Ansible 2.4 Review

@KeithResar

@KeithResar Keith [email protected] @KeithResar

• • •

• • • • • • • •

# this is a 'play' include - include: listofplays -
name: another play hosts: all tasks: - debug: msg=hello # this is a 'task' include - include: stuff.yml

- include_playbook: webservers.yml # or - import_playbook: databases.yml --- tasks:
- include_tasks: common_tasks.yml # or - import_tasks: common_tasks.yml foo=bar

- hosts: all # Specify order that hosts are processed
order: inventory | sorted | reverse_* | shuffle # Not new, but feels related strategy: linear | free ...

Host 1 Host 2 Host 3 Host 4 Host 5
Inventory Task 1 Task 2 Task 3 This slide rocks with animation, but is worthless when static. You should have seen the preso live!!

Host 1 Host 2 Host 3 Host 4 Inventory Task
1 Task 2 Task 3 This slide rocks with animation, but is worthless when static. You should have seen the preso live!! Forks == 2

files templates ansible-vault vars files templates vars files templates vars
ansible-playbook files templates vars

# Prompt for password > ansible-playbook \ --ask-vault-pass site.yml #
Credentials in file > ansible-playbook \ --vault-password-file dev-pass site.yml

# Single password Prompt > ansible-playbook \ --vault-id @prompt site.yml
# Multi-password > ansible-playbook \ --vault-id cloud@prompt \ --vault-id app@mypassfile \ site.yml

> ansible-config Usage: ansible-config [view|dump|list] [ansible.cfg] View, edit, and manage
ansible configuration. Options: -c CONFIG_FILE, --config=CONFIG_FILE path to configuration file, defaults to first file found in precedence.

Filters in Ansible are from Jinja2, and are used for
transforming data inside a template expression. # Default values {{ my_var | default(‘foo’) }} ➠ foo (if var undefined) # Transforming output {{ my_var | to_nice_json(indent=2) }} ➠ { … } # Regex {{ 'ansible' | regex_replace('^a.*i(.*)$', 'a\\1') }} ➠ able

• ipaddr filter gained several new suboptions ◦ First_usable, ip/prefix,
Ip_netmask, last_usable, next_usable, network_id, network/prefix, network_netmask ◦ Network_wildcard, Previous_usable, Range_usable, Size_usable, wildcard • Next_nth_usable, network_in_network, Network_in_usable, previous_nth_usable • Parse_cli, parse_cli_textfsm # Subnet membership {{ '192.168.1.1/24' | network_in_network('192.168.1.1/25') }} # Subnet expansion {{ '192.168.1.1/24' | next_nth_usable(50) }} # Extract CLI element {{ output | parse_cli_textfsm('path/to/fsm') }}

# Display year-month-day {{ '%Y-%m-%d' | strftime }} # Display
hour:min:sec {{ '%H:%M:%S' | strftime }} # Use ansible_date_time.epoch fact {{ '%Y-%m-%d %H:%M:%S' | strftime(ansible_date_time.epoch) }} # Use arbitrary epoch value {{ '%Y-%m-%d' | strftime(0) }} # => 1970-01-01 {{ '%Y-%m-%d' | strftime(1441357287) }} # => 2015-09-04

{{ "http://user:[email protected]:9000/dir/index.html? query=term#frament" | urlsplit }} # => # {
# "fragment": "fragment", # "hostname": "www.acme.com", # "netloc": "user:[email protected]:9000", # "password": "password", # "path": "/dir/index.html", # "port": 9000, # "query": "query=term", # "scheme": "http", # "username": "user" # }

{{ "http://user:[email protected]:9000/dir/index.html? query=term#frament" | urlsplit(‘port’) }} # => 9000

• • • • • • • •

Skip a particular step based on a variable or fact
tasks: - name: "shut down Debian flavored systems" command: /sbin/shutdown -t now when: ansible_os_family == "Debian"

tasks: - debug: msg="all are true!" when: list_one is all
vars: list_one: - 1 - 3 == 3 - True list_two: - False - True - debug: msg="at least one is true" when: list_two is any

• win_defrag • win_domain_group • win_domain_user • win_dsc • win_eventlog
• win_eventlog_entry • win_firewall • win_group_membership • win_hotfix • win_mapped_drive • win_pagefile • win_power_plan • win_psmodule • win_rabbitmq_plugin • win_route • win_security_policy • win_toast • win_user_right • win_wait_for • win_wakeonlan

# Playbook example - name: Extract zip file win_dsc: resource_name:
archive ensure: Present path: "C:\\Temp\\zipfile.zip" destination: "C:\\Temp\\Temp2" - name: Invoke DSC with check mode win_dsc: resource_name: windowsfeature name: telnet-client

• • -v • • • •

@KeithResar @KeithResar

Ansible 2.4 Review

Ansible 2.4 Review

Keith Resar

More Decks by Keith Resar

Other Decks in Technology

Featured

Transcript

@KeithResar

@KeithResar Keith [email protected] @KeithResar

• • •

• • • • • • • •

# this is a 'play' include - include: listofplays -

- include_playbook: webservers.yml # or - import_playbook: databases.yml --- tasks:

- hosts: all # Specify order that hosts are processed

Host 1 Host 2 Host 3 Host 4 Host 5

Host 1 Host 2 Host 3 Host 4 Inventory Task

files templates ansible-vault vars files templates vars files templates vars

# Prompt for password > ansible-playbook \ --ask-vault-pass site.yml #

# Single password Prompt > ansible-playbook \ --vault-id @prompt site.yml

> ansible-config Usage: ansible-config [view|dump|list] [ansible.cfg] View, edit, and manage

Filters in Ansible are from Jinja2, and are used for

• ipaddr filter gained several new suboptions ◦ First_usable, ip/prefix,

# Display year-month-day {{ '%Y-%m-%d' | strftime }} # Display

{{ "http://user:[email protected]:9000/dir/index.html? query=term#frament" | urlsplit }} # => # {

{{ "http://user:[email protected]:9000/dir/index.html? query=term#frament" | urlsplit(‘port’) }} # => 9000

• • • • • • • •

Skip a particular step based on a variable or fact

tasks: - debug: msg="all are true!" when: list_one is all

• win_defrag • win_domain_group • win_domain_user • win_dsc • win_eventlog

• win_defrag • win_domain_group • win_domain_user • win_dsc • win_eventlog

# Playbook example - name: Extract zip file win_dsc: resource_name:

• • -v • • • •

@KeithResar @KeithResar