ansible

Installation

pip install ansible

inventory

vim /etc/ansible/hosts

mail.example.com

[webservers]
web.example.com

[dbservers]
db.example.com

Playbooks

Execute playbook on localhost

ansible-playbook -i "localhost," -c local playbook.yml

Use -k or --ask-pass option

apt install sshpass

Override variables from the command line

--extra-vars "home=/Users/jf user=jf"
-e '{"pacman":"mrs","ghosts":["inky","pinky","clyde","sue"]}'

Roles

Install role

sudo ansible-galaxy install Trozz.atom

Default directory layout

production                # inventory file for production servers
staging                   # inventory file for staging environment

group_vars/
   group1                 # here we assign variables to particular groups
   group2                 # ""
host_vars/
   hostname1              # if systems need specific variables, put them here
   hostname2              # ""

library/                  # if any custom modules, put them here (optional)
filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook
webservers.yml            # playbook for webserver tier
dbservers.yml             # playbook for dbserver tier

roles/
    common/               # this hierarchy represents a "role"
        tasks/            #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/         #
            main.yml      #  <-- handlers file
        templates/        #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/            #
            bar.txt       #  <-- files for use with the copy resource
            foo.sh        #  <-- script files for use with the script resource
        vars/             #
            main.yml      #  <-- variables associated with this role
        defaults/         #
            main.yml      #  <-- default lower priority variables for this role
        meta/             #
            main.yml      #  <-- role dependencies
        library/          # roles can also include custom modules
        lookup_plugins/   # or other types of plugins, like lookup in this case

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""

Get all variables

ansible -m setup localhost

localhost | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.3.103", 
            "192.168.122.1"
        ], 
        "ansible_all_ipv6_addresses": [
            "fdbb:6b7e:49e8::aab" 
        ], 
        "ansible_apparmor": {
            "status": "enabled"
        }, 
...