_file $ ansible-playbook playbooks/vault_example.yml -- cgit v1.2.3 From 22d4cadc8046fc941c99bbfed367cbe56f6831f0 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 20:55:04 +0100 Subject: update --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 61ff6cff..067ea291 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -173,7 +173,7 @@ Role can be included in your playbook (executed via your playbook). #### For remaining examples we would use additional repository This example install ansible in `virtualenv` so it is independend from a system. You need to initialize it into your shell-context with `source environment.sh` command. -We are going to use repository with examples: sirkubax/ansible-for-learnXinYminutes.git +We are going to use repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes ```bash $ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git -- cgit v1.2.3 From 493beb467cb4b1a9fd636e6e79ed1d02c86b0256 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 20:57:43 +0100 Subject: update --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 067ea291..9661fdf4 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -176,7 +176,8 @@ This example install ansible in `virtualenv` so it is independend from a system. We are going to use repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes ```bash -$ git colone git@github.com:sirkubax/ansible-for-learnXinYminutes.git +$ # The folowing example contain a shell-prompt to indicate the venv and relative path +$ git clone git@github.com:sirkubax/ansible-for-learnXinYminutes.git user@host:~/$ cd ansible-for-learnXinYminutes user@host:~/ansible-for-learnXinYminutes$ source environment.sh $ -- cgit v1.2.3 From 0d9aad8f71a7246088389735e6a8f73111d14407 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:03:34 +0100 Subject: update --- ansible.html.markdown | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 9661fdf4..1329f7e7 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -176,7 +176,7 @@ This example install ansible in `virtualenv` so it is independend from a system. We are going to use repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes ```bash -$ # The folowing example contain a shell-prompt to indicate the venv and relative path +$ # The folowing example contains a shell-prompt to indicate the venv and relative path $ git clone git@github.com:sirkubax/ansible-for-learnXinYminutes.git user@host:~/$ cd ansible-for-learnXinYminutes user@host:~/ansible-for-learnXinYminutes$ source environment.sh @@ -186,7 +186,7 @@ $ # First lets execute the simple_playbook.yml ``` -Run the above playbook with roles example +Run the playbook with roles example ```bash $ source environment.sh $ # Now we would run the above playbook with roles @@ -223,9 +223,9 @@ playbooks/roles/simple_apache_role/ Ansible is flexible - it has 21 levels of variable precedence -[read more] +[read more](http://docs.ansible.com/ansible/latest/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) -For now you might like to know, that CLI variables has the top priority. +For now you should know that CLI variables have the top priority. You should also know, that a nice way to pool some data is a **lookup** -- cgit v1.2.3 From 4041b4c45db1796c3a8410211c6a355728b71c6a Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:05:16 +0100 Subject: update --- ansible.html.markdown | 1 + 1 file changed, 1 insertion(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 1329f7e7..4462cbbb 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -230,6 +230,7 @@ For now you should know that CLI variables have the top priority. You should also know, that a nice way to pool some data is a **lookup** ### Lookups +query from: * pipe * file -- cgit v1.2.3 From 91a81abb7de572b5fb595f641688b75144de5b75 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:21:39 +0100 Subject: update --- ansible.html.markdown | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 4462cbbb..e4023e5a 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -239,7 +239,7 @@ query from: ```bash # read playbooks/lookup.yml -# run +# then run (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/lookup.yml ``` @@ -257,7 +257,7 @@ ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe" ### Register and Conditional #### Register -Another way to dynamicaly generate the variable content is a `register` command +Another way to dynamicaly generate the variable content is a `register` command. `Register` is also useful to store an output of a task, and use it's value as a logic for execution further tasks. ``` @@ -265,7 +265,6 @@ for execution further tasks. ``` ```yaml -#file content --- - hosts: localhost tasks: @@ -293,6 +292,16 @@ for execution further tasks. You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) +```yaml +--- +- hosts: localhost + tasks: + - name: check the system capacity + shell: df -h / + when: some_variable in 'a string' + roles: + - { role: mid_nagios_probe, when: allow_nagios_probes } +``` ### ansible - tags, limit -- cgit v1.2.3 From ca0e3475a019cfbe4532ddee6b1d9e5c1191c93c Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:31:22 +0100 Subject: update --- ansible.html.markdown | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index e4023e5a..bca1331c 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -320,6 +320,8 @@ You can tag a task, role (and its tasks), include, etc, and then run only the ta --skip-tags can be used to exclude a block of code --list-tags to list available tags +[Read more](http://docs.ansible.com/ansible/latest/playbooks_tags.html) + #### LIMIT You can limit an execution of your tasks to defined hosts @@ -350,6 +352,20 @@ You can use the jinja in the CLI too ```bash ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost ``` +In fact - jinja is used to template parts of the playbooks too +```yml +#check part of this playbook: playbooks/roles/sys_debug/tasks/debug_time.yml +- local_action: shell date +'%F %T' + register: ts + become: False + changed_when: False + +- name: Timestamp + debug: msg="{{ ts.stdout }}" + when: ts is defined and ts.stdout is defined + become: False + +``` #### Jinja2 filters Junja is powerfull. It has built-in many usefull functions. -- cgit v1.2.3 From 71ce506fc95d1aa8ed0b20f5a8b3687235639c0d Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:39:09 +0100 Subject: update --- ansible.html.markdown | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index bca1331c..a35bcf82 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -347,6 +347,16 @@ Some static content ``` Jinja may have some limitations, but it is a powerfull tool that you might like. +Please examine this simple example that install apache2 and generate index.html from the template +"playbooks/roles/simple_apache_role/templates/index.html" + +```bash +$ source environment.sh +$ # Now we would run the above playbook with roles +(venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_role.yml --tags apache2 +``` + + #### Jinja2 CLI You can use the jinja in the CLI too ```bash -- cgit v1.2.3 From 986813057bf9cee39100a0ca71fcebf82079aab9 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:40:25 +0100 Subject: update --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index a35bcf82..b6eeb8a6 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -385,7 +385,7 @@ Junja is powerfull. It has built-in many usefull functions. # if variable is undefined - use default value {{ some_variable | default('default_value') }} ``` -[Read More] +[Read More](http://docs.ansible.com/ansible/latest/playbooks_filters.html) ### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. -- cgit v1.2.3 From 7c5e5e67f60c1d8a450339e2477d66999762828d Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:47:54 +0100 Subject: update --- ansible.html.markdown | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b6eeb8a6..f4f504ec 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -408,7 +408,7 @@ $ export ANSIBLE_VAULT_PASSWORD_FILE=~/.ssh/secure_located_file $ ansible-playbook playbooks/vault_example.yml - # decrypt the file + # encrypt the file $ ansible-vault encrypt path/somefile # view the file @@ -428,13 +428,15 @@ You might like to know, that you can build your inventory dynamically. You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecaseses. +[AWS example](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script) + ```bash -$ etc/inv/ec2.py --refresh +$ etc/inv/ec2.py --refresh $ ansible -m ping all -i etc/inv/ec2.py ``` -Read also about `dynamic inventory` below +[Read more](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html) ### ansible profiling - callback It is ok that your playbook executes some time. Sometimes you may like to speed things up -- cgit v1.2.3 From 0c6ac5e17b26978fff44fd79457b41d1482c4b45 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:49:37 +0100 Subject: update --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index f4f504ec..3134bf83 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -439,7 +439,7 @@ $ ansible -m ping all -i etc/inv/ec2.py [Read more](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html) ### ansible profiling - callback -It is ok that your playbook executes some time. Sometimes you may like to speed things up +Playbook execution takes some time. It is OK. First make it run, then you may like to speed things up Since ansible 2.x there is bouilt-in callback for task execution profiling -- cgit v1.2.3 From 275c6eb59f3af0993314bfd2d090cfef724da569 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:51:14 +0100 Subject: update --- ansible.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 3134bf83..82e3f946 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -441,7 +441,7 @@ $ ansible -m ping all -i etc/inv/ec2.py ### ansible profiling - callback Playbook execution takes some time. It is OK. First make it run, then you may like to speed things up -Since ansible 2.x there is bouilt-in callback for task execution profiling +Since ansible 2.x there is built-in callback for task execution profiling ``` vi ansible.cfg @@ -467,7 +467,7 @@ fact_caching_timeout = 86400 ``` I like to use `jsonfile` as my backend. It allows to use another project -`ansible-cmdb` [github] that generates a HTML page of your inventory resources. A nice 'free' addition! +`ansible-cmdb` [github](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory resources. A nice 'free' addition! ### debugging ansible When your job fails - it is good to be effective with debugging. -- cgit v1.2.3 From 2e7311c4252ff13e4c604c28110418e92ab0ee75 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:54:39 +0100 Subject: update --- ansible.html.markdown | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 82e3f946..0f349c30 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -467,15 +467,18 @@ fact_caching_timeout = 86400 ``` I like to use `jsonfile` as my backend. It allows to use another project -`ansible-cmdb` [github](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory resources. A nice 'free' addition! +`ansible-cmdb` [(project on github)](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory resources. A nice 'free' addition! -### debugging ansible +### debugging ansible [chapter in progres] When your job fails - it is good to be effective with debugging. 1. Increase verbosiy by using multiple -v **[ -vvvvv]** -2. If variable is undefined +2. If variable is undefined + - grep -R path_of_your_inventory -e missing_variable 3. If variable (dictionary or a list) is undefined + - grep -R path_of_your_inventory -e missing_variable 4. Jinja template debug +5. Strange behaviour - try to run the code 'at the destination' ### Infrastructure as a code - what about Ansible You already know, that ansible-vault allow you to store your poufne data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. -- cgit v1.2.3 From 4cb6d9179414541ddcdba04044f38851ac4c4fba Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:58:35 +0100 Subject: update --- ansible.html.markdown | 38 ++------------------------------------ 1 file changed, 2 insertions(+), 36 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 0f349c30..ab77e5f4 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -23,7 +23,7 @@ $ pip install ansible $ apt-get install ansible ``` -* Appendix A - How do I install ansible +* [Appendix A - How do I install ansible](#infrastructure-as-a-code) * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) ### Your first ansible command (shell execution) @@ -480,7 +480,7 @@ When your job fails - it is good to be effective with debugging. 