Let's use ansible's command line tool to reboot all web servers in Atlanta, 10 at a time::
ssh-agent bash
ssh-agent bash
ssh-add ~/.ssh/id_rsa.pub
ssh-add ~/.ssh/id_rsa.pub
@ -21,23 +21,24 @@ Reboot all web servers in Atlanta, 10 at a time::
The -f 10 specifies the usage of 10 simultaneous processes.
The -f 10 specifies the usage of 10 simultaneous processes.
Note that other than the command module, ansible modules do not work like simple scripts. They make the remote system look like you state, and run the commands neccessary to get it there.
Note that other than the command module, ansible modules do not work like simple scripts. They make the remote system look like you state, and run the commands neccessary to get it there. This is commonly refered to
as 'idempotency'.
Example 2: Time Limited Background Operations
`````````````````````````````````````````````
Time Limited Background Operations
``````````````````````````````````
Long running operations can be backgrounded, and their status can be checked on later. The same job ID is given to the same task on all hosts, so you won't lose track. Polling support is pending in the command line.::
Long running operations can be backgrounded, and their status can be checked on later. The same job ID is given to the same task on all hosts, so you won't lose track. Polling support is pending in the command line.::
ansible all -B 3600 -a "/usr/bin/long_running_operation --do-stuff"
ansible all -B 3600 -a "/usr/bin/long_running_operation --do-stuff"
ansible all -n job_status -a jid=123456789
ansible all -n job_status -a jid=123456789
Any module other than 'copy' or 'template' can be backgrounded.
Any module other than 'copy' or 'template' can be backgrounded. Typically you'll be backgrounding shell
commands or software upgrades only.
After the time limit (in seconds) runs out (-B), the process on the remote nodes will be killed.
Examples 3: File Transfer & Templating
File Transfer & Templating
``````````````````````````````````````
``````````````````````````
Ansible can SCP lots of files to multiple machines in parallel, and optionally use them as template sources.
Ansible can SCP lots of files to multiple machines in parallel, and optionally use them as template sources.
@ -45,7 +46,7 @@ To just transfer a file directly to many different servers::
ansible atlanta copy -a "/etc/hosts /tmp/hosts"
ansible atlanta copy -a "/etc/hosts /tmp/hosts"
To use templating, first run the setup module to put the template variables you would like to use on the remote host. Then use the template module to write the files using the templates. Templates are written in Jinja2 format. Playbooks (covered below) will run the setup module for you, making this even simpler.::
To use templating, first run the setup module to put the template variables you would like to use on the remote host. Then use the template module to write the files using the templates. Templates are written in Jinja2 format. Playbooks (covered elsewhere in the documentation) will run the setup module for you, making this even simpler.::
ansible webservers -m setup -a "favcolor=red ntp_server=192.168.1.1"
ansible webservers -m setup -a "favcolor=red ntp_server=192.168.1.1"
ansible webservers -m template -a "src=/srv/motd.j2 dest=/etc/motd"
ansible webservers -m template -a "src=/srv/motd.j2 dest=/etc/motd"
@ -53,8 +54,8 @@ To use templating, first run the setup module to put the template variables you
Need something like the fqdn in a template? If facter or ohai are installed, data from these projects will also be made available to the template engine, using 'facter' and 'ohai' prefixes for each.
Need something like the fqdn in a template? If facter or ohai are installed, data from these projects will also be made available to the template engine, using 'facter' and 'ohai' prefixes for each.
Examples 3: Deploying From Source Control
Deploying From Source Control
`````````````````````````````````````````
`````````````````````````````
Deploy your webapp straight from git::
Deploy your webapp straight from git::
@ -62,4 +63,15 @@ Deploy your webapp straight from git::
Since ansible modules can notify change handlers (see 'Playbooks') it is possible to tell ansible to run specific tasks when the code is updated, such as deploying Perl/Python/PHP/Ruby directly from git and then restarting apache.
Since ansible modules can notify change handlers (see 'Playbooks') it is possible to tell ansible to run specific tasks when the code is updated, such as deploying Perl/Python/PHP/Ruby directly from git and then restarting apache.
Managing Services
`````````````````
Ensure a service is started on all webservers::
ansible webservers -m service name=httpd state=started
Alternatively, restart a service on all webservers::
ansible webservers -m service name=httpd state=restarted
@ -10,15 +10,17 @@ Other tools in this space have been too complicated for too long, require too mu
and have too much learning curve. Ansible is dead simple and painless to extend. For comparison, Puppet and Chef have about 60k lines of code. Ansible's core is a little over 1000 lines.
and have too much learning curve. Ansible is dead simple and painless to extend. For comparison, Puppet and Chef have about 60k lines of code. Ansible's core is a little over 1000 lines.
