In the previous lesson, you learned how to use the Ansible ad hoc commands to perform a single task on managed hosts. In this tutorial, you’ll learn how to automate multiple tasks on managed hosts by creating and running accessible playbooks.
To better understand the differences between Ansible ad hoc and Ansible playbooks, you can consider the Ansible ad hoc playbooks as Linux commands and the playbooks as bash-scripts.
Any special commands are ideal for tasks that are not carried out frequently, such as keeping servers operational, receiving system information, etc.
On the other hand, Ansible Playbooks are ideal for automating complex tasks such as installing system patches, deploying applications, setting up a firewall, managing users, etc.
Note that in this GitHub repository, I’ve included all the playbooks, scripts, and files I’m going to talk about in this series.
Before following this Authorized Reading Guides manual, please review the settings in section 1 of the Authorized Reading Guides series.
Make your first approved game
The playbooks are written in YAML format (YAML = Yet Another Markup Language). In case you are unfamiliar with YAML, I have included the main syntax rules of YAML in the following figure, so you can easily follow all the examples in the manual of the game:
You should also keep in mind that YAML files should also have the extension .yaml or .yml. Personally, I prefer the .yml because it’s less crowded and I’m lazy.
In addition, the YAML is sensitive to nicks. It is recommended to use a two-dimensional fingerprint in YAML, but YAML will track any fingerprint system used by the file if it is consistent.
It is uncomfortable to keep pressing two spaces on the keyboard, so do yourself a favor and add the following line to the ~/.vimrc file
autocmd FileType yaml setlocal ai ts=2 sw=2 et al.
This converts tabs to two spaces each time you work with the YAML file. Did you like Jim’s practical advice? You can get this book for advanced advice from Wims.
The mastery of Wim Quick – Jowica Ilitz
When leaving Vim, you can quickly switch from WTF to OMG in the shortest possible time.
Jovica Ilic
Now, let’s make your first piece. Create a file named firstplaybook.yml in the project folder with the following contents :
[[protected email] play] $ cat firstplaybook.yml—
– name: play first
hosts: all tasks
:
– Name: create a new file to
: Path
: /tmp/foo.conf
Mode : 0664 Owner
: elliot
Condition: touch
This playbook works on all hosts and uses a file module to create a file named /tmp/foo.conf; you also need to set the mode to: 0664 and the owner: the elliot parameter of the module to set the access rights to the file and the owner of the file. Finally, set the Status: Tap to make sure the file is created if it does not already exist.
To start a playbook, use the asible-playbook command followed by the playbook’s filename:
enable-playbook firstplaybook.yml
Here is the full result of the above command:
$able-playbook firstplaybook.yml.
PLAY [first game] **************************************************************
TASK [Collection of Facts] *********************************************************
ok:
ok:
ok:
ok: [Knot 2]
TASK [create new file] *******************************************************
changed :
is changed :
is changed :
is changed: [Knot 2]
Game record *********************************************************************
node1: ok=2 modified=1 unreachable=0 failed=0 saved=0 ignored=0
node2 : ok=2 modified=1 unreachable=0 failed=0 skipped=0 saved=0 ignored=0
node3: ok=2 modified=1 unreachable=0 failed=0 skipped=0 saved=0 ignored=0
node4: ok=2 modified=1 unreachable=0 failed=0 skipped=0 saved=0 ignored=0
The result of the Playbook is very clear. For now, pay particular attention to change=1 in the PLAY RECAP summary, which means that a change has been successfully made to the node to be maintained.
Let’s run the following ad hoc command to make sure /tmp/foo.conf is actually created on all managed hosts:
[[email protected] plays]$ asible all -m command -a ls -l /tmp/foo.confnode4 | CHANGED | rc=0 >>
-rw-rw-rw— 1 elliot root 0 Oct 25 03:20 /tmp/foo.conf
node1 | CHANGED | rc=0 >>
-rw-rw-rw-rw—. 1 Elliot root 0 Oct 25 03:20 /tmp/foo.conf
node2 | Modified | rc=0 >>
-rw-r—. 1 Elliot root 0 October 25 03:20 /tmp/foo.conf
node3 | Modified | rc=0 >>
-rw-r—. 1 Elliot root 0 Oct 25 03:20 /tmp/foo.conf
Note that you can also use the ad hoc command Ansible, which does the same as the first version of playbook.yml :
possibly all -m file -a path=/tmp/foo.conf mode=0664 owner=elliot state=touch
For more details on the File module, see the Authorized Documentation page:
Secure email playback: $able-doc file.