4. Jinja template debug 5. Strange behaviour - try to run the code 'at the destination' -### Infrastructure as a code - what about Ansible +### Infrastructure as a code You already know, that ansible-vault allow you to store your poufne data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additiinal benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. You can have multiple versions of Ansible present in the same time. This is very helpfull! @@ -499,30 +499,6 @@ $ source environment.1.9.sh # please note that you have both venv1.9 and venv2 present - you need to (de)activate one - that is all ``` -### Naming - -### Bonus - -### writing own module - -### Python API - -### Web-UI: Ansible Tower, Jenkins, Rundeck - -#### Ansible Tower -Ansible provides a Web User Interface called `Ansible Tower`. -It is a convienient way to run Ansible Playbooks, have proper user management, log retention, and cron (periodic jobs). - -Personaly I'm not a fan of it - it's to expensive for my cases, and the trial is 10 inventory-hosts only. - -For my usecases I hide the 'pure ansible' commands behind other projects. - -#### Rundeck -This is nice, secure interface, that allows you to execute a jobs of your choice (CLI, script, execution plan). -It can perform roling-deployment (without Ansible), can integrate with clouds, etc. - -#### Jenkins -For my 'business cases' I use Jenkins - it has a 'cron', jobs can be binded into 'pipelines'. #### become-user, become @@ -608,13 +584,3 @@ On the other hand - in advanced scope - you can use python anible code as a libr But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! - - - -# JM inventory dynamic aws ec2 -# vault -# roles - -#### ansible - dynamic in AWS -#### create instance in AWS -#### create env in AWS -- cgit v1.2.3 From 9a524f4cd1d2df67a727b0599504fd852d12c4a6 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 21:59:42 +0100 Subject: update --- ansible.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ab77e5f4..8a48076e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -389,7 +389,7 @@ Junja is powerfull. It has built-in many usefull functions. ### ansible-vault To maintain **ifrastructure as a code** you need to store secrets. - Ansible provides a way to encrypt the poufne files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. + Ansible provides a way to encrypt the confidential files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime. @@ -481,7 +481,7 @@ When your job fails - it is good to be effective with debugging. 5. Strange behaviour - try to run the code 'at the destination' ### Infrastructure as a code -You already know, that ansible-vault allow you to store your poufne data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. +You already know, that ansible-vault allow you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additiinal benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. You can have multiple versions of Ansible present in the same time. This is very helpfull! ```bash -- cgit v1.2.3 From 485db56931ea13d7be17a08aa0e97ba32228afb9 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:03:48 +0100 Subject: update --- ansible.html.markdown | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 8a48076e..76d03ede 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -482,7 +482,7 @@ When your job fails - it is good to be effective with debugging. ### Infrastructure as a code You already know, that ansible-vault allow you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. -See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additiinal benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. You can have multiple versions of Ansible present in the same time. This is very helpfull! +See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present in the same time. This is very helpfull! ```bash # recreate ansible 2.x venv @@ -501,6 +501,9 @@ $ source environment.1.9.sh ``` #### become-user, become +In Ansible - to become `sudo` - use the `become` parameter. Use `become_user` to specify the username. + +[Read more](http://docs.ansible.com/ansible/latest/become.html) ## Tips and tricks -- cgit v1.2.3 From 2d596b6c4f1eda1bdf906c84110da5c84ce69e39 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:07:51 +0100 Subject: update --- ansible.html.markdown | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 76d03ede..b83fb0c1 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -502,6 +502,14 @@ $ source environment.1.9.sh #### become-user, become In Ansible - to become `sudo` - use the `become` parameter. Use `become_user` to specify the username. +``` +- name: Ensure the httpd service is running + service: + name: httpd + state: started + become: true +``` +Note: You may like to execute Ansible with `--ask-sudo-pass` or add the user to sudoers file in order to allow non-supervised execution if you require 'admin' privilages. [Read more](http://docs.ansible.com/ansible/latest/become.html) -- cgit v1.2.3 From 03060af4f717a4ebdd80236329d24da3a439c223 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:10:59 +0100 Subject: update --- ansible.html.markdown | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index b83fb0c1..891f20ac 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -538,14 +538,14 @@ ansible -m ping web*:!backend:monitoring:&allow_change #### Tagging You should tag some (not all) objects - a task in a playbook, all tasks included form a role, etc. -It allwos you to execute the choosen parts of the playbook. +It allows you to execute the choosen parts of the playbook. #### no_logs: True You may see, that some roles print a lot of output in verbose mode. There is also a debug module. This is the place where credentials may leak. Use `no_log` to hide the output. #### Debug module -allows to print a value to the screen +allows to print a value to the screen - use it! #### Register the output of a task You can register the output (stdout), rc (return code), stderr of a task with the `register` command. @@ -554,6 +554,8 @@ You can register the output (stdout), rc (return code), stderr of a task with th #### Loop: with, with_items, with_dict, with_together +[Read more](http://docs.ansible.com/ansible/latest/playbooks_conditionals.html) + ## Introduction Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. -- cgit v1.2.3 From 8c681ba025b9b3b68ef802a3a85c7d7a082e1b99 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:14:27 +0100 Subject: update --- ansible.html.markdown | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 891f20ac..ece6087e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -570,20 +570,20 @@ Ansible have great integration with multiple operating systems (even Windows) an ### Cons -It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. -It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) -Official GUI Tool (web inferface) - Ansible Tower - is more than GUI, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. - + It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. + It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) + Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. + ### Pros -It is an agent-less tools In most scenarios, it use ssh as a transport layer. -In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' -I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! -It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) -Documentation is at the world-class standard! -The comunity (github, stackOverflow) would help you very fast. -Writing own modules and extension is fairly easy. + It is an agent-less tools In most scenarios, it use ssh as a transport layer. + In some way you can use it as 'bash on steroids'. + It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' + I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! + It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) + Documentation is at the world-class standard! + The comunity (github, stackOverflow) would help you very fast. + Writing own modules and extension is fairly easy. ### Neutral -- cgit v1.2.3 From 2ba076f0b0e33b8e5520a28a3a66ea623e1f2034 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:18:10 +0100 Subject: update --- ansible.html.markdown | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ece6087e..421b5b59 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -570,20 +570,20 @@ Ansible have great integration with multiple operating systems (even Windows) an ### Cons - It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. - It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) - Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. - +It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. +It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) +Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. + ### Pros - It is an agent-less tools In most scenarios, it use ssh as a transport layer. - In some way you can use it as 'bash on steroids'. - It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' - I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! - It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) - Documentation is at the world-class standard! - The comunity (github, stackOverflow) would help you very fast. - Writing own modules and extension is fairly easy. +It is an agent-less tools In most scenarios, it use ssh as a transport layer. +In some way you can use it as 'bash on steroids'. +It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! +It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) +Documentation is at the world-class standard! +The comunity (github, stackOverflow) would help you very fast. +Writing own modules and extension is fairly easy. ### Neutral @@ -591,9 +591,9 @@ Migration Ansible<->Salt is failrly easy - so if you would need an event-driven ## Basics on ansible -Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). -On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. +Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. +In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! -- cgit v1.2.3 From e6036b20527c96e0db5a78d17a8e9029bd76a656 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:21:33 +0100 Subject: update --- ansible.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 421b5b59..ffd7f244 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -14,6 +14,7 @@ filename: LearnAnsible.txt ``` + ## Installation ```bash # Universal way @@ -571,7 +572,7 @@ Ansible have great integration with multiple operating systems (even Windows) an ### Cons It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. -It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism taht would warn you about some change automatically (this can be achieved with reasonable effort - but it must be known) +It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. ### Pros -- cgit v1.2.3 From 487db1817eead3fe38887e96038606980ad671e8 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Mon, 1 Jan 2018 22:29:17 +0100 Subject: update --- ansible.html.markdown | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index ffd7f244..74195222 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -566,35 +566,35 @@ Of course the rabit hole is way deeper.' Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) +But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMMUNITY! and great support by developers! -## Main cons and pros -### Cons +### Main cons and pros + +#### Cons It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. -### Pros +#### Pros It is an agent-less tools In most scenarios, it use ssh as a transport layer. In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know ansible (ALMOST). My personal record is: 'I did show how to install and use ansible (for simple raspberry pi cluster management) and it tool me 30 seconds to deliver a working tool !!!)' +It is very-very-very easy to start. If you are familiar with ssh concept - you already know Ansible (ALMOST). My personal record is: 'I did show "how to install and use ansible" (for simple raspberry pi cluster management) - it took me 30 seconds to deliver a complete working example !!!)' I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! -It executes when you do it - other tools (salt, puppet, chef - might execute in different scenario than you would expect) +It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) Documentation is at the world-class standard! The comunity (github, stackOverflow) would help you very fast. Writing own modules and extension is fairly easy. - -### Neutral +#### Neutral Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. -## Basics on ansible +#### Some concepts Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -In the 'low-level' way you can use it to execute remote command in more controlled way (still using ssh). -On the other hand - in advanced scope - you can use python anible code as a library to your own python scrips! This is awesome! (if you know what you are doing). It is a bit like fabric then. +The simplest way is to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can wrap Ansible (use python Ansible code as a library) with your own Python scrips! This is awesome! It would act a bit like Fabric then. -But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMUNITY! and great support by developers! -- cgit v1.2.3 From 30b7e84f2642dc4182d3c1333ffe14fdaddd6f5b Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 May 2018 12:03:43 +0200 Subject: add example playbook --- ansible.html.markdown | 74 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 68 insertions(+), 6 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 74195222..d02ca1ce 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -6,14 +6,73 @@ contributors: filename: LearnAnsible.txt --- -## Ansible: the easiest orchestration tool - -```yaml --- -"{{ Explanation: Why Ansible and detailed Intro }}" written in the second part of document +"{{ Ansible }}" is an orchestration tool written in Python. ``` +## Example +An example playbook to install apache and configure log level +```yml +--- +- hosts: apache + + vars: + apache2_log_level: "warn" + + handlers: + - name: restart apache + service: + name: apache2 + state: restarted + enabled: True + notify: + - Wait for instances to listen on port 80 + become: True + + - name: reload apache + service: + name: apache2 + state: reloaded + notify: + - Wait for instances to listen on port 80 + become: True + + - name: Wait for instances to listen on port 80 + wait_for: + state: started + host: localhost + port: 80 + timeout: 15 + delay: 5 + + tasks: + - name: Update cache + apt: + update_cache: yes + cache_valid_time: 7200 + become: True + + - name: Install packages + apt: + name={{ item }} + with_items: + - apache2 + - logrotate + notify: + - restart apache + become: True + + - name: Configure apache2 log level + lineinfile: + dest: /etc/apache2/apache2.conf + line: "LogLevel {{ apache2_log_level }}" + regexp: "^LogLevel" + notify: + - reload apache + become: True + +``` ## Installation ```bash @@ -29,7 +88,7 @@ $ apt-get install ansible ### Your first ansible command (shell execution) ```bash -# This command ping the localhost (defined in default inventory /etc/ansible/hosts) +# This command ping the localhost (defined in default inventory: /etc/ansible/hosts) $ ansible -m ping localhost # you should see this output localhost | SUCCESS => { @@ -231,12 +290,15 @@ For now you should know that CLI variables have the top priority. You should also know, that a nice way to pool some data is a **lookup** ### Lookups +Awesome tool to query data from various sources!!! Awesome! query from: -* pipe +* pipe (load shell command output into variable!) * file * stream * etcd +* password management tools +* url ```bash # read playbooks/lookup.yml -- cgit v1.2.3 From 2af6679e91bdaf055cc969e7fbf7c2585f744e43 Mon Sep 17 00:00:00 2001 From: sirkubax Date: Tue, 15 May 2018 12:06:16 +0200 Subject: add example playbook --- ansible.html.markdown | 1 + 1 file changed, 1 insertion(+) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index d02ca1ce..a319a89d 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -6,6 +6,7 @@ contributors: filename: LearnAnsible.txt --- +```yml --- "{{ Ansible }}" is an orchestration tool written in Python. -- cgit v1.2.3 From 70a2200201f4d3d91ca9f08902dd16d653b10cd2 Mon Sep 17 00:00:00 2001 From: Will Fife Date: Tue, 30 Oct 2018 13:04:56 -0700 Subject: Update Ansible docs (#3353) - Add the additional resources section - change instances of ```yml to ```yaml for consistency - Remove extra trailing whitespace --- ansible.html.markdown | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index a319a89d..cb365e0f 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -6,7 +6,7 @@ contributors: filename: LearnAnsible.txt --- -```yml +```yaml --- "{{ Ansible }}" is an orchestration tool written in Python. @@ -14,7 +14,7 @@ filename: LearnAnsible.txt ## Example An example playbook to install apache and configure log level -```yml +```yaml --- - hosts: apache @@ -163,7 +163,7 @@ This example-playbook would execute (on all hosts defined in the inventory) two * `ping` that would return message *pong* * `shell` that execute three commands and return the output to our terminal -```yml +```yaml - hosts: all tasks: @@ -213,7 +213,7 @@ It is a great way to introduce `object oriented` management for your application Role can be included in your playbook (executed via your playbook). -```yml +```yaml - hosts: all tasks: @@ -427,7 +427,7 @@ You can use the jinja in the CLI too ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost ``` In fact - jinja is used to template parts of the playbooks too -```yml +```yaml #check part of this playbook: playbooks/roles/sys_debug/tasks/debug_time.yml - local_action: shell date +'%F %T' register: ts @@ -638,18 +638,19 @@ But ansible is way more! It provides an execution plans, an API, library, callba It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) -Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan. Easy workaround with Rundeck or Jenkins is possible with reasonable workload. +Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan, however Ansible AWX is the free open source version we were all waiting for. #### Pros -It is an agent-less tools In most scenarios, it use ssh as a transport layer. +It is an agent-less tools In most scenarios, it use ssh as a transport layer. In some way you can use it as 'bash on steroids'. It is very-very-very easy to start. If you are familiar with ssh concept - you already know Ansible (ALMOST). My personal record is: 'I did show "how to install and use ansible" (for simple raspberry pi cluster management) - it took me 30 seconds to deliver a complete working example !!!)' I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) Documentation is at the world-class standard! The comunity (github, stackOverflow) would help you very fast. -Writing own modules and extension is fairly easy. +Writing own modules and extension is fairly easy. +Ansible AWX is the open source version of Ansible Tower we have been waiting for, which provides an excellent UI. #### Neutral Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. @@ -657,7 +658,12 @@ Migration Ansible<->Salt is failrly easy - so if you would need an event-driven #### Some concepts Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -The simplest way is to execute remote command in more controlled way (still using ssh). +The simplest way is to execute remote command in more controlled way (still using ssh). On the other hand - in advanced scope - you can wrap Ansible (use python Ansible code as a library) with your own Python scrips! This is awesome! It would act a bit like Fabric then. +## Additional Resources +* [Servers For Hackers: An Ansible Tutorial](https://serversforhackers.com/c/an-ansible-tutorial) +* [A system administrator's guide to getting started with Ansible - FAST!](https://www.redhat.com/en/blog/system-administrators-guide-getting-started-ansible-fast) +* [Ansible Tower](https://www.ansible.com/products/tower) - Ansible Tower provides a web UI, dashboard and rest interface to ansible. +* [Ansible AWX](https://github.com/ansible/awx) - The Open Sourc version of Ansible Tower. \ No newline at end of file -- cgit v1.2.3 From fd872bdf2675ee66db02adc2d2d4c5405ced4c60 Mon Sep 17 00:00:00 2001 From: Pat Myron Date: Wed, 14 Nov 2018 19:00:54 -0500 Subject: Spelling / Grammar --- ansible.html.markdown | 52 +++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index cb365e0f..60c69161 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -108,14 +108,14 @@ There are few commands you should know about * and other! ### Module -_program (usally python) that execute, do some work and return proper JSON output_ +_program (usually python) that execute, do some work and return proper JSON output_ This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. Example of modules: -* Module: `ping` - the simplest module that is usefull to verify host connectivity +* Module: `ping` - the simplest module that is useful to verify host connectivity * Module: `shell` - a module that executes shell command on a specified host(s). Example of execution - `ping`, `shell` @@ -136,7 +136,7 @@ $ ansible -m command -a 'whoami' all ``` * Module: `file` - performs file operations (stat, link, dir, ...) -* Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (usefull to install python2.7) +* Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (useful to install python2.7) ### Task Execution of a single Ansible **module** is called a **task** @@ -182,7 +182,7 @@ _Note: Example playbook is explained in the next chapter: 'Roles' ### More on ansible concept ### Inventory -Inventory is a set of an objects or hosts, against which we are executing our playbooks or single tasks via shell commands +Inventory is a set of objects or hosts, against which we are executing our playbooks or single tasks via shell commands For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) `/etc/ansible/hosts` @@ -207,7 +207,7 @@ some_other_group A concept called `role` was introduced for parts of the code (playbooks) that should be reusable. **Role** is a structured way to manage your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). -Role allows to reuse the same parts of code in multiple plybooks (you can parametrize the role 'further' during it's execution). +Role allows to reuse the same parts of code in multiple playbooks (you can parametrize the role 'further' during it's execution). It is a great way to introduce `object oriented` management for your applications. Role can be included in your playbook (executed via your playbook). @@ -237,7 +237,7 @@ This example install ansible in `virtualenv` so it is independend from a system. We are going to use repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes ```bash -$ # The folowing example contains a shell-prompt to indicate the venv and relative path +$ # The following example contains a shell-prompt to indicate the venv and relative path $ git clone git@github.com:sirkubax/ansible-for-learnXinYminutes.git user@host:~/$ cd ansible-for-learnXinYminutes user@host:~/ansible-for-learnXinYminutes$ source environment.sh @@ -268,8 +268,8 @@ roles/ ``` #### Role Handlers -Handlers are a tasks that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. -It is a best way to restart a service, check if application port is active (successfull deployment criteria), etc. +Handlers are tasks that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. +It