Ansible isn't just for configuration -- it's also great for Ad-Hoc tasks,
Ansible isn't just for configuration -- it's also great for Ad-Hoc tasks,
quickly firing off commands against nodes. Where Ansible excels though, is expressing complex multi-node deployment processes, executing complex sequences of commands on different hosts through the "playbooks" feature.
quickly firing off commands against nodes. Where Ansible excels though, is expressing complex multi-node deployment processes, executing complex sequences of commands on different hosts through "playbooks".
Ansible does not require programming in any particular language -- you can write modules
Extending ansible does not require programming in any particular language -- you can write modules
as scripts or programs that return simple JSON.
as scripts or programs that return simple JSON. It's also trivially easy to just execute
useful shell commands.
Why use Ansible versus something else? (Puppet, Chef, Fabric, Capistrano,
Why use Ansible versus something else? (Puppet, Chef, Fabric, Capistrano,
mCollective, Func, SaltStack, etc?) It will have far less code, it
mCollective, Func, SaltStack, etc?) Ansible will have far less code, it
will be more correct, and it will be the easiest thing to hack on and
will be (by extension) more correct, and it will be the easiest thing to hack on and
use you'll ever see -- regardless of your favorite language of choice.
use you'll ever see -- regardless of your favorite language of choice.
Systems management doesn't have to be complicated. Ansible's docs will remain
Systems management doesn't have to be complicated. Ansible's docs will remain
short & simple, and the source will be blindingly obvious.
short & simple, and the source will be blindingly obvious.
@ -32,7 +34,7 @@ Design Goals
* No additional software required on client boxes
* No additional software required on client boxes
* Modules can be written in ANY language
* Modules can be written in ANY language
* Awesome API for creating very powerful distributed scripts
* Awesome API for creating very powerful distributed scripts
* Be usable as non-root
* Be very usable as non-root
* Create the easiest config management system to use, ever.
* Create the easiest config management system to use, ever.
Communicate and Get Involved
Communicate and Get Involved
@ -55,10 +57,10 @@ Contents
gettingstarted
gettingstarted
patterns
patterns
examples
modules
modules
YAMLScripts
YAMLScripts
playbooks
playbooks
examples
api
api
man
man
@ -69,7 +71,7 @@ Ansible was originally developed by Michael DeHaan, a Raleigh, NC based software
He created other popular DevOps programs such as Cobbler, the popular Linux install server.
He created other popular DevOps programs such as Cobbler, the popular Linux install server.
Cobbler is used to deploy mission critical systems all over the planet, in industries
Cobbler is used to deploy mission critical systems all over the planet, in industries
ranging from massively multiplayer gaming, core internet infrastructure, finance,
ranging from massively multiplayer gaming, core internet infrastructure, finance,
chip design, and more. Michael also helped co-author of Func, which is used
chip design, and more. Michael also helped co-author of Func, a precursor to Ansible, which is used
to orchestrate systems in lots of diverse places. He's worked on systems software for
to orchestrate systems in lots of diverse places. He's worked on systems software for
IBM, Motorola, Red Hat's Emerging Technologies Group, and rPath.
IBM, Motorola, Red Hat's Emerging Technologies Group, Puppet Labs, and rPath.
Nearly all modules take key=value parameters. Some modules take no parameters, and the command
```````````````````
module just takes arguments for the command you want to run.
All modules return JSON format data, thoug if you are using the command line or playbooks, you
don't really need to know much about that.
Most modules other than command are idempotent, meaning they will seek to avoid changes
Most modules other than command are idempotent, meaning they will seek to avoid changes
unless a change needs to be made. When using ansible playbooks, these modules can
unless a change needs to be made. When using ansible playbooks, these modules can
trigger change events. Unless otherwise noted, all modules support change hooks.
trigger change events. Unless otherwise noted, all modules support change hooks.
Stock modules:
command
command
```````
```````
@ -31,6 +35,8 @@ Example usage::
/sbin/shutdown -t now
/sbin/shutdown -t now
The given shell command will be executed on all selected nodes.
This module does not support change hooks and returns the return code from the program as well as timing information about how long the command was running for.
This module does not support change hooks and returns the return code from the program as well as timing information about how long the command was running for.
@ -41,12 +47,12 @@ The copy module moves a file on the local box to remote locations.
*src*::
*src*::
Local absolute path to a file to copy to the remote server
Local path to a file to copy to the remote server. This can be an absolute or relative path.
*dest*::
*dest*::
Remote absolute path where the file should end up
Remote absolute path where the file should end up.
This module also returns md5sum information about the resultant file.
This module also returns md5sum information about the resultant file.
@ -61,13 +67,14 @@ JSON data that can be useful for inventory purposes.
Requires that 'facter' and 'ruby-json' be installed on the remote end.
Requires that 'facter' and 'ruby-json' be installed on the remote end.
