cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar








Etc


Reference














.

middleware:iac:ansible:ansible-playbook



Middleware

ansible-playbook Commands Cheet Sheat and Configuration Examples

Tutorial #1. How to use ansible-playbook command.

Preliminary work

Target Server

useradd ansible
echo 'ansible:ansible' | chpasswd     <-  change password

cp -pi /etc/sudoers{,.`date '+%Y%m%d'`}
echo "ansible ALL=(ALL)       NOPASSWD:ALL" >> /etc/sudoers

Ansible Server

useradd ansible
echo 'ansible:ansible' | chpasswd     <-  change password

su - ansible
ssh-keygen -t rsa
ssh-copy-id   x.x.x.x    <- Copy Publick Key to Target Server

cd /home/ansible
mkdir ansible1   <- ansible working directory
cd ansible1

vi hosts
vi ansible.cfg
vi test.yml

Inventory(hosts)

[all:vars]
ansible_ssh_port=22
ansible_ssh_user=ansible
ansible_ssh_pass=ansible

[test1]
192.168.0.37

ansible.cfg

[defaults]
inventory = ./hosts

playbook(test1.yml)

- hosts: all
  gather_facts: no
  tasks:
  - shell: date
  - shell: date >> /tmp/test
  - shell: whoami >> /tmp/test

Execution

ansible-playbook  test1.yml --list-hosts      # Check target hosts
ansible-playbook  test1.yml --check           # Test
ansible-playbook  test1.yml

ansible-playbook  -l test1  test1.yml

Test playbook(test1.yml)

- hosts: all
  become: yes
  gather_facts: no
  tasks:
  - shell: date
  - shell: date >> /tmp/test
  - shell: whoami >> /tmp/test




ansible-playbook command

man ansible-playbook

NAME
       ansible-playbook - run an ansible playbook

SYNOPSIS
       ansible-playbook <filename.yml> ... [options]

ARGUMENTS
       filename.yml
           The names of one or more YAML format files to run as ansible playbooks.

OPTIONS
       -h, --help
           Show help page and exit

       --list-hosts
           Outputs a list of matching hosts; does not execute anything else.

       --list-tasks
           List all tasks that would be executed; does not execute anything else.


       -i PATH, --inventory=PATH
           The PATH to the inventory, which defaults to /etc/ansible/hosts. Alternatively, you can use 
           a comma-separated list of hosts or a single host with a trailing comma host,.

       -C, --check
           Do not make any changes on the remote system, but test resources to see what might have changed.
            Note this can not scan all possible resource types and is only a simulation.

       --syntax-check
           Look for syntax errors in the playbook, but don’t run anything

Example

$ ansible-playbook   PLAYBOOK.yml    <- /etc/ansible/hosts
$ ansible-playbook -i /tmp/hosts PLAYBOOK.yml
$ ansible-playbook --private-key=./KEY ./PLAYBOOK.yml

--list-tasks

$ ansible-playbook  -i HOSTS  --list-tasks -i test-servers site.yml

--check

$ ansible-playbook  -i HOSTS PLAYBOOK.yml --check
$ ansible-playbook  -i HOSTS PLAYBOOK.yml --check   --diff


Playbook

command module

- name: disable selinux
    command: /sbin/setenforce 0

shell module

tasks:
  - shell: /home/shell/test.sh > result.txt
- name: ruby configure
  shell: chdir=/tmp/{{ rubyver }} ./configure --disable-install-doc

- name: make ruby
  shell: chdir=/tmp/{{ rubyver }} make

- name: make install ruby
  shell: chdir=/tmp/{{ rubyver }} make install

user module

tasks:
  - user: name=user2 password=$6$rounds=656000$3Co6RKpxxxx

get_url module

get_url: url=http://toolbelt.treasuredata.com/sh/install-redhat.sh dest=/root/fluentd-install.sh

copy module

tasks:
  - name: copy a file
    copy: src=test.txt dest=/tmp/
  - name: copy directory
    copy: src=/tmp/test1.d dest=/tmp/test1.d/
  - name: copy files in directory
    copy: src=/tmp/test1.d/ dest=/tmp/test1.d/

fetch module

tasks:
  - fetch: src=/tmp/test2.txt dest=/tmp/

service module

tasks:
  - service: name=httpd state=restarted

file module

- name: create directories
  file: path={{ item.path }} owner={{ item.owner }} group={{ item.group }} mode=0{{ item.mode }} state=directory
  with_items:
    - { "path":"/test/test2", "owner":"root", "group":"root", "mode":"755" }
    - { "path":"/test/test3", "owner":"root", "group":"root", "mode":"777" }

unarchive module

unarchive: src=/tmp/ruby.tar.gz dest=/tmp copy=no

lineinfile module

lineinfile: dest=/etc/sysconfig/selinux regexp="^SELINUX=.*" line="SELINUX=disabled"
lineinfile: >
  dest=/etc/ssh/sshd_config
  regexp="^PasswordAuthentication"
  line="PasswordAuthentication no"
  insertafter="#PasswordAuthentication"


PLAYBOOK Example

- hosts: all
  become: yes
  gather_facts: no
  tasks:
  - command: touch /tmp/test1.txt
  - command: touch /tmp/test2.txt
  - command: touch /tmp/test3.txt

install httpd

- hosts: all
  become: yes
  gather_facts: no
  tasks:
  - name: check install httpd
    yum: name=httpd state=latest

  - name: start httpd and enabled httpd
    service: name=httpd state=started enabled=yes

- hosts: all
  become: yes
  gather_facts: no
  tasks: 
   - name: yum install httpd
     yum: name=httpd state=present 
  
   - name: service httpd start
     service: name=httpd state=started

   - name: chkconfig httpd on
     command: /sbin/chkconfig httpd on 

ruby install from source

---
- hosts: all
  become: yes
  gather_facts: nos
  tasks:
    - name: apt-get update
      apt: update_cache=yes

    - name: install depended packages
      apt: name={{ item }} state=latest
      with_items:
        - libffi-dev
        - libreadline6-dev
        - libssl-dev
        - make
        - zlib1g-dev

    - name: check exist of ruby source
      stat: path=/usr/local/src/ruby-2.3.0
      register: ruby_source

    - name: get source and unarchive
      unarchive: src=https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.0.tar.gz dest=/usr/local/src copy=no
      when: not ruby_source.stat.exists

    - name: build
      shell: ./configure && make && make install
      args:
        chdir: /usr/local/src/ruby-2.3.0

make install

- hosts: all
  become: yes
  gather_facts: no
  tasks: 
    - name: download hoge source file
      get_url: url=https://hostname/hoge_source.tar.gz dest=/usr/local/src/hoge_source.tar.gz

    - name: extract hoge source file
      unarchive: src=/usr/local/src/hoge_source.tar.gz dest=/usr/local/src/ creates=/usr/local/src/hoge_source

    - name: install hoge
      shell: ./configure && make && make install chdir=/usr/local/src/hoge_source creates=/usr/bin/hoge

exec shell

- hosts: all
  become: yes
  gather_facts: no
  tasks:
    - name: copy file
      copy: src=/tmp//sumple.sh dest=/tmp/sumple.sh owner=user01 group=dev mode=0755 

    - name: exec shell
      shell: /tmp/sumple.sh

    - name: delete file
      file: dest=/tmp/sumple.sh state=absent




Reference




middleware/iac/ansible/ansible-playbook.txt · Last modified: 2020/04/12 by admin

Page Tools