is a best way to restart a service, check if application port is active (successful deployment criteria), etc. Please get familiar how you can use role in simple_apache_role example ``` @@ -321,7 +321,7 @@ ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe" ### Register and Conditional #### Register -Another way to dynamicaly generate the variable content is a `register` command. +Another way to dynamically generate the variable content is a `register` command. `Register` is also useful to store an output of a task, and use it's value as a logic for execution further tasks. ``` @@ -354,7 +354,7 @@ for execution further tasks. ``` #### Conditionals - when: -You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamicly generated in previous playbook steps with `register` or `lookup`) +You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamically generated in previous playbook steps with `register` or `lookup`) ```yaml --- @@ -398,7 +398,7 @@ You can limit an execution of your tasks to defined hosts ### Templates -Template is a powerfull way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. +Template is a powerful way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. ```jinja2 Some static content @@ -409,7 +409,7 @@ Some static content this line item is {{ item }} {% endfor %} ``` -Jinja may have some limitations, but it is a powerfull tool that you might like. +Jinja may have some limitations, but it is a powerful tool that you might like. Please examine this simple example that install apache2 and generate index.html from the template "playbooks/roles/simple_apache_role/templates/index.html" @@ -442,7 +442,7 @@ In fact - jinja is used to template parts of the playbooks too ``` #### Jinja2 filters -Junja is powerfull. It has built-in many usefull functions. +Jinja is powerful. It has built-in many useful functions. ```jinja # get first item of the list {{ some_list | first() }} @@ -452,7 +452,7 @@ Junja is powerfull. It has built-in many usefull functions. [Read More](http://docs.ansible.com/ansible/latest/playbooks_filters.html) ### ansible-vault -To maintain **ifrastructure as a code** you need to store secrets. +To maintain **infrastructure as code** you need to store secrets. Ansible provides a way to encrypt the confidential files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime. @@ -490,7 +490,7 @@ You might like to know, that you can build your inventory dynamically. (For Ansible) inventory is just a JSON with proper structure - if you can deliver that to ansible - anything is possible. -You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecaseses. +You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecases. [AWS example](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script) @@ -514,8 +514,8 @@ callback_whitelist = profile_tasks ``` ### facts-cache and ansible-cmdb -You can pool some infrmations of you environment from another hosts. -If the informations does not change - you may consider using a facts_cache to speed things up. +You can pool some information of you environment from another hosts. +If the information does not change - you may consider using a facts_cache to speed things up. ``` vi ansible.cfg @@ -533,7 +533,7 @@ fact_caching_timeout = 86400 I like to use `jsonfile` as my backend. It allows to use another project `ansible-cmdb` [(project on github)](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory resources. A nice 'free' addition! -### debugging ansible [chapter in progres] +### debugging ansible [chapter in progress] When your job fails - it is good to be effective with debugging. 1. Increase verbosiy by using multiple -v **[ -vvvvv]** @@ -546,7 +546,7 @@ When your job fails - it is good to be effective with debugging. ### Infrastructure as a code You already know, that ansible-vault allow you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. -See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present in the same time. This is very helpfull! +See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present in the same time. This is very helpful! ```bash # recreate ansible 2.x venv @@ -583,7 +583,7 @@ Note: You may like to execute Ansible with `--ask-sudo-pass` or add the user to Always make sure that your playbook can executes in 'dry run' mode (--check), and it's execution is not declaring 'Changed' objects. #### --diff -D -Diff is usefull to see nice detail of the files changed +Diff is useful to see nice detail of the files changed It compare 'in memory' the files like `diff -BbruN fileA fileB` @@ -602,7 +602,7 @@ ansible -m ping web*:!backend:monitoring:&allow_change #### Tagging You should tag some (not all) objects - a task in a playbook, all tasks included form a role, etc. -It allows you to execute the choosen parts of the playbook. +It allows you to execute the chosen parts of the playbook. #### no_logs: True You may see, that some roles print a lot of output in verbose mode. There is also a debug module. @@ -622,9 +622,9 @@ You can register the output (stdout), rc (return code), stderr of a task with th ## Introduction -Ansible is (one of the many) orchestration tools. It allows you to controll your environment (infrastructure and a code) and automate the manual tasks. +Ansible is (one of the many) orchestration tools. It allows you to control your environment (infrastructure and a code) and automate the manual tasks. 'You can think as simple as writing in bash with python API -Of course the rabit hole is way deeper.' +Of course the rabbit hole is way deeper.' Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) @@ -648,12 +648,12 @@ It is very-very-very easy to start. If you are familiar with ssh concept - you a I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) Documentation is at the world-class standard! -The comunity (github, stackOverflow) would help you very fast. +The community (github, stackOverflow) would help you very fast. Writing own modules and extension is fairly easy. Ansible AWX is the open source version of Ansible Tower we have been waiting for, which provides an excellent UI. #### Neutral -Migration Ansible<->Salt is failrly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. +Migration Ansible<->Salt is fairly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. #### Some concepts @@ -666,4 +666,4 @@ On the other hand - in advanced scope - you can wrap Ansible (use python Ansible * [Servers For Hackers: An Ansible Tutorial](https://serversforhackers.com/c/an-ansible-tutorial) * [A system administrator's guide to getting started with Ansible - FAST!](https://www.redhat.com/en/blog/system-administrators-guide-getting-started-ansible-fast) * [Ansible Tower](https://www.ansible.com/products/tower) - Ansible Tower provides a web UI, dashboard and rest interface to ansible. -* [Ansible AWX](https://github.com/ansible/awx) - The Open Sourc version of Ansible Tower. \ No newline at end of file +* [Ansible AWX](https://github.com/ansible/awx) - The Open Source version of Ansible Tower. -- cgit v1.2.3 From 1bb9ed394114c4487e947c2a3ee29d7aec805efb Mon Sep 17 00:00:00 2001 From: Pat Myron Date: Thu, 15 Nov 2018 16:49:18 -0500 Subject: Additional spelling / grammar https://github.com/adambard/learnxinyminutes-docs/pull/3392 --- ansible.html.markdown | 58 +++++++++++++++++++++++++-------------------------- 1 file changed, 29 insertions(+), 29 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 60c69161..5d225a80 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -3,6 +3,7 @@ category: tool tool: ansible contributors: - ["Jakub Muszynski" , "http://github.com/sirkubax"] + - ["Pat Myron" , "https://github.com/patmyron"] filename: LearnAnsible.txt --- @@ -108,9 +109,9 @@ There are few commands you should know about * and other! ### Module -_program (usually python) that execute, do some work and return proper JSON output_ +A program (usually python) that executes, does some work and returns proper JSON output -This *program* perform specialized task/action (like manage instances in the cloud, execute shell command). +This program performs specialized task/action (like manage instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. @@ -183,7 +184,7 @@ _Note: Example playbook is explained in the next chapter: 'Roles' ### Inventory Inventory is a set of objects or hosts, against which we are executing our playbooks or single tasks via shell commands -For this few minutes, lets asume that we are using default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) +For these few minutes, let's assume that we are using the default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) `/etc/ansible/hosts` ``` @@ -207,7 +208,7 @@ some_other_group A concept called `role` was introduced for parts of the code (playbooks) that should be reusable. **Role** is a structured way to manage your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). -Role allows to reuse the same parts of code in multiple playbooks (you can parametrize the role 'further' during it's execution). +Roles allow reusing the same parts of code in multiple playbooks (you can parametrize the role 'further' during its execution). It is a great way to introduce `object oriented` management for your applications. Role can be included in your playbook (executed via your playbook). @@ -234,7 +235,7 @@ Role can be included in your playbook (executed via your playbook). #### For remaining examples we would use additional repository This example install ansible in `virtualenv` so it is independend from a system. You need to initialize it into your shell-context with `source environment.sh` command. -We are going to use repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes +We are going to use this repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes ```bash $ # The following example contains a shell-prompt to indicate the venv and relative path @@ -268,10 +269,10 @@ roles/ ``` #### Role Handlers -Handlers are tasks that can be triggered (notified) during execution of a playbook, but they itself execute at the very end of a playbook. -It is a best way to restart a service, check if application port is active (successful deployment criteria), etc. +Handlers are tasks that can be triggered (notified) during execution of a playbook, but they execute at the very end of a playbook. +It is the best way to restart a service, check if the application port is active (successful deployment criteria), etc. -Please get familiar how you can use role in simple_apache_role example +Get familiar with how you can use roles in the simple_apache_role example ``` playbooks/roles/simple_apache_role/ ├── tasks @@ -321,9 +322,9 @@ ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe" ### Register and Conditional #### Register -Another way to dynamically generate the variable content is a `register` command. -`Register` is also useful to store an output of a task, and use it's value as a logic -for execution further tasks. +Another way to dynamically generate the variable content is the `register` command. +`Register` is also useful to store an output of a task and use its value +for executing further tasks. ``` (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/register_and_when.yml ``` @@ -398,7 +399,7 @@ You can limit an execution of your tasks to defined hosts ### Templates -Template is a powerful way to deliver some (partially) dynamic content. Ansible uses **Jinja2** langueage to describe the template. +Templates are a powerful way to deliver some (partially) dynamic content. Ansible uses **Jinja2** language to describe the template. ```jinja2 Some static content @@ -411,7 +412,7 @@ Some static content ``` Jinja may have some limitations, but it is a powerful tool that you might like. -Please examine this simple example that install apache2 and generate index.html from the template +Please examine this simple example that installs apache2 and generates index.html from the template "playbooks/roles/simple_apache_role/templates/index.html" ```bash @@ -442,7 +443,7 @@ In fact - jinja is used to template parts of the playbooks too ``` #### Jinja2 filters -Jinja is powerful. It has built-in many useful functions. +Jinja is powerful. It has many built-in useful functions. ```jinja # get first item of the list {{ some_list | first() }} @@ -453,9 +454,9 @@ Jinja is powerful. It has built-in many useful functions. ### ansible-vault To maintain **infrastructure as code** you need to store secrets. - Ansible provides a way to encrypt the confidential files so you can store it in the repository, yet the files are decrypted in-fly during ansible execution. + Ansible provides a way to encrypt confidential files so you can store them in the repository, yet the files are decrypted on-the-fly during ansible execution. -The best way to use the **ansible-vault** is to store the secret in some secure location, and configure ansible to use during runtime. +The best way to use it is to store the secret in some secure location, and configure ansible to use during runtime. ```bash # Try (this would fail) @@ -488,9 +489,9 @@ $ ansible-vault decrypt path/somefile ### dynamic inventory You might like to know, that you can build your inventory dynamically. -(For Ansible) inventory is just a JSON with proper structure - if you can deliver that to ansible - anything is possible. +(For Ansible) inventory is just JSON with proper structure - if you can deliver that to ansible - anything is possible. -You do not need to invent the wheel - there are plenty ready to use inventory script for most popular Cloud provicers and a lot of in-house popular usecases. +You do not need to reinvent the wheel - there are plenty of ready to use inventory scripts for most popular Cloud providers and a lot of in-house popular usecases. [AWS example](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script) @@ -514,7 +515,7 @@ callback_whitelist = profile_tasks ``` ### facts-cache and ansible-cmdb -You can pool some information of you environment from another hosts. +You can pull some information about your environment from another hosts. If the information does not change - you may consider using a facts_cache to speed things up. ``` @@ -536,7 +537,7 @@ I like to use `jsonfile` as my backend. It allows to use another project ### debugging ansible [chapter in progress] When your job fails - it is good to be effective with debugging. -1. Increase verbosiy by using multiple -v **[ -vvvvv]** +1. Increase verbosity by using multiple -v **[ -vvvvv]** 2. If variable is undefined - grep -R path_of_your_inventory -e missing_variable 3. If variable (dictionary or a list) is undefined @@ -544,9 +545,9 @@ When your job fails - it is good to be effective with debugging. 4. Jinja template debug 5. Strange behaviour - try to run the code 'at the destination' -### Infrastructure as a code -You already know, that ansible-vault allow you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. -See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privilages user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present in the same time. This is very helpful! +### Infrastructure as code +You already know, that ansible-vault allows you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. +See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privileged user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present at the same time. ```bash # recreate ansible 2.x venv @@ -580,7 +581,7 @@ Note: You may like to execute Ansible with `--ask-sudo-pass` or add the user to ## Tips and tricks #### --check -C -Always make sure that your playbook can executes in 'dry run' mode (--check), and it's execution is not declaring 'Changed' objects. +Always make sure that your playbook can execute in 'dry run' mode (--check), and its execution is not declaring 'Changed' objects. #### --diff -D Diff is useful to see nice detail of the files changed @@ -622,11 +623,11 @@ You can register the output (stdout), rc (return code), stderr of a task with th ## Introduction -Ansible is (one of the many) orchestration tools. It allows you to control your environment (infrastructure and a code) and automate the manual tasks. +Ansible is (one of the many) orchestration tools. It allows you to control your environment (infrastructure and code) and automate the manual tasks. 'You can think as simple as writing in bash with python API Of course the rabbit hole is way deeper.' -Ansible have great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the could providers. Almost every worth-notice cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) +Ansible has great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the cloud providers. Almost every noteworthy cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMMUNITY! and great support by developers! @@ -644,12 +645,11 @@ Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensiv It is an agent-less tools In most scenarios, it use ssh as a transport layer. In some way you can use it as 'bash on steroids'. -It is very-very-very easy to start. If you are familiar with ssh concept - you already know Ansible (ALMOST). My personal record is: 'I did show "how to install and use ansible" (for simple raspberry pi cluster management) - it took me 30 seconds to deliver a complete working example !!!)' -I do provide a training services - I'm able to teach a production-ready person - in 8 hours (1 training day)! It covers all needed to work aspects! No other tool can match this ease of use! +It is very easy to start. If you are familiar with ssh concept - you already know Ansible (ALMOST). It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) Documentation is at the world-class standard! The community (github, stackOverflow) would help you very fast. -Writing own modules and extension is fairly easy. +Writing your own modules and extensions is fairly easy. Ansible AWX is the open source version of Ansible Tower we have been waiting for, which provides an excellent UI. #### Neutral -- cgit v1.2.3 From 3b70e25a03aff62ef4bc91e4e0c1c8ca29cd750a Mon Sep 17 00:00:00 2001 From: Divay Prakash Date: Sat, 17 Nov 2018 23:21:39 +0530 Subject: [ansible/en] Fix build error and styling (#3399) --- ansible.html.markdown | 452 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 272 insertions(+), 180 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 5d225a80..2669e5fe 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -4,17 +4,78 @@ tool: ansible contributors: - ["Jakub Muszynski" , "http://github.com/sirkubax"] - ["Pat Myron" , "https://github.com/patmyron"] + - ["Divay Prakash", "https://github.com/divayprakash"] filename: LearnAnsible.txt --- +## Introduction + ```yaml --- "{{ Ansible }}" is an orchestration tool written in Python. - +... ``` +Ansible is (one of many) orchestration tools. It allows you to control your +environment (infrastructure and code) and automate the manual tasks. +'You can think as simple as writing in bash with python API, +Of course the rabbit hole is way deeper.' + +Ansible has great integration with multiple operating systems (even Windows) +and some hardware (switches, Firewalls, etc). It has multiple tools that +integrate with the cloud providers. Almost every noteworthy cloud provider is +present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...). + +But ansible is way more! It provides an execution plans, an API, library, +callbacks, not forget to mention - COMMUNITY! and great support by developers! + +### Main pros and cons + +#### Pros + +* It is an agent-less tools In most scenarios, it use ssh as a transport layer. +In some way you can use it as 'bash on steroids'. +* It is very easy to start. If you are familiar with ssh concept - you already +know Ansible (ALMOST). +* It executes 'as is' - other tools (salt, puppet, chef - might execute in +different scenario than you would expect) +* Documentation is at the world-class standard! +* The community (github, stackOverflow) would help you very fast. +* Writing your own modules and extensions is fairly easy. +* Ansible AWX is the open source version of Ansible Tower we have been waiting +for, which provides an excellent UI. + +#### Cons + +* It is an agent-less tool - every agent consumes up to 16MB ram - in some +environments, it may be noticable amount. +* It is agent-less - you have to verify your environment consistency +'on-demand' - there is no built-in mechanism that would warn you about some +change automatically (this can be achieved with reasonable effort) +* Official GUI Tool (web inferface) - Ansible Tower - is great, but it is +expensive. +* There is no 'small enterprice' payment plan, however Ansible AWX is the free +open source version we were all waiting for. + +#### Neutral + +Migration - Ansible <-> Salt is fairly easy - so if you would need an +event-driven agent environment - it would be a good choice to start quick with +Ansible, and convert to Salt when needed. + +#### Some concepts + +Ansible uses ssh or paramiko as a transport layer. In a way you can imagine +that you are using a ssh with API to perform your action. The simplest way is +to execute remote command in more controlled way (still using ssh). +On the other hand - in advanced scope - you can wrap Ansible (use python Ansible +code as a library) with your own Python scrips! This is awesome! It would act a +bit like Fabric then. + ## Example + An example playbook to install apache and configure log level + ```yaml --- - hosts: apache @@ -24,39 +85,39 @@ An example playbook to install apache and configure log level handlers: - name: restart apache - service: + service: name: apache2 state: restarted enabled: True - notify: + notify: - Wait for instances to listen on port 80 become: True - name: reload apache - service: + service: name: apache2 state: reloaded - notify: + notify: - Wait for instances to listen on port 80 become: True - name: Wait for instances to listen on port 80 - wait_for: - state: started - host: localhost - port: 80 - timeout: 15 + wait_for: + state: started + host: localhost + port: 80 + timeout: 15 delay: 5 tasks: - - name: Update cache - apt: - update_cache: yes + - name: Update cache + apt: + update_cache: yes cache_valid_time: 7200 become: True - name: Install packages - apt: + apt: name={{ item }} with_items: - apache2 @@ -66,40 +127,43 @@ An example playbook to install apache and configure log level become: True - name: Configure apache2 log level - lineinfile: + lineinfile: dest: /etc/apache2/apache2.conf line: "LogLevel {{ apache2_log_level }}" regexp: "^LogLevel" notify: - reload apache become: True - +... ``` ## Installation + ```bash # Universal way $ pip install ansible # Debian, Ubuntu $ apt-get install ansible - ``` + * [Appendix A - How do I install ansible](#infrastructure-as-a-code) * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_installation.html) ### Your first ansible command (shell execution) + ```bash -# This command ping the localhost (defined in default inventory: /etc/ansible/hosts) +# Command pings localhost (defined in default inventory: /etc/ansible/hosts) $ ansible -m ping localhost -# you should see this output +# You should see this output localhost | SUCCESS => { - "changed": false, + "changed": false, "ping": "pong" } - ``` + ### Shell Commands + There are few commands you should know about * `ansible` (to run modules in CLI) @@ -109,11 +173,11 @@ There are few commands you should know about * and other! ### Module -A program (usually python) that executes, does some work and returns proper JSON output - -This program performs specialized task/action (like manage instances in the cloud, execute shell command). -The simplest module is called `ping` - it just returns a JSON with `pong` message. +A program (usually python) that executes, does some work and returns proper +JSON output. This program performs specialized task/action (like manage +instances in the cloud, execute shell command). The simplest module is called +`ping` - it just returns a JSON with `pong` message. Example of modules: * Module: `ping` - the