This module is informative only - it takes no parameters & does not support change hooks,
This module is informative only - it takes no parameters & does not support change hooks,
nor does it make any changes on the system.
nor does it make any changes on the system. Playbooks do not actually use
this module, they use the 'setup' module behind the scenes.
git
git
```
```
Deploys software from git checkouts.
Deploys software (or files) from git checkouts.
*repo*::
*repo*::
@ -93,6 +100,8 @@ Requires that 'ohai' be installed on the remote end.
This module is information only - it takes no parameters & does not
This module is information only - it takes no parameters & does not
support change hooks, nor does it make any changes on the system.
support change hooks, nor does it make any changes on the system.
Playbooks should not call the ohai module, playbooks call the 'setup'
module behind the scenes instead.
ping
ping
````
````
@ -100,9 +109,7 @@ ping
A trivial test module, this module always returns the integer '1' on
A trivial test module, this module always returns the integer '1' on
successful contact.
successful contact.
This module does not support change hooks.
This module does not support change hooks and is informative only - it takes no parameters & does not
This module is informative only - it takes no parameters & does not
support change hooks, nor does it make any changes on the system.
support change hooks, nor does it make any changes on the system.
@ -128,18 +135,14 @@ setup
Writes a JSON file containing key/value data, for use in templating.
Writes a JSON file containing key/value data, for use in templating.
Call this once before using the template modules. Playbooks will
Call this once before using the template modules. Playbooks will
execute this module automatically as the first step in each play.
execute this module automatically as the first step in each play using
the variables section, so it is unneccessary to make explicit calls to
setup within a playbook.
If facter or ohai are installed, variables from these programs will also
If facter or ohai are installed, variables from these programs will also
be snapshotted into the JSON file for usage in templating. These variables
be snapshotted into the JSON file for usage in templating. These variables
are prefixed with 'facter_' and 'ohai_" so it's easy to tell their source.
are prefixed with 'facter_' and 'ohai_" so it's easy to tell their source.
All variables are then bubbled up to the caller.
*metadata*
Optionally overrides the default JSON file location of /etc/ansible/setup or ~/ansible/setup
depending on what remote user has been specified.
If used, also supply the metadata parameter to the template module.
*anything*
*anything*
@ -154,43 +157,43 @@ Templates a file out to a remote server. Call the setup module prior to usage.
*src*
*src*
path of a Jinja2 formatted template on the local server
path of a Jinja2 formatted template on the local server. This can be a relative
or absolute path.
*dest*
*dest*
location to render the template on the remote server
location to render the template on the remote server
*metadata*
location of a JSON file to use to supply template data. Default is /etc/ansible/setup
which is the same as the default for the setup module. Change if running as a non-root
remote user who does not have permissions on /etc/ansible.
This module also returns md5sum information about the resultant file.
This module also returns md5sum information about the resultant file.
user
Writing your own modules
````
````````````````````````
This module is in plan.
To write your own modules, simply follow the convention of those already available in
/usr/share/ansible. Modules must return JSON but can be written in any language.
Modules should return hashes, but hashes can be nested.
To support change hooks, modules should return hashes with a changed: True/False
element at the top level::
yum
{
```
'changed' : True,
'something' : 42
}
This module is in plan.
Modules can also choose to indicate a failure scenario by returning a top level 'failure'
element with a True value, and a 'msg' element describing the nature of the failure.
Other return values are up to the module.
{
'failure' : True,
'msg' : "here is what happened..."
}
When shipping modules, drop them in /usr/share/ansible, or specify the module path to the
command line tool or API. It is easy to test modules by running them directly on
the command line, passing them arguments just like they would be passed with ansible.
writing your own modules
````````````````````````
To write your own modules, simply follow the convention of those already available in
/usr/share/ansible. Modules must return JSON but can be written in any language.
Modules should return hashes, but hashes can be nested.
To support change hooks, modules should return hashes with a changed: True/False
element at the top level. Modules can also choose to indicate a failure scenario
by returning a top level 'failure' element with a True value, and a 'msg' element
describing the nature of the failure. Other values are up to the module.
@ -11,7 +11,11 @@ Playbooks: Ansible for Deployment, Configuration Management, and Orchestration
Learn about how to select hosts
Learn about how to select hosts
Playbooks are a completely different way to use ansible and are particularly awesome. They are the basis for a really simple configuration management and deployment system, unlike any that already exist, and one that is very well suited to deploying complex multi-machine applications. While you might run the main ansible program for ad-hoc tasks, playbooks are more likely to be kept in source control and used to push out your configuration or assure the configurations of your remote systems are in spec.
Playbooks are a completely different way to use ansible and are particularly awesome.
They are the basis for a really simple configuration management and multi-machine deployment system, unlike any that already exist, and one that is very well suited to deploying complex applications.
