ansible-doc <nom du module>
ansible-doc --list
deploy ssh/python
ansible hosts
interface-web graphique pour ansible
[defaults]
inventory = hosts.yml
[privilege_escalation]
become = True
become_method = sudo
become_user = root
#become_ask_pass = False (demande un password, sinon utilise la clef ssh)
-b
-m <nom du module>
-a <arguments>
--check
ansible <groupe ou machine ou all> -i hosts.yml -m ping
ansible <groupe ou machine ou all> -i hosts.yml -m ping
ansible <groupe ou machine ou all> -m shell -a "la commande shell"
ansible <groupe ou machine ou all> -m debug -a 'var=groups.keys()'
ansible all -b -m 'copy' -a 'dest="/etc/motd" content="#############################\n# My superrrrrr messageeee #\n#############################\n"'
ansible <groupe ou machine ou all> -m setup
/etc/ansible/facts.d/custom.fact
[general]
my_package = httpd
my_service = httpd
my_state = started
ansible_local.custom.general.my_package
---
- hosts: web
vars:
my_package: "ansible_local.custom.general.my_package"
tasks:
- name: "Create /etc/ansible/facts.d"
file:
path: "/etc/ansible/facts.d"
state: "directory"
- name: "Copy file"
copy:
dest: "/etc/ansible/facts.d/custom.fact"
src: "/vagrant/resources/custom.fact"
- name: "Read ansible_local"
debug:
msg: "{{ my_package }} is defined"
#var: ansible_local.custom.general.my_package
when: ansible_local.custom.general.my_package is defined
Le playbook est un ensemble de play.
Un play est défini par
Au même niveau que taks
meta: flush_handlers
ansible-playbook <nom du playbook>
ansible-playbook <nom du playbook> --syntax-check
---
- hosts: all
tasks:
- name: "Change motd"
copy:
dest: "/etc/motd"
content: "#############################\n# My superrrrrr messageeee #\n#############################\n"
---
- name: "Enable intranet services"
hosts: web
become: yes
gather_facts: no
tasks:
- name: "Install httpd"
yum:
name: httpd
state: latest
- name: "Install firewalld"
yum:
name: firewalld
state: latest
- name: "Enable firewalld"
systemd:
name: firewalld
enabled: yes
masked: no
- name: "Start firewalld"
systemd:
name: firewalld
state: restarted
- name: "Allow http"
firewalld:
service: http
permanent: yes
state: enabled
- name: "Enable httpd"
systemd:
name: httpd
enabled: yes
masked: no
- name: "Start httpd"
systemd:
name: httpd
state: restarted
- name: "Add hello world to index.html"
copy:
dest: "/var/www/html/index.html"
content: '<!DOCTYPE html><html><head><title>My test page</title></head><body>hello world \o/</body></html>'
- name: "Test intranet web server"
hosts: localhost
become: false
gather_facts: no
vars:
tasks:
- name: "Test url"
uri:
url: http://adev-web-1/index.html
status_code: 200
return_content: yes
register: homepage
- debug:
msg: "Contenu de ma page web {{ homepage.content }}"
- name: "Test real content"
assert:
that:
- "'hello world' in homepage.content"
---
- name: "Install services"
hosts: db
become: yes
gather_facts: no
vars:
- service: mariadb
- confFile: my.cnf
- userRoot: root
- mdpRoot: root
- servicesToInstall:
- mariadb-server
- MySQL-python
tasks:
- name: "Install"
yum:
name: "{{servicesToInstall}}"
state: latest
notify: "startMariadb"
- name: "conf"
copy:
dest: "/etc/{{confFile}}"
src: "/vagrant/resources/{{confFile}}"
notify:
- restartMariadb
- createUserRootMysql
- createUserAdlere
handlers:
- name: "start mariadb"
systemd:
name: "{{service}}"
state: started
listen: startMariadb
- name: "restart mariadb"
systemd:
name: "{{service}}"
state: restarted
listen: restartMariadb
- name: "Create user root"
mysql_user:
name: "{{userRoot}}"
password: "{{mdpRoot}}"
listen: createUserRootMysql
- name: "Create user adlere"
mysql_user:
login_user: "{{userRoot}}"
login_password: "{{mdpRoot}}"
name: adlere
password: adlere
priv: '*.*:ALL'
listen: createUserAdlere
---
- name: "Unistall services"
hosts: db
become: yes
gather_facts: no
vars:
- confFile : my.cnf
tasks:
- name: Delete adlere user
mysql_user:
name : adlere
login_user: root
login_password: root
state: absent
- name: Set root user password
command: "mysqladmin -u root -p'root' password ''"
- name: "Uninstall"
yum:
name:
- mariadb-server
- MySQL-python
state: absent
- name: "conf"
file:
path: "/etc/{{confFile}}"
state: absent
---
- name: "Install services"
hosts: db
become: yes
gather_facts: no
vars:
- folder: my_folder
tasks:
- name: "GetFolder"
stat:
path: "{{folder}}"
register: folderExists
- name: "Print debug info"
debug:
var: folderExists
- name: "Create folder"
file:
path: "{{folder}}"
state: directory
when: folderExists.stat.exists == false
Le templating se fait via le module template, il est en jinja2
http://jinja.pocoo.org/docs/2.10/
Voir jinja2 filters
{{mavariable|lower}}
{{mavariable|upper}}
##############################
# #
# My superrrrrr messageeee #
# #
#{{ ansible_date_time.date }}#
# #
##############################
---
- name: "Install motd"
hosts: all
become: yes
gather_facts: yes
tasks:
- name: "Motd"
template:
src: motd_template.j2
dest: /etc/motd
Les rôles sont un ensemble de playbooks avec une architecture fixe
ansible-galaxy init <nom de mon rôle> –offline --init-path <INIT_PATH>
---
- name: "Install services"
become: yes
gather_facts: true
hosts: localhost
roles:
- createService