simplest module that is useful to verify host connectivity @@ -126,67 +190,74 @@ $ ansible -m ping all $ ansible -m shell -a 'date; whoami' localhost #hostname_or_a_group_name ``` -* Module: `command` - executes a single command that will not be processed through the shell, so variables like $HOME or operands like `|` `;` will not work. The command module is more secure, because it will not be affected by the user’s environment. For more complex command - use shell module. - +* Module: `command` - executes a single command that will not be processed +through the shell, so variables like `$HOME` or operands like ``|` `;`` will not +work. The command module is more secure, because it will not be affected by the +user’s environment. For more complex commands - use shell module. ```bash $ ansible -m command -a 'date; whoami' # FAILURE - $ ansible -m command -a 'date' all $ ansible -m command -a 'whoami' all ``` -* Module: `file` - performs file operations (stat, link, dir, ...) -* Module: `raw` - executes a low-down and dirty SSH command, not going through the module subsystem (useful to install python2.7) +* Module: `file` - performs file operations (stat, link, dir, ...) +* Module: `raw` - executes a low-down and dirty SSH command, not going through +the module subsystem (useful to install python2.7) ### Task - Execution of a single Ansible **module** is called a **task** - The simplest module is called `ping` as you could see above - - Another example of the module that allow you to execute command remotly on multiple resources is called `shell`. See above how you were using them already. +Execution of a single Ansible **module** is called a **task**. The simplest +module is called `ping` as you could see above. +Another example of the module that allow you to execute command remotly on +multiple resources is called `shell`. See above how you were using them already. ### Playbook + **Execution plan** written in a form of script file(s) is called **playbook**. -Playbook consist of multiple elements +Playbook consist of multiple elements - * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed * multiple optional settings (like default variables, and way more) -Playbook script language is YAML. +Playbook script language is YAML. You can think that playbook is very advanced +CLI script that you are executing. -You can think that playbook is very advanced CLI script that you are executing. +#### Example of the playbook - -#### Example of the playbook: -This example-playbook would execute (on all hosts defined in the inventory) two tasks: +This example-playbook would execute (on all hosts defined in inventory) two tasks: * `ping` that would return message *pong* * `shell` that execute three commands and return the output to our terminal ```yaml - hosts: all - + tasks: - name: "ping all" ping: - + - name: "execute a shell command" shell: "date; whoami; df -h;" ``` Run the playbook with the command: + ```bash $ ansible-playbook path/name_of_the_playbook.yml ``` -_Note: Example playbook is explained in the next chapter: 'Roles' + +Note: Example playbook is explained in the next chapter: 'Roles' + ### More on ansible concept ### Inventory -Inventory is a set of objects or hosts, against which we are executing our playbooks or single tasks via shell commands -For these few minutes, let's assume that we are using the default ansible inventory (which in Debian based system is placed in /etc/ansible/hosts) -`/etc/ansible/hosts` +Inventory is a set of objects or hosts, against which we are executing our +playbooks or single tasks via shell commands. For these few minutes, let's +assume that we are using the default ansible inventory (which in Debian based +system is placed in `/etc/ansible/hosts`). + ``` localhost @@ -198,18 +269,23 @@ hostB.localdomain [a_group_of_a_groups:children] some_group some_other_group - ``` + * [Additional Reading.](http://docs.ansible.com/ansible/latest/intro_inventory.html) + ### ansible-roles (a 'template-playbooks' with right structure) - You already know that the tasks (modules) can be run via CLI. You also know the playbooks - the execution plans of multiple tasks (with variables and logic). +You already know that the tasks (modules) can be run via CLI. You also know the +playbooks - the execution plans of multiple tasks (with variables and logic). -A concept called `role` was introduced for parts of the code (playbooks) that should be reusable. +A concept called `role` was introduced for parts of the code (playbooks) that +should be reusable. -**Role** is a structured way to manage your set of tasks, variables, handlers, default settings, and way more (meta, files, templates). -Roles allow reusing the same parts of code in multiple playbooks (you can parametrize the role 'further' during its execution). -It is a great way to introduce `object oriented` management for your applications. +**Role** is a structured way to manage your set of tasks, variables, handlers, +default settings, and way more (meta, files, templates). Roles allow reusing +the same parts of code in multiple playbooks (you can parametrize the role +'further' during its execution). Its a great way to introduce `object oriented` +management for your applications. Role can be included in your playbook (executed via your playbook). @@ -222,40 +298,43 @@ Role can be included in your playbook (executed via your playbook). ping: - name: "execute a shell command" shell: "date; whoami; df -h;" - - roles: + + roles: - some_role - { role: another_role, some_variable: 'learnxiny', tags: ['my_tag'] } - + pre_tasks: - name: some pre-task shell: echo 'this task is the last, but would be executed before roles, and before tasks' ``` #### For remaining examples we would use additional repository -This example install ansible in `virtualenv` so it is independend from a system. You need to initialize it into your shell-context with `source environment.sh` command. +This example install ansible in `virtualenv` so it is independend from a system. +You need to initialize it into your shell-context with `source environment.sh` +command. -We are going to use this repository with examples: https://github.com/sirkubax/ansible-for-learnXinYminutes +We are going to use this repository with examples: [https://github.com/sirkubax/ansible-for-learnXinYminutes]() ```bash -$ # The following example contains a shell-prompt to indicate the venv and relative path +$ # The following example contains a shell-prompt to indicate the venv and relative path $ git clone git@github.com:sirkubax/ansible-for-learnXinYminutes.git user@host:~/$ cd ansible-for-learnXinYminutes user@host:~/ansible-for-learnXinYminutes$ source environment.sh $ $ # First lets execute the simple_playbook.yml (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_playbook.yml - ``` Run the playbook with roles example + ```bash $ source environment.sh $ # Now we would run the above playbook with roles (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_role.yml ``` -#### Role directory structure: +#### Role directory structure + ``` roles/ some_role/ @@ -269,10 +348,13 @@ roles/ ``` #### Role Handlers -Handlers are tasks that can be triggered (notified) during execution of a playbook, but they execute at the very end of a playbook. -It is the best way to restart a service, check if the application port is active (successful deployment criteria), etc. +Handlers are tasks that can be triggered (notified) during execution of a +playbook, but they execute at the very end of a playbook. It is the best way to +restart a service, check if the application port is active (successful +deployment criteria), etc. Get familiar with how you can use roles in the simple_apache_role example + ``` playbooks/roles/simple_apache_role/ ├── tasks @@ -283,18 +365,14 @@ playbooks/roles/simple_apache_role/ ### ansible - variables -Ansible is flexible - it has 21 levels of variable precedence - +Ansible is flexible - it has 21 levels of variable precedence. [read more](http://docs.ansible.com/ansible/latest/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable) - For now you should know that CLI variables have the top priority. - You should also know, that a nice way to pool some data is a **lookup** ### Lookups -Awesome tool to query data from various sources!!! Awesome! +Awesome tool to query data from various sources!!! Awesome! query from: - * pipe (load shell command output into variable!) * file * stream @@ -309,6 +387,7 @@ query from: ``` You can use them in CLI too + ```yaml ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "date") }}"' localhost ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe", "hostname") }}"' all @@ -316,15 +395,16 @@ ansible -m shell -a 'echo "{{ my_variable }}"' -e 'my_variable="{{ lookup("pipe" # Or use in playbook (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/lookup.yml - ``` -### Register and Conditional +### Register and Conditional #### Register + Another way to dynamically generate the variable content is the `register` command. -`Register` is also useful to store an output of a task and use its value +`Register` is also useful to store an output of a task and use its value for executing further tasks. + ``` (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/register_and_when.yml ``` @@ -340,22 +420,25 @@ for executing further tasks. - name: debug root_size debug: msg: "{{ root_size }}" - + - name: debug root_size return code debug: msg: "{{ root_size.rc }}" -# when: example +# when: example - name: Print this message when return code of 'check the system capacity' was ok debug: msg: "{{ root_size.rc }}" when: root_size.rc == 0 - +... ``` + #### Conditionals - when: -You can define complex logic with Ansible and Jinja functions. Most common is usage of `when:`, with some variable (often dynamically generated in previous playbook steps with `register` or `lookup`) +You can define complex logic with Ansible and Jinja functions. Most common is +usage of `when:`, with some variable (often dynamically generated in previous +playbook steps with `register` or `lookup`) ```yaml --- @@ -366,53 +449,63 @@ You can define complex logic with Ansible and Jinja functions. Most common is us when: some_variable in 'a string' roles: - { role: mid_nagios_probe, when: allow_nagios_probes } +... ``` - ### ansible - tags, limit You should know about a way to increase efficiency by this simple functionality #### TAGS -You can tag a task, role (and its tasks), include, etc, and then run only the tagged resources - ansible-playbook playbooks/simple_playbook.yml --tags=tagA,tag_other - ansible-playbook playbooks/simple_playbook.yml -t tagA,tag_other +You can tag a task, role (and its tasks), include, etc, and then run only the +tagged resources - There are special tags: - always - - --skip-tags can be used to exclude a block of code - --list-tags to list available tags +``` +ansible-playbook playbooks/simple_playbook.yml --tags=tagA,tag_other +ansible-playbook playbooks/simple_playbook.yml -t tagA,tag_other + +There are special tags: + always + +--skip-tags can be used to exclude a block of code +--list-tags to list available tags +``` [Read more](http://docs.ansible.com/ansible/latest/playbooks_tags.html) #### LIMIT -You can limit an execution of your tasks to defined hosts - ansible-playbook playbooks/simple_playbook.yml --limmit localhost +You can limit an execution of your tasks to defined hosts - --limit my_hostname - --limit groupname - --limit some_prefix* - --limit hostname:group #JM +``` +ansible-playbook playbooks/simple_playbook.yml --limit localhost + +--limit my_hostname +--limit groupname +--limit some_prefix* +--limit hostname:group #JM +``` ### Templates -Templates are a powerful way to deliver some (partially) dynamic content. Ansible uses **Jinja2** language to describe the template. +Templates are a powerful way to deliver some (partially) dynamic content. +Ansible uses **Jinja2** language to describe the template. -```jinja2 +``` Some static content {{ a_variable }} -{% for item