While you might run the main /usr/bin/ansible program for ad-hoc tasks, playbooks are more likely to be kept in source control and used to push out your configuration or assure the configurations of your remote systems are in spec.
Playbook Example
Playbook Example
@ -43,34 +47,43 @@ back on the webservers group, etc::
Hosts line
Hosts line
``````````
``````````
The hosts line is alist of one or more groups or host patterns, seperated by colons, as
The hosts line is alist of one or more groups or host patterns, seperated by colons, as
described in the 'patterns' documentation.
described in the 'patterns' documentation. This is just like the first parameter to /usr/bin/ansible.
Vars section
Vars section
````````````
````````````
A list of variables that can be used in the templates, action lines, or included files.
A list of variables and values that can be used in the plays. These can be used in templates
Variables are deferenced using ``jinja2`` syntax like this::
or 'action' lines and are dereferenced using ```jinja2``` syntax like this:
{{ varname }}
{{ varname }}
These variables will be pushed down to the managed systems for use in templating operations, where
the way to dereference them in templates is exactly the same.
Further, if there are discovered variables about the system (say, if facter or ohai were
Further, if there are discovered variables about the system (say, if facter or ohai were
installed) these variables bubble up back into the playbook, and can be used on each
installed) these variables bubble up back into the playbook, and can be used on each
system just like explicitly set variables. Facter variables are prefixed with 'facter_'
system just like explicitly set variables. Facter variables are prefixed with 'facter_'
and Ohai variables are prefixed with 'ohai_'.
and Ohai variables are prefixed with 'ohai_'. So for instance, if I wanted to write the
<h2>Parallelism and Shell Commands<aclass="headerlink"href="#parallelism-and-shell-commands"title="Permalink to this headline">¶</a></h2>
<h2>Parallelism and Shell Commands<aclass="headerlink"href="#parallelism-and-shell-commands"title="Permalink to this headline">¶</a></h2>
<p>Reboot all web servers in Atlanta, 10 at a time:</p>
<p>Let’s use ansible’s command line tool to reboot all web servers in Atlanta, 10 at a time:</p>
<divclass="highlight-python"><pre>ssh-agent bash
<divclass="highlight-python"><pre>ssh-agent bash
ssh-add ~/.ssh/id_rsa.pub
ssh-add ~/.ssh/id_rsa.pub
ansible atlanta -a "/sbin/reboot" -f 10</pre>
ansible atlanta -a "/sbin/reboot" -f 10</pre>
</div>
</div>
<p>The -f 10 specifies the usage of 10 simultaneous processes.</p>
<p>The -f 10 specifies the usage of 10 simultaneous processes.</p>
<p>Note that other than the command module, ansible modules do not work like simple scripts. They make the remote system look like you state, and run the commands neccessary to get it there.</p>
<p>Note that other than the command module, ansible modules do not work like simple scripts. They make the remote system look like you state, and run the commands neccessary to get it there. This is commonly refered to
<h2>Example 2: Time Limited Background Operations<aclass="headerlink"href="#example-2-time-limited-background-operations" title="Permalink to this headline">¶</a></h2>
<h2>Time Limited Background Operations<aclass="headerlink"href="#time-limited-background-operations" title="Permalink to this headline">¶</a></h2>
<p>Long running operations can be backgrounded, and their status can be checked on later. The same job ID is given to the same task on all hosts, so you won’t lose track. Polling support is pending in the command line.:</p>
<p>Long running operations can be backgrounded, and their status can be checked on later. The same job ID is given to the same task on all hosts, so you won’t lose track. Polling support is pending in the command line.:</p>
<divclass="highlight-python"><pre>ansible all -B 3600 -a "/usr/bin/long_running_operation --do-stuff"
<divclass="highlight-python"><pre>ansible all -B 3600 -a "/usr/bin/long_running_operation --do-stuff"
ansible all -n job_status -a jid=123456789</pre>
ansible all -n job_status -a jid=123456789</pre>
</div>
</div>
<p>Any module other than ‘copy’ or ‘template’ can be backgrounded.</p>
<p>Any module other than ‘copy’ or ‘template’ can be backgrounded. Typically you’ll be backgrounding shell
commands or software upgrades only.</p>
<p>After the time limit (in seconds) runs out (-B), the process on the remote nodes will be killed.</p>
<h2>Examples 3: File Transfer & Templating<aclass="headerlink"href="#examples-3-file-transfer-templating" title="Permalink to this headline">¶</a></h2>
<h2>File Transfer & Templating<aclass="headerlink"href="#file-transfer-templating" title="Permalink to this headline">¶</a></h2>
<p>Ansible can SCP lots of files to multiple machines in parallel, and optionally use them as template sources.</p>
<p>Ansible can SCP lots of files to multiple machines in parallel, and optionally use them as template sources.</p>
<p>To just transfer a file directly to many different servers:</p>
<p>To just transfer a file directly to many different servers:</p>
<divclass="highlight-python"><pre>ansible atlanta copy -a "/etc/hosts /tmp/hosts"</pre>
<divclass="highlight-python"><pre>ansible atlanta copy -a "/etc/hosts /tmp/hosts"</pre>
</div>
</div>
<p>To use templating, first run the setup module to put the template variables you would like to use on the remote host. Then use the template module to write the files using the templates. Templates are written in Jinja2 format. Playbooks (covered below) will run the setup module for you, making this even simpler.:</p>