Starting several games with the authorized game book
You have only created one game that contains a task on the first game booklet. A set can contain multiple sets, and each set can contain multiple tasks.
Let’s create a playbook called multiple-plays.yml with the following content:
[[protected email] plays] $ cat multiple-plays.yml—
– name: plays hosts
first: all tasks
:
– Name : tmux
Install the :
Name: tmux
Status: currently
– Name: Create archive
: Path
: /var/log
dest: /tmp/logs.tar.gz Format
: gz
– Name: Second game
Host: Node4
Tasks :
– Name: set git
apt :
Name: git
Status: currently
There are two moves in this game:
- First set (contains two tasks) – works on all hosts.
- The second set (contains one task) – it starts only on the node4.
Note that I used a package manager module in the first set because it is a generic package manager module and it automatically detects the default package manager on managed hosts. In the second game I used the apt module because I only run it on the Ubuntu host (node 4).
There are also yum and dnf modules that run on CentOS and RHEL systems.
I also used the archiving module to create the compressed gzip-archive /tmp/logs.tar.gz that contains all the files in /var/log.
Come on, start the multiplayer game:
$able-playbook multiple-plays.yml plays.
PLAY [first game] **************************************************************
TASK [install tmux] ************************************************************
amended :
amended:
modified:
modified: node1
TASK [Create Archive] ******************************************************* changed: [knots2] changed: [knots3] changed: [knots1] changed: [knots4]
PLAY [second game] *************************************************************.
TASK [set git] *************************************************************
modified : [node4].
GAME RECORD *********************************************************************
node1: ok=2 modified=2 unreachable=0 failed=0 saved=0 ignored=0
node2: ok=2 modified=2 unreachable=0 failed=0 saved=0 ignored=0
node3: ok=2 modified=2 unreachable=0 failed=0 ignored=0
node4: ok=3 modified=3 unreachable=0 failed=0 ignored=0 saved=0
Everything looks good. You can quickly check the existence of the /tmp/logs.tar.gz archive on all nodes by executing the following ad hoc command:
[[email protected] plays]$able all -m command -a file -s /tmp/logs.tar.gznode4 | CHANGED | rc=0 >>
/tmp/logs.tar.gz: data compressed by gzip, was /tmp/logs.tar, last modified About 25. 04:40:46 October 2020, maximum compression
node1 | CHANGED | rc=0 >>
/tmp/logs.tar.gz : Data compressed by gzip, was /tmp/logs.tar, last modified : Sunday the 25th. 04:40:47 October 2020, maximum compression, original size 107458560
node3 | CHANGED | rc=0 >>
/tmp/logs.tar.gz : data compressed by gzip, was /tmp/logs.tar, latest changes : Approximately 25. 04:40:47 October 2020, maximum compression, original size 75560960
node2 | CHANGED | rc=0 >>
/tmp/logs.tar.gz : The gzip compressed data was /tmp/logs.tar, last modified: Sunday the 25th. October 04:40:47 2020, maximum compression, original size 52326400
In addition, I recommend that you read the following authorized pages of the documentation and the Examples section:
[[e-mail protected] plays] $ ansible-doc package[[e-mail protected] plays] $ ansible-doc archive
[[e-mail protected] plays] $ ansible-doc apt
[[e-mail protected] plays] $ ansible-doc yum
Checking your playbooks (before you start)
Although I’ve already shown you the steps to using Ansible games, it’s always a good idea to check your game before using it. This ensures that your booklet is free of possible errors.
You can use the –syntax-check option to check your playbook for syntax errors:
$able-playbook –syntax-check firstplaybook.yml
playbook: firstplaybook.yml
You can also use the -check option to try out your playbook before launching it:
$ ansible-playbook – check firstplaybook.yml
PLAY [first game] **************************************************************
TASK [Collection of Facts] *********************************************************
ok:
ok:
ok:
ok: [Knot 2]
TASK [create new file] *******************************************************
ok :
ok :
ok :
ok : [node 3].
