noqqe » blog | sammelsurium | photos | projects | about


2015-05-17 @ ansible, Software


Apply a playbook

ansible-playbook nichtparasoup.yml

Limit a playbook on tags

ansible-playbook userenv.yml --tag git

Limit a playbook on a host

ansible-playbook userenv.yaml --limit

Common Task Oneliners

Ansible can be very handy for those kind of things.

Execute a generic command.

ansible mongo-test -m command -a "ls /tmp"

Restart a service

ansible app-prod -m service -a 'name=nrpe state=restarted'

Fetch a file from remote hosts

ansible mongo-prod -m fetch -a 'src=/var/log/mongodb/mongodb-shardsrv.log dest=/tmp/'

Copy files on a remote location

ansible mongo-prod -m copy -a 'src=~/foo.txt dest=/root/foo.txt owner=root'

Execute a shell command

ansible app-prod -m shell -a 'sed -i "s#plugins/check_mem#plugins/check_mem -C#" /etc/nrpe.cfg'

Remove a user

ansible app-test -m user -a 'name=johnd state=absent remove=yes'

Delete a file

ansible -i hosts app-test -m file -a 'path=/tmp/trollololo state=absent'

Playbook Cheatsheet

Install a package

- name: Install java 11
    name: java-11-amazon-corretto
    state: installed

Create a directory

- name: Create directory
    path: "/tmp/foo"
    state: directory
    mode: '0755'

Create a symlink

- name: Create a Java Home Symlink
    src: /usr/lib/jvm/java-11-amazon-corretto.x86_64
    dest: /home/java
    state: link

Create a file with content

- name: Configure .profile for user
    dest: "/home/user/.profile"
    mode: u=rwx,g=rx,o=rx
    owner: user
    content: |
      export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
      alias select=_select
      alias l='ls -lah'
      source /etc/profile.d/*.sh      

Loop. Mehrere Items erstellen mit einem Task

- name: Create mount point directories for shares
    path: "{{ item }}"
    state: directory
    mode: '0755'
    - /moo
    - /foo
    - /bar

Mount a volume (AWS EFS Volume, in this case)

- name: Mount /move
    path: /move
    src: i8234u234:/
    fstype: efs
    opts: defaults,_netdev
    state: present

Create Task dependency

- name: Ensure replicaset rs0 exists
  register: rsinit

- name: Create local admin
    - rsinit is changed

Fetch AWS Secret

- name: Fetch AWS Secrets for Admin
    password: "{{ lookup('', 'documentdb_root.password', nested=true) }}"
    username: "{{ lookup('', 'documentdb_root.username', nested=true) }}"

- name: Ensure replicaset rs0 exists
    login_host: localhost
    login_user: {{username}}
    login_password: {{password}}

Check if OS Env var is set

- name: Check if Variables are defined.
    msg: "Environment variable AWS_SECRET_ACCESS_KEY is not defined or empty"
  when: lookup('env', "AWS_SECRET_ACCESS_KEY") | length < 0

Check if OS Env var contains a certain string

- name: Check if correct environment is set in AWS
    msg: "Environment variable AWS_ENV does not match {{ aws_env }}. Did you configure your environment correctly?"
  when: lookup('env', "AWS_ENV") != aws_env