<p>To use templating, first run the setup module to put the template variables you would like to use on the remote host. Then use the template module to write the files using the templates. Templates are written in Jinja2 format. Playbooks (covered elsewhere in the documentation) will run the setup module for you, making this even simpler.:</p>
<divclass="highlight-python"><pre>ansible webservers -m setup -a "favcolor=red ntp_server=192.168.1.1"
<divclass="highlight-python"><pre>ansible webservers -m setup -a "favcolor=red ntp_server=192.168.1.1"
ansible webservers -m template -a "src=/srv/motd.j2 dest=/etc/motd"
ansible webservers -m template -a "src=/srv/motd.j2 dest=/etc/motd"
ansible webservers -m template -a "src=/srv/ntp.j2 dest=/etc/ntp.conf"</pre>
ansible webservers -m template -a "src=/srv/ntp.j2 dest=/etc/ntp.conf"</pre>
</div>
</div>
<p>Need something like the fqdn in a template? If facter or ohai are installed, data from these projects will also be made available to the template engine, using ‘facter’ and ‘ohai’ prefixes for each.</p>
<p>Need something like the fqdn in a template? If facter or ohai are installed, data from these projects will also be made available to the template engine, using ‘facter’ and ‘ohai’ prefixes for each.</p>
<h2>Examples 3: Deploying From Source Control<aclass="headerlink"href="#examples-3-deploying-from-source-control" title="Permalink to this headline">¶</a></h2>
<h2>Deploying From Source Control<aclass="headerlink"href="#deploying-from-source-control" title="Permalink to this headline">¶</a></h2>
<p>Deploy your webapp straight from git:</p>
<p>Deploy your webapp straight from git:</p>
<divclass="highlight-python"><pre>ansible webservers -m git -a "repo=git://foo dest=/srv/myapp version=HEAD"</pre>
<divclass="highlight-python"><pre>ansible webservers -m git -a "repo=git://foo dest=/srv/myapp version=HEAD"</pre>
</div>
</div>
<p>Since ansible modules can notify change handlers (see ‘Playbooks’) it is possible to tell ansible to run specific tasks when the code is updated, such as deploying Perl/Python/PHP/Ruby directly from git and then restarting apache.</p>
<p>Since ansible modules can notify change handlers (see ‘Playbooks’) it is possible to tell ansible to run specific tasks when the code is updated, such as deploying Perl/Python/PHP/Ruby directly from git and then restarting apache.</p>
</div>
</div>
<divclass="section"id="managing-services">
<h2>Managing Services<aclass="headerlink"href="#managing-services"title="Permalink to this headline">¶</a></h2>
<p>Ensure a service is started on all webservers:</p>
<divclass="highlight-python"><pre>ansible webservers -m service name=httpd state=started</pre>
</div>
<p>Alternatively, restart a service on all webservers:</p>
<divclass="highlight-python"><pre>ansible webservers -m service name=httpd state=restarted</pre>
<dd>Learn about modules that ship with ansible</dd>
</dl>
</dl>
</div>
</div>
<divclass="section"id="requirements">
<divclass="section"id="requirements">
<h2>Requirements<aclass="headerlink"href="#requirements"title="Permalink to this headline">¶</a></h2>
<h2>Requirements<aclass="headerlink"href="#requirements"title="Permalink to this headline">¶</a></h2>
<p>Requirements are extremely minimal.</p>
<p>Requirements for Ansible are extremely minimal.</p>
<p>If you are running python 2.6 on the <strong>overlord</strong> machine, you will
<p>If you are running python 2.6 on the <strong>overlord</strong> machine (the machine that you’ll be talking to the other machines from), you will need:</p>
Other tools in this space have been too complicated for too long, require too much bootstrapping,
Other tools in this space have been too complicated for too long, require too much bootstrapping,
and have too much learning curve. Ansible is dead simple and painless to extend. For comparison, Puppet and Chef have about 60k lines of code. Ansible’s core is a little over 1000 lines.</p>
and have too much learning curve. Ansible is dead simple and painless to extend. For comparison, Puppet and Chef have about 60k lines of code. Ansible’s core is a little over 1000 lines.</p>
<p>Ansible isn’t just for configuration – it’s also great for Ad-Hoc tasks,
<p>Ansible isn’t just for configuration – it’s also great for Ad-Hoc tasks,
quickly firing off commands against nodes. Where Ansible excels though, is expressing complex multi-node deployment processes, executing complex sequences of commands on different hosts through the “playbooks” feature.</p>
quickly firing off commands against nodes. Where Ansible excels though, is expressing complex multi-node deployment processes, executing complex sequences of commands on different hosts through “playbooks”.</p>
<p>Ansible does not require programming in any particular language – you can write modules
<p>Extending ansible does not require programming in any particular language – you can write modules
as scripts or programs that return simple JSON.</p>
as scripts or programs that return simple JSON. It’s also trivially easy to just execute
useful shell commands.</p>
<p>Why use Ansible versus something else? (Puppet, Chef, Fabric, Capistrano,
<p>Why use Ansible versus something else? (Puppet, Chef, Fabric, Capistrano,
mCollective, Func, SaltStack, etc?) It will have far less code, it
mCollective, Func, SaltStack, etc?) Ansible will have far less code, it
will be more correct, and it will be the easiest thing to hack on and
will be (by extension) more correct, and it will be the easiest thing to hack on and
use you’ll ever see – regardless of your favorite language of choice.
use you’ll ever see – regardless of your favorite language of choice.</p>
Systems management doesn’t have to be complicated. Ansible’s docs will remain
<p>Systems management doesn’t have to be complicated. Ansible’s docs will remain
short & simple, and the source will be blindingly obvious.</p>
short & simple, and the source will be blindingly obvious.</p>
<divclass="section"id="design-goals">
<divclass="section"id="design-goals">
<h2>Design Goals<aclass="headerlink"href="#design-goals"title="Permalink to this headline">¶</a></h2>
<h2>Design Goals<aclass="headerlink"href="#design-goals"title="Permalink to this headline">¶</a></h2>
@ -68,7 +69,7 @@ short & simple, and the source will be blindingly obvious.</p>
<li>No additional software required on client boxes</li>
<li>No additional software required on client boxes</li>
<li>Modules can be written in ANY language</li>
<li>Modules can be written in ANY language</li>
<li>Awesome API for creating very powerful distributed scripts</li>
<li>Awesome API for creating very powerful distributed scripts</li>
<li>Be usable as non-root</li>
<li>Be very usable as non-root</li>
<li>Create the easiest config management system to use, ever.</li>
<li>Create the easiest config management system to use, ever.</li>
</ul>
</ul>
</div>
</div>
@ -105,8 +106,15 @@ short & simple, and the source will be blindingly obvious.</p>
<liclass="toctree-l2"><aclass="reference internal"href="examples.html#parallelism-and-shell-commands">Parallelism and Shell Commands</a></li>
<liclass="toctree-l2"><aclass="reference internal"href="examples.html#example-2-time-limited-background-operations">Example 2: Time Limited Background Operations</a></li>
<liclass="toctree-l2"><aclass="reference internal"href="examples.html#examples-3-file-transfer-templating">Examples 3: File Transfer & Templating</a></li>
<liclass="toctree-l2"><aclass="reference internal"href="examples.html#examples-3-deploying-from-source-control">Examples 3: Deploying From Source Control</a></li>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible-modules</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible-modules"lang="en"><aid="id329245"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible-modules — stock modules shipped with ansible</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p>Ansible ships with a number of modules that can be executed directly on remote hosts or through
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible-modules</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible-modules"lang="en"><aid="id353684"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible-modules — stock modules shipped with ansible</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p>Ansible ships with a number of modules that can be executed directly on remote hosts or through
ansible playbooks.</p></div><divclass="refsect1"title="IDEMPOTENCE"><aid="_idempotence"></a><h2>IDEMPOTENCE</h2><p>Most modules other than command are idempotent, meaning they will seek to avoid changes
ansible playbooks.</p></div><divclass="refsect1"title="IDEMPOTENCE"><aid="_idempotence"></a><h2>IDEMPOTENCE</h2><p>Most modules other than command are idempotent, meaning they will seek to avoid changes
unless a change needs to be made. When using ansible playbooks, these modules can
unless a change needs to be made. When using ansible playbooks, these modules can
trigger change events, as described in <spanclass="strong"><strong>ansible-playbooks</strong></span>(5).</p><p>Unless otherwise noted, all modules support change hooks.</p></div><divclass="refsect1"title="command"><aid="_command"></a><h2>command</h2><p>The command module takes the command name followed by a list of arguments, space delimited.
trigger change events, as described in <spanclass="strong"><strong>ansible-playbooks</strong></span>(5).</p><p>Unless otherwise noted, all modules support change hooks.</p></div><divclass="refsect1"title="command"><aid="_command"></a><h2>command</h2><p>The command module takes the command name followed by a list of arguments, space delimited.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible-modules</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible-modules"lang="en"><aid="id511858"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible-playbook — format and function of an ansible playbook file</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p>Ansible ships with <spanclass="emphasis"><em>ansible-playbook</em></span>, a tool for running playbooks.
