Ansible

27 Mar
Posted on Author root 0

Ansible permet d’automatiser des déploiements de configurations, d’applications.

Ansible utilise le protocole ssh pour le déploiement.

Ansible fonctionne avec des inventaires, des roles et des playbooks.

Lancer Ansible

ansible -i inventory.inv all -m shell -a "uptime"

Vault 

ansible-vault encrypt_string file_encrypted.yml --name name_variable

Playbook

--extra-vars "variable=true"

Tasks and pre tasks

- hosts: nodes
    serial: 1
    tasks:
      - import_role:
          name: role_name
          tasks_from: "role1"
    tasks:
      - include_role:
          name: role_name
          tasks_from: role1
pre_tasks:
  - name: Execute a script
    local_action: script /path/script.bash {{ ansible_hostname }}
    register: result
    changed_when: True

Exemple

hosts: all  
become: yes  
serial: "{{ serial_number|default(1) }}"  
vars: 
  - var1: xxxx 
  - var2: False 
roles: 
  - role1

Role

Conditions

"{{ item.verify | d('yes') }}"
"{{ item.mode | default(omit) }}"

name: Check
stat:
  path: "{{ file }}"
register: result

name: Do
file: 
  path: "{{ file }}"
  state: absent
when: not result.stat.exists

Gestion des erreurs 

ignore_errors: yes

Variables

roles/xxxx/defaults/main.yml
machine_file: /etc/xxxx
machine_file2: "{{ '/etc/%s/'|format(machine_file)|realpath }}"
machine_file3: "/etc/{{ ansible_hostname }}/"
machine_file4: "{{ machine_file|truncate(5) }}"
machine_file5: "{{ machine_file|replace('/', '?') }}"
repository:
  - name: reponame
    description: repository xxxx
    baseurl: https://xxxx/pub/xxxxx
    gpgcheck: yes
    sslverify: yes
variable:
  - name: name1
  - name: name2

yum_repository:
  name: "{{ item.name }}"
  description: "{{ item.description }}"
  baseurl: "{{ item.baseurl }}"
  enabled: yes
  sslverify: "{{ item.sslverify }}"
  gpgcheck: "{{ item.gpgcheck }}"
with_items:
  - "{{ repository }}"

yum_repository: 
  name: "{{ item.name }}" 
    file: xxxx 
    state: absent 
  with_items: 
    - "{{ variable }}"

Handlers

roles/xxxx/handlers/main.yml
- name: restart
  systemd:
    name: xxxx
    state: restarted
  listen: "restart xxxx"

tasks: 
  - name: restart xxxx
    shell: ""   
    notify: "restart xxxx"

Copie

- name: hostname
  copy:
   content: "{{ inventory_hostname }}"
   dest: /etc/hostname

URL

- name: url
  uri:
    url: http://192.168.1.1:123/status/status
  register: status

- debug: 
    msg: 
      - "status: {{ status.json.status }}"

- name: version
  uri:
    url: http://192.168.1.1:123/
    return_content: true
  register: version

- debug:
    msg:
      - "version: {{ version.content }}"

Tags

ansible-playbook playbook.yml --list-tags

Inventaire

inventory
group_vars
host_vars

Ansible galaxy

ansible-galaxy install --force --role-file roles/requirements.yml --roles-path roles/
ansible-galaxy init
roles/xxxx/meta/main.yml
galaxy_info:
  description: rolexxxxx
  platforms:
    - name: EL
      versions:
        - 8

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *