Zum Inhalt

Ansible cheatsheet

ansible-doc

Every module's doc can be accessed via cli, no need to visit the website:

ansible-doc copy

ansible-console

Ansible console allows to connect and run commands on multiple hosts at the same time:

ansible-console -l subset

ansible-inventory

Graph all hosts of a (dynamic) inventory:

ansible-inventory -i inventory/hosts.yml --graph

debug module

List groups of all servers:

 ansible all -m debug -a "var=group_names"

Check if vars set on a group name is accessible by it's members. Let's check if the EDITOR variable is set for all workstations:

ansible workstations -m debug -a "var=EDITOR"

ping module

Ping a group of hosts:

ansible servers -m ping

setup module

Sometimes a playbook fails with ansible_host is not defined, even though gather_facts: true is set in the playbook. In this case, you can force to gather facts using the setup module:

ansible <inventory_name> -m setup

ansible-playbook

Use a subset of hosts:

ansible-playbook -l subset playbook.yml

Use another inventory:

ansible-playbook -i inventory/production.yml playbook.yml

Check which hosts will be targeted by a play:

ansible-playbook --list-hosts backup.yml

ansible.cfg example

Example ansible.cfg for an ansible repo specifying the default inventory and fact cache location.

examples/ansible/ansible.cfg
[defaults]
inventory=./inventories/hosts.yml
log_path=logs/ansible.log
gathering = smart
fact_caching = jsonfile
fact_caching_connection = .fact_cache/
fact_caching_timeout = 86400
remote_tmp     = .ansible/tmp
local_tmp      = .ansible/tmp
interpreter_python = auto_silent
ansible_python_interpreter=/usr/bin/python3
timeout=30
# the synchronize module does not work with /bin/bash, there is an open issue for that
executable = /bin/sh

Vagrantfile example

Here is an example Vagrantfile to test playbooks which includes the option of setting the groups of these hosts:

examples/vagrant/Vagrantfile_ansible
PROVIDER='virtualbox'
ENV['VAGRANT_DEFAULT_PROVIDER'] = PROVIDER
IMAGE_NAME = "generic/ubuntu2110"
VAGRANT_API_VERSION = "2"

machines=[
    {
    :hostname => "controller",
    :box => IMAGE_NAME,
    :ram => 4096,
    :cpu => 3,
    :playbook => "k8s.yml",
    :groups => ["k8s_cluster", "k8s_controller"],
    :ip => "192.168.56.10"
  },
  {
    :hostname => "worker1",
    :box => IMAGE_NAME,
    :ram => 2048,
    :cpu => 3,
    :playbook => "k8s.yml",
    :groups => ["k8s_cluster", "k8s_worker"],
    :ip => "192.168.56.11"
  },
  {
    :hostname => "ubuntu2010",
    :box => IMAGE_NAME,
    :ram => 1024,
    :cpu => 2,
    :playbook => "home_servers.yml"
  },
  {
    :hostname => "debianbuster",
    :box => "debian/buster64",
    :ram => 1024,
    :cpu => 2,
    :playbook => "testing-debian_buster.yml"
  }
]

Vagrant.configure(VAGRANT_API_VERSION) do |config|
  if Vagrant.has_plugin?("vagrant-cachier")
    config.cache.scope = :machine
    config.cache.enable :apt
  end

  machines.each do |machine|
    config.vm.define machine[:hostname] do |node|
      node.vm.box = machine[:box]
      node.vm.box_version = machine[:box_version]
      node.vm.hostname = machine[:hostname]
      if machine.has_key?(:ip)
        node.vm.network "private_network", ip: machine[:ip]
      end

      node.vm.provider PROVIDER do |vb|
        vb.memory =  machine[:ram]
        vb.cpus = machine[:cpu]
      end
      node.vm.provision "ansible" do |ansible|
        ansible.playbook = machine[:playbook]
        ansible.host_vars = {
          machine[:hostname] => {
              "ansible_python_interpreter" => "/usr/bin/python3",
          }
        }
        if machine.has_key?(:groups)
            ansible.groups = Hash[machine[:groups].each_with_object([machine[:hostname]]).to_a]
        end

        force_remote_user = true
#         ansible.verbose = "v"
#         ansible.raw_arguments  = "--ask-vault-pass"

      end
    end
  end
end

Testing with vagrant

The playbooks are registered inside the Vagrantfile and used provisioning the machine.

vagrant up debianbuster

Rerun the playbook:

vagrant provision

Enter the machine:

vagrant ssh

Letztes Update: March 25, 2023
Erstellt: February 18, 2023