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible-modules</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible-modules"lang="en"><aid="id308833"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible-playbook — format and function of an ansible playbook file</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p>Ansible ships with <spanclass="emphasis"><em>ansible-playbook</em></span>, a tool for running playbooks.
Playbooks can represent frequent tasks, desired system configurations,
Playbooks can represent frequent tasks, desired system configurations,
or deployment processes.</p></div><divclass="refsect1"title="FORMAT"><aid="_format"></a><h2>FORMAT</h2><p>Playbooks are written in YAML.</p></div><divclass="refsect1"title="EXAMPLE"><aid="_example"></a><h2>EXAMPLE</h2><p>See:</p><divclass="itemizedlist"><ulclass="itemizedlist"type="disc"><liclass="listitem">
or deployment processes.</p></div><divclass="refsect1"title="FORMAT"><aid="_format"></a><h2>FORMAT</h2><p>Playbooks are written in YAML.</p></div><divclass="refsect1"title="EXAMPLE"><aid="_example"></a><h2>EXAMPLE</h2><p>See:</p><divclass="itemizedlist"><ulclass="itemizedlist"type="disc"><liclass="listitem">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible"lang="en"><aid="id539812"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible — run a command somewhere else</p></div><divclass="refsynopsisdiv"title="Synopsis"><aid="_synopsis"></a><h2>Synopsis</h2><p>ansible <host-pattern> [-f forks] [-m module_name] [-a args]</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p><spanclass="strong"><strong>Ansible</strong></span> is an extra-simple tool/framework/API for doing 'remote things' over
<htmlxmlns="http://www.w3.org/1999/xhtml"><head><metahttp-equiv="Content-Type"content="text/html; charset=UTF-8"/><title>ansible</title><linkrel="stylesheet"href="./docbook-xsl.css"type="text/css"/><metaname="generator"content="DocBook XSL Stylesheets V1.75.2"/></head><body><divxml:lang="en"class="refentry"title="ansible"lang="en"><aid="id502026"></a><divclass="titlepage"></div><divclass="refnamediv"><h2>Name</h2><p>ansible — run a command somewhere else</p></div><divclass="refsynopsisdiv"title="Synopsis"><aid="_synopsis"></a><h2>Synopsis</h2><p>ansible <host-pattern> [-f forks] [-m module_name] [-a args]</p></div><divclass="refsect1"title="DESCRIPTION"><aid="_description"></a><h2>DESCRIPTION</h2><p><spanclass="strong"><strong>Ansible</strong></span> is an extra-simple tool/framework/API for doing 'remote things' over
<p>The given shell command will be executed on all selected nodes.</p>
<p>This module does not support change hooks and returns the return code from the program as well as timing information about how long the command was running for.</p>
<p>This module does not support change hooks and returns the return code from the program as well as timing information about how long the command was running for.</p>
</div>
</div>
<divclass="section"id="copy">
<divclass="section"id="copy">
<h2>copy<aclass="headerlink"href="#copy"title="Permalink to this headline">¶</a></h2>
<h2>copy<aclass="headerlink"href="#copy"title="Permalink to this headline">¶</a></h2>
<p>The copy module moves a file on the local box to remote locations.</p>
<p>The copy module moves a file on the local box to remote locations.</p>
<p><em>src</em>:</p>
<p><em>src</em>:</p>
<p>Local absolute path to a file to copy to the remote server</p>
<p>Local path to a file to copy to the remote server. This can be an absolute or relative path.</p>
<p><em>dest</em>:</p>
<p><em>dest</em>:</p>
<p>Remote absolute path where the file should end up</p>
<p>Remote absolute path where the file should end up.</p>
<p>This module also returns md5sum information about the resultant file.</p>
<p>This module also returns md5sum information about the resultant file.</p>
</div>
</div>
<divclass="section"id="facter">
<divclass="section"id="facter">
@ -93,11 +96,12 @@ This is the only module that does not use key=value style parameters.</p>
JSON data that can be useful for inventory purposes.</p>
JSON data that can be useful for inventory purposes.</p>
<p>Requires that ‘facter’ and ‘ruby-json’ be installed on the remote end.</p>
<p>Requires that ‘facter’ and ‘ruby-json’ be installed on the remote end.</p>
<p>This module is informative only - it takes no parameters & does not support change hooks,
<p>This module is informative only - it takes no parameters & does not support change hooks,
nor does it make any changes on the system.</p>
nor does it make any changes on the system. Playbooks do not actually use
this module, they use the ‘setup’ module behind the scenes.</p>
</div>
</div>
<divclass="section"id="git">
<divclass="section"id="git">
<h2>git<aclass="headerlink"href="#git"title="Permalink to this headline">¶</a></h2>