in loop_items %} +{% for item in loop_items %} this line item is {{ item }} {% endfor %} ``` + Jinja may have some limitations, but it is a powerful tool that you might like. -Please examine this simple example that installs apache2 and generates index.html from the template +Please examine this simple example that installs apache2 and generates +index.html from the template "playbooks/roles/simple_apache_role/templates/index.html" ```bash @@ -421,15 +514,18 @@ $ # Now we would run the above playbook with roles (venv) user@host:~/ansible-for-learnXinYminutes$ ansible-playbook playbooks/simple_role.yml --tags apache2 ``` - #### Jinja2 CLI + You can use the jinja in the CLI too + ```bash ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost ``` + In fact - jinja is used to template parts of the playbooks too + ```yaml -#check part of this playbook: playbooks/roles/sys_debug/tasks/debug_time.yml +# check part of this playbook: playbooks/roles/sys_debug/tasks/debug_time.yml - local_action: shell date +'%F %T' register: ts become: False @@ -439,24 +535,29 @@ In fact - jinja is used to template parts of the playbooks too debug: msg="{{ ts.stdout }}" when: ts is defined and ts.stdout is defined become: False - ``` #### Jinja2 filters + Jinja is powerful. It has many built-in useful functions. -```jinja + +``` # get first item of the list {{ some_list | first() }} # if variable is undefined - use default value {{ some_variable | default('default_value') }} ``` + [Read More](http://docs.ansible.com/ansible/latest/playbooks_filters.html) ### ansible-vault -To maintain **infrastructure as code** you need to store secrets. - Ansible provides a way to encrypt confidential files so you can store them in the repository, yet the files are decrypted on-the-fly during ansible execution. -The best way to use it is to store the secret in some secure location, and configure ansible to use during runtime. +To maintain **infrastructure as code** you need to store secrets. Ansible +provides a way to encrypt confidential files so you can store them in the +repository, yet the files are decrypted on-the-fly during ansible execution. + +The best way to use it is to store the secret in some secure location, and +configure ansible to use during runtime. ```bash # Try (this would fail) @@ -487,36 +588,41 @@ $ ansible-vault decrypt path/somefile ``` ### dynamic inventory -You might like to know, that you can build your inventory dynamically. -(For Ansible) inventory is just JSON with proper structure - if you can deliver that to ansible - anything is possible. +You might like to know, that you can build your inventory dynamically. +(For Ansible) inventory is just JSON with proper structure - if you can +deliver that to ansible - anything is possible. -You do not need to reinvent the wheel - there are plenty of ready to use inventory scripts for most popular Cloud providers and a lot of in-house popular usecases. +You do not need to reinvent the wheel - there are plenty of ready to use +inventory scripts for most popular Cloud providers and a lot of in-house +popular usecases. [AWS example](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script) ```bash -$ etc/inv/ec2.py --refresh - +$ etc/inv/ec2.py --refresh $ ansible -m ping all -i etc/inv/ec2.py ``` [Read more](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html) ### ansible profiling - callback -Playbook execution takes some time. It is OK. First make it run, then you may like to speed things up -Since ansible 2.x there is built-in callback for task execution profiling +Playbook execution takes some time. It is OK. First make it run, then you may +like to speed things up. Since ansible 2.x there is built-in callback for task +execution profiling. ``` -vi ansible.cfg -#set this to: +vi ansible.cfg +# set this to: callback_whitelist = profile_tasks ``` ### facts-cache and ansible-cmdb + You can pull some information about your environment from another hosts. -If the information does not change - you may consider using a facts_cache to speed things up. +If the information does not change - you may consider using a facts_cache +to speed things up. ``` vi ansible.cfg @@ -532,41 +638,55 @@ fact_caching_timeout = 86400 ``` I like to use `jsonfile` as my backend. It allows to use another project -`ansible-cmdb` [(project on github)](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory resources. A nice 'free' addition! +`ansible-cmdb` [(project on github)](https://github.com/fboender/ansible-cmdb) that generates a HTML page of your inventory +resources. A nice 'free' addition! + +### Debugging ansible [chapter in progress] -### debugging ansible [chapter in progress] When your job fails - it is good to be effective with debugging. -1. Increase verbosity by using multiple -v **[ -vvvvv]** -2. If variable is undefined - - grep -R path_of_your_inventory -e missing_variable -3. If variable (dictionary or a list) is undefined - - grep -R path_of_your_inventory -e missing_variable -4. Jinja template debug +1. Increase verbosity by using multiple -v **[ -vvvvv]** +2. If variable is undefined - +`grep -R path_of_your_inventory -e missing_variable` +3. If variable (dictionary or a list) is undefined - +`grep -R path_of_your_inventory -e missing_variable` +4. Jinja template debug 5. Strange behaviour - try to run the code 'at the destination' ### Infrastructure as code -You already know, that ansible-vault allows you to store your confidential data along with your code (in repository). You can go further - and define your ansible installation and configuration as-a-code. -See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privileged user), and as additional benefit - upgrading version of ansible is as easy as installing new version in new virtualenv. What is more, you can have multiple versions of Ansible present at the same time. + +You already know, that ansible-vault allows you to store your confidential data +along with your code (in repository). You can go further - and define your +ansible installation and configuration as-a-code. +See `environment.sh` to learn how to install the ansible itself inside a +`virtualenv` that is not attached to your operating system (can be changed by +non-privileged user), and as additional benefit - upgrading version of ansible +is as easy as installing new version in new virtualenv. What is more, you can +have multiple versions of Ansible present at the same time. ```bash - # recreate ansible 2.x venv +# recreate ansible 2.x venv $ rm -rf venv2 $ source environment2.sh - # execute playbook + +# execute playbook (venv2)$ ansible-playbook playbooks/ansible1.9_playbook.yml # would fail - deprecated syntax - # now lets install ansible 1.9.x next to ansible 2.x +# now lets install ansible 1.9.x next to ansible 2.x (venv2)$ deactivate $ source environment.1.9.sh - # execute playbook + +# execute playbook (venv1.9)$ ansible-playbook playbooks/ansible1.9_playbook.yml # works! - # please note that you have both venv1.9 and venv2 present - you need to (de)activate one - that is all +# please note that you have both venv1.9 and venv2 present - you need to (de)activate one - that is all ``` #### become-user, become -In Ansible - to become `sudo` - use the `become` parameter. Use `become_user` to specify the username. + +In Ansible - to become `sudo` - use the `become` parameter. Use `become_user` +to specify the username. + ``` - name: Ensure the httpd service is running service: @@ -574,92 +694,64 @@ In Ansible - to become `sudo` - use the `become` parameter. Use `become_user` to state: started become: true ``` -Note: You may like to execute Ansible with `--ask-sudo-pass` or add the user to sudoers file in order to allow non-supervised execution if you require 'admin' privilages. + +Note: You may like to execute Ansible with `--ask-sudo-pass` or add the user to +sudoers file in order to allow non-supervised execution if you require 'admin' +privilages. [Read more](http://docs.ansible.com/ansible/latest/become.html) ## Tips and tricks #### --check -C -Always make sure that your playbook can execute in 'dry run' mode (--check), and its execution is not declaring 'Changed' objects. + +Always make sure that your playbook can execute in 'dry run' mode (--check), +and its execution is not declaring 'Changed' objects. #### --diff -D -Diff is useful to see nice detail of the files changed -It compare 'in memory' the files like `diff -BbruN fileA fileB` +Diff is useful to see nice detail of the files changed. +It compare 'in memory' the files like `diff -BbruN fileA fileB`. #### Execute hosts with 'regex' + ```bash ansible -m ping web* ``` -#### -Host groups can be joined, negated, etc +#### Host groups can be joined, negated, etc ```bash ansible -m ping web*:!backend:monitoring:&allow_change ``` #### Tagging -You should tag some (not all) objects - a task in a playbook, all tasks included form a role, etc. -It allows you to execute the chosen parts of the playbook. + +You should tag some (not all) objects - a task in a playbook, all tasks +included form a role, etc. It allows you to execute the chosen parts of the +playbook. #### no_logs: True -You may see, that some roles print a lot of output in verbose mode. There is also a debug module. -This is the place where credentials may leak. Use `no_log` to hide the output. + +You may see, that some roles print a lot of output in verbose mode. There is +also a debug module. This is the place where credentials may leak. Use `no_log` +to hide the output. #### Debug module + allows to print a value to the screen - use it! #### Register the output of a task -You can register the output (stdout), rc (return code), stderr of a task with the `register` command. - -#### Conditionals: when: - -#### Loop: with, with_items, with_dict, with_together - -[Read more](http://docs.ansible.com/ansible/latest/playbooks_conditionals.html) +You can register the output (stdout), rc (return code), stderr of a task with +the `register` command. -## Introduction -Ansible is (one of the many) orchestration tools. It allows you to control your environment (infrastructure and code) and automate the manual tasks. -'You can think as simple as writing in bash with python API -Of course the rabbit hole is way deeper.' +#### Conditionals: when: -Ansible has great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the cloud providers. Almost every noteworthy cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...) +#### Loop: with, with\_items, with\_dict, with\_together - -But ansible is way more! It provides an execution plans, an API, library, callbacks, not forget to mention - COMMUNITY! and great support by developers! - - -### Main cons and pros - -#### Cons - -It is an agent-less tool - every agent consumes up to 16MB ram - in some environments, it may be noticable amount. -It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) -Official GUI Tool (web inferface) - Ansible Tower - is great, but it is expensive. There is no 'small enterprice' payment plan, however Ansible AWX is the free open source version we were all waiting for. - -#### Pros - -It is an agent-less tools In most scenarios, it use ssh as a transport layer. -In some way you can use it as 'bash on steroids'. -It is very easy to start. If you are familiar with ssh concept - you already know Ansible (ALMOST). -It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) -Documentation is at the world-class standard! -The community (github, stackOverflow) would help you very fast. -Writing your own modules and extensions is fairly easy. -Ansible AWX is the open source version of Ansible Tower we have been waiting for, which provides an excellent UI. - -#### Neutral -Migration Ansible<->Salt is fairly easy - so if you would need an event-driven agent environment - it would be a good choice to start quick with Ansible, and convert to salt when needed. - -#### Some concepts - -Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. -The simplest way is to execute remote command in more controlled way (still