GAME RECORD *********************************************************************
node1: ok=2 modified=0 unreachable=0 failed=0 saved=0 ignored=0
node2: ok=2 modified=0 unreachable=0 failed=0 saved=0 ignored=0
node3: ok=2 modified=0 unreachable=0 failed=0 ignored=0
node4: ok=2 modified=0 unreachable=0 failed=0 ignored=0 ignored=0 ignored=0
Note that if you dry the book, no changes will be made to the managed nodes.
Using the -list options, you can create a list of the owners of each piece in your game book:
$ ansible-playbook –list hosts multiple-plays.yml
Game book: Multi-plays.yml
Game no. 1 (all): First game TAGS : Model
: [all] hosts
(4) :
node4
node2
node1
node3
second set of TAGS : Model
: [node4]
Host (1) :
node4
You can also include the tasks for each game in your game book using the –tasks list option:
$able-playbook –list-tasks multiple-plays.yml — [Email protected] play
Game book: Multi-plays.yml
Game no. 1 (all): First game TAGS : Jobs
:
Installation tmux TAGS :
Create TAGS archive : : : []
Second set of TAGS: Jobs
:
Parameters of the anti-corruption strategy: [].
You can also visit the Man Game Book page for a full list of options.
Reuse and reading tasks
You can write several books with general tasks. In this case it is best to create a file with a list of all the common tasks, after which you can reuse it in your playbooks.
For demonstration purposes, we create a file called group-tasks.yml, which contains the following tasks
[[protected email] plays]$ cat group-tasks.yml– name : Create developer group
:
name : Developer
– Name : Create security group
:
name : Security
– name : name of the financial group:: Finances
You can now use the import_tasks module to perform all tasks in groupstasks.yml in your first playbook as follows:
[[protected email] play] $ cat firstplaybook.yml—
– name: play first
hosts: all tasks
:
– Name: create a new file to
: Path
: /tmp/foo.conf
Mode : 0664 Owner
: elliot
Condition: touch
– Name: Creating groups
import_tasks: group-tasks.yml
You can also use the import_playbook module to reuse the entire playbook. For example, you can create a new playbook called re-use-playbook.yml, which will have the following content
[[Protected Email] plays] $ cat re-use-playbook.yml—
– Name : Reuse of the script: all tasks : – Name: Reboot server
:
msg Server restart …
– Name: Start the first playbook
import_playbook: firstplaybook.yml
Also note that you can only import the game book at a new level of the game, i.e. you cannot import the game into another game.
You can also use the included module to reuse tasks and playbooks. For example, you can replace the import_playbook operator with the include operator as follows
[[Protected Email] plays] $ cat re-use-playbook.yml—
– Name : Reuse of the script: all tasks : – Name: Reboot server
:
msg Server restart …
– Name: Run the first game booklet
.
The only difference is that the input sheets are pre-processed during the reading analysis. On the other hand, the statements are incorporated into the piece as they are found during the performance. So the input is generally static, while the recording is dynamic.
Performing selective tasks and playing withPermitted play
You can choose not to run an entire Playbook and perform certain tasks or replay them in the Playbook. You can use labels for this.
For example, you can mark the Git installation job in the playbook’s multiple-plays.yml file as follows
[[protected email] plays] $ cat multiple-plays.yml—
– name: plays hosts
first: all tasks
:
– Name : tmux
Install the :
Name: tmux
Status: currently
– Name: Create archive
: Path
: /var/log
dest: /tmp/logs.tar.gz Format
: gz
– Name: Second game
Host: Node4
Tasks :
– Name: set git
apt :
Name: git
Status: current tags
: git
You can now use the –tags option, followed by the name of the Git tag, to perform only the Git installation task:
[email protected] play] $able-playbook multiple-plays.yml –tags gitPLAY [first game] **************************************************************
GAME [Second Game] *************************************************************.
TASK [install git] *************************************************************
ok: [node4].
Game record *********************************************************************
node4: ok=1 modified=0 unreachable=0 failed=0 skipped=0 saved=0 ignored=0
As you can see, the first two games have been missed and only the installation movement has started. You can also see change=0 in PLAY RECAP, because git is already on node 4.
You can mark a document in the same way.
All right! That brings us to the end of the manual of the Ansible Playbooks. Stay with us for the next lesson as you learn to work with variables, facts, and possible registers. Don’t forget to become a member of the Linux Handbook.
Related Tags:
modoboa install,modoboa docker,modoboa review,modoboa ldap,modoboa port,modoboa ssl certificate