using ssh). -On the other hand - in advanced scope - you can wrap Ansible (use python Ansible code as a library) with your own Python scrips! This is awesome! It would act a bit like Fabric then. +[Read more](http://docs.ansible.com/ansible/latest/playbooks_conditionals.html) ## Additional Resources -- cgit v1.2.3 From e9b6b9522a6882c26b3f01c2665eff768663bad3 Mon Sep 17 00:00:00 2001 From: Pat Myron Date: Sat, 17 Nov 2018 14:38:50 -0500 Subject: Update ansible.html.markdown --- ansible.html.markdown | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 2669e5fe..2b61cc8e 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -18,16 +18,13 @@ filename: LearnAnsible.txt Ansible is (one of many) orchestration tools. It allows you to control your environment (infrastructure and code) and automate the manual tasks. -'You can think as simple as writing in bash with python API, -Of course the rabbit hole is way deeper.' Ansible has great integration with multiple operating systems (even Windows) and some hardware (switches, Firewalls, etc). It has multiple tools that integrate with the cloud providers. Almost every noteworthy cloud provider is present in the ecosystem (AWS, Azure, Google, DigitalOcean, OVH, etc...). -But ansible is way more! It provides an execution plans, an API, library, -callbacks, not forget to mention - COMMUNITY! and great support by developers! +But ansible is way more! It provides execution plans, an API, library, and callbacks. ### Main pros and cons @@ -40,7 +37,6 @@ know Ansible (ALMOST). * It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) * Documentation is at the world-class standard! -* The community (github, stackOverflow) would help you very fast. * Writing your own modules and extensions is fairly easy. * Ansible AWX is the open source version of Ansible Tower we have been waiting for, which provides an excellent UI. @@ -52,8 +48,7 @@ environments, it may be noticable amount. * It is agent-less - you have to verify your environment consistency 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) -* Official GUI Tool (web inferface) - Ansible Tower - is great, but it is -expensive. +* Official GUI - Ansible Tower - is great but expensive. * There is no 'small enterprice' payment plan, however Ansible AWX is the free open source version we were all waiting for. @@ -69,7 +64,7 @@ Ansible uses ssh or paramiko as a transport layer. In a way you can imagine that you are using a ssh with API to perform your action. The simplest way is to execute remote command in more controlled way (still using ssh). On the other hand - in advanced scope - you can wrap Ansible (use python Ansible -code as a library) with your own Python scrips! This is awesome! It would act a +code as a library) with your own Python scripts! It would act a bit like Fabric then. ## Example @@ -170,7 +165,6 @@ There are few commands you should know about * `ansible-playbook` (to run playbooks) * `ansible-vault` (to manage secrets) * `ansible-galaxy` (to install roles from github/galaxy) -* and other! ### Module @@ -180,10 +174,10 @@ instances in the cloud, execute shell command). The simplest module is called `ping` - it just returns a JSON with `pong` message. Example of modules: + * Module: `ping` - the simplest module that is useful to verify host connectivity * Module: `shell` - a module that executes shell command on a specified host(s). -Example of execution - `ping`, `shell` ```bash $ ansible -m ping all @@ -656,8 +650,8 @@ When your job fails - it is good to be effective with debugging. ### Infrastructure as code You already know, that ansible-vault allows you to store your confidential data -along with your code (in repository). You can go further - and define your -ansible installation and configuration as-a-code. +along with your code. You can go further - and define your +ansible installation and configuration as code. See `environment.sh` to learn how to install the ansible itself inside a `virtualenv` that is not attached to your operating system (can be changed by non-privileged user), and as additional benefit - upgrading version of ansible -- cgit v1.2.3 From 78960535c6ee8ea789c154d8ba3b2703c8fdcf84 Mon Sep 17 00:00:00 2001 From: Daniel Naftalovich Date: Mon, 15 Jul 2019 12:34:46 -0700 Subject: Fix typo --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 2b61cc8e..41a8c9b5 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -49,7 +49,7 @@ environments, it may be noticable amount. 'on-demand' - there is no built-in mechanism that would warn you about some change automatically (this can be achieved with reasonable effort) * Official GUI - Ansible Tower - is great but expensive. -* There is no 'small enterprice' payment plan, however Ansible AWX is the free +* There is no 'small enterprise' payment plan, however Ansible AWX is the free open source version we were all waiting for. #### Neutral -- cgit v1.2.3 From 0af4996d08c550144cf368f0fd6e0693294896a0 Mon Sep 17 00:00:00 2001 From: Philippe Coval Date: Fri, 25 Oct 2019 11:35:24 +0200 Subject: [ansible/en]: Fix quotes in command line example Change-Id: I46fe48764029d243b211cef04f06fdf62ea39219 Forwarded: https://github.com/adambard/learnxinyminutes-docs/pull/3729 Signed-off-by: Philippe Coval --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 41a8c9b5..bfb1406b 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -513,7 +513,7 @@ $ # Now we would run the above playbook with roles You can use the jinja in the CLI too ```bash -ansible -m shell -a 'echo {{ my_variable }}` -e 'my_variable=something, playbook_parameter=twentytwo" localhost +ansible -m shell -a 'echo {{ my_variable }}' -e 'my_variable=something, playbook_parameter=twentytwo' localhost ``` In fact - jinja is used to template parts of the playbooks too -- cgit v1.2.3 From 1aec529fa9c0cfc54eaa412a7fb959fe03cbc1ee Mon Sep 17 00:00:00 2001 From: Krain Arnold Date: Wed, 20 Nov 2019 15:31:29 +0100 Subject: fix minor typos and spelling errors --- ansible.html.markdown | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 41a8c9b5..fc656e30 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -30,9 +30,9 @@ But ansible is way more! It provides execution plans, an API, library, and callb #### Pros -* It is an agent-less tools In most scenarios, it use ssh as a transport layer. +* It is an agent-less tool. In most scenarios, it uses ssh as a transport layer. In some way you can use it as 'bash on steroids'. -* It is very easy to start. If you are familiar with ssh concept - you already +* It is very easy to start. If you are familiar with the concept of ssh - you already know Ansible (ALMOST). * It executes 'as is' - other tools (salt, puppet, chef - might execute in different scenario than you would expect) @@ -176,7 +176,7 @@ instances in the cloud, execute shell command). The simplest module is called Example of modules: * Module: `ping` - the simplest module that is useful to verify host connectivity -* Module: `shell` - a module that executes shell command on a specified host(s). +* Module: `shell` - a module that executes a shell command on a specified host(s). ```bash @@ -204,13 +204,13 @@ the module subsystem (useful to install python2.7) Execution of a single Ansible **module** is called a **task**. The simplest module is called `ping` as you could see above. -Another example of the module that allow you to execute command remotly on +Another example of the module that allows you to execute a command remotely on multiple resources is called `shell`. See above how you were using them already. ### Playbook **Execution plan** written in a form of script file(s) is called **playbook**. -Playbook consist of multiple elements - +Playbooks consist of multiple elements - * a list (or group) of hosts that 'the play' is executed against * `task(s)` or `role(s)` that are going to be executed * multiple optional settings (like default variables, and way more) @@ -247,7 +247,7 @@ Note: Example playbook is explained in the next chapter: 'Roles' ### Inventory -Inventory is a set of objects or hosts, against which we are executing our +An inventory is a set of objects or hosts, against which we are executing our playbooks or single tasks via shell commands. For these few minutes, let's assume that we are using the default ansible inventory (which in Debian based system is placed in `/etc/ansible/hosts`). @@ -303,8 +303,8 @@ Role can be included in your playbook (executed via your playbook). ``` #### For remaining examples we would use additional repository -This example install ansible in `virtualenv` so it is independend from a system. -You need to initialize it into your shell-context with `source environment.sh` +This example installs ansible in `virtualenv` so it is independent from a system. +You need to initialize it into your shell-context with the `source environment.sh` command. We are going to use this repository with examples: [https://github.com/sirkubax/ansible-for-learnXinYminutes]() @@ -551,7 +551,7 @@ provides a way to encrypt confidential files so you can store them in the repository, yet the files are decrypted on-the-fly during ansible execution. The best way to use it is to store the secret in some secure location, and -configure ansible to use during runtime. +configure ansible to use them during runtime. ```bash # Try (this would fail) @@ -588,7 +588,7 @@ You might like to know, that you can build your inventory dynamically. deliver that to ansible - anything is possible. You do not need to reinvent the wheel - there are plenty of ready to use -inventory scripts for most popular Cloud providers and a lot of in-house +inventory scripts for the most popular Cloud providers and a lot of in-house popular usecases. [AWS example](http://docs.ansible.com/ansible/latest/intro_dynamic_inventory.html#example-aws-ec2-external-inventory-script) @@ -614,7 +614,7 @@ callback_whitelist = profile_tasks ### facts-cache and ansible-cmdb -You can pull some information about your environment from another hosts. +You can pull some information about your environment from another host. If the information does not change - you may consider using a facts_cache to speed things up. -- cgit v1.2.3 From ccf57b418ed50a10a02f823308d53d4eb6c44696 Mon Sep 17 00:00:00 2001 From: Divay Prakash Date: Fri, 24 Jan 2020 20:22:50 +0530 Subject: Update ansible.html.markdown --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index fc656e30..e4c2615d 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -303,7 +303,7 @@ Role can be included in your playbook (executed via your playbook). ``` #### For remaining examples we would use additional repository -This example installs ansible in `virtualenv` so it is independent from a system. +This example installs ansible in `virtualenv` so it is independent from the system. You need to initialize it into your shell-context with the `source environment.sh` command. -- cgit v1.2.3 From 4ac076c8f289034e670d1507158324cc0334cddd Mon Sep 17 00:00:00 2001 From: Philippe Coval Date: Fri, 25 Oct 2019 11:33:09 +0200 Subject: [ansible/en]: Fix URL link Forwarded: https://github.com/adambard/learnxinyminutes-docs/pull/ Change-Id: Ic41e20f44f7e7aeab1811d8d48964c5d57c335eb Signed-off-by: Philippe Coval --- ansible.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ansible.html.markdown') diff --git a/ansible.html.markdown b/ansible.html.markdown index 28da618c..30dfba13 100644 --- a/ansible.html.markdown +++ b/ansible.html.markdown @@ -307,7 +307,7 @@ This example installs ansible in `virtualenv` so it is independent from the syst You need to initialize it into your shell-context with the `source environment.sh` command. -We are going to use this repository with examples: [https://github.com/sirkubax/ansible-for-learnXinYminutes]() +We are going to use this repository with examples: [https://github.com/sirkubax/ansible-for-learnXinYminutes](https://github.com/sirkubax/ansible-for-learnXinYminutes) ```bash $ # The following example contains a shell-prompt to indicate the venv and relative path -- cgit v1.2.3