<h2>git<aclass="headerlink"href="#git"title="Permalink to this headline">¶</a></h2>
<p>Deploys software from git checkouts.</p>
<p>Deploys software (or files) from git checkouts.</p>
<p><em>repo</em>:</p>
<p><em>repo</em>:</p>
<p>git or http protocol address of the repo to checkout</p>
<p>git or http protocol address of the repo to checkout</p>
<p><em>dest</em>:</p>
<p><em>dest</em>:</p>
@ -112,13 +116,14 @@ data is a bit more verbose and nested than facter.</p>
<p>Requires that ‘ohai’ be installed on the remote end.</p>
<p>Requires that ‘ohai’ be installed on the remote end.</p>
<p>This module is information only - it takes no parameters & does not
<p>This module is information only - it takes no parameters & does not
support change hooks, nor does it make any changes on the system.</p>
support change hooks, nor does it make any changes on the system.</p>
<p>Playbooks should not call the ohai module, playbooks call the ‘setup’
module behind the scenes instead.</p>
</div>
</div>
<divclass="section"id="ping">
<divclass="section"id="ping">
<h2>ping<aclass="headerlink"href="#ping"title="Permalink to this headline">¶</a></h2>
<h2>ping<aclass="headerlink"href="#ping"title="Permalink to this headline">¶</a></h2>
<p>A trivial test module, this module always returns the integer ‘1’ on
<p>A trivial test module, this module always returns the integer ‘1’ on
successful contact.</p>
successful contact.</p>
<p>This module does not support change hooks.</p>
<p>This module does not support change hooks and is informative only - it takes no parameters & does not
<p>This module is informative only - it takes no parameters & does not
support change hooks, nor does it make any changes on the system.</p>
support change hooks, nor does it make any changes on the system.</p>
</div>
</div>
<divclass="section"id="service">
<divclass="section"id="service">
@ -135,14 +140,13 @@ are idempotent actions that will not run commands unless neccessary.
<h2>setup<aclass="headerlink"href="#setup"title="Permalink to this headline">¶</a></h2>
<h2>setup<aclass="headerlink"href="#setup"title="Permalink to this headline">¶</a></h2>
<p>Writes a JSON file containing key/value data, for use in templating.
<p>Writes a JSON file containing key/value data, for use in templating.
Call this once before using the template modules. Playbooks will
Call this once before using the template modules. Playbooks will
execute this module automatically as the first step in each play.</p>
execute this module automatically as the first step in each play using
the variables section, so it is unneccessary to make explicit calls to
setup within a playbook.</p>
<p>If facter or ohai are installed, variables from these programs will also
<p>If facter or ohai are installed, variables from these programs will also
be snapshotted into the JSON file for usage in templating. These variables
be snapshotted into the JSON file for usage in templating. These variables
are prefixed with ‘<aclass="reference internal"href="#facter">facter</a>‘ and ‘<aclass="reference internal"href="#ohai">ohai</a>” so it’s easy to tell their source.</p>
are prefixed with ‘<aclass="reference internal"href="#facter">facter</a>‘ and ‘<aclass="reference internal"href="#ohai">ohai</a>” so it’s easy to tell their source.
<p><em>metadata</em></p>
All variables are then bubbled up to the caller.</p>
<p>Optionally overrides the default JSON file location of /etc/ansible/setup or ~/ansible/setup
depending on what remote user has been specified.</p>
<p>If used, also supply the metadata parameter to the template module.</p>
<p><em>anything</em></p>
<p><em>anything</em></p>
<p>any other parameters can be named basically anything, and set a key=value
<p>any other parameters can be named basically anything, and set a key=value
pair in the JSON file for use in templating.</p>
pair in the JSON file for use in templating.</p>
@ -151,32 +155,39 @@ pair in the JSON file for use in templating.</p>
<h2>template<aclass="headerlink"href="#template"title="Permalink to this headline">¶</a></h2>
<h2>template<aclass="headerlink"href="#template"title="Permalink to this headline">¶</a></h2>
<p>Templates a file out to a remote server. Call the setup module prior to usage.</p>
<p>Templates a file out to a remote server. Call the setup module prior to usage.</p>
<p><em>src</em></p>
<p><em>src</em></p>
<p>path of a Jinja2 formatted template on the local server</p>
<p>path of a Jinja2 formatted template on the local server. This can be a relative
or absolute path.</p>
<p><em>dest</em></p>
<p><em>dest</em></p>
<p>location to render the template on the remote server</p>
<p>location to render the template on the remote server</p>
<p><em>metadata</em></p>
<p>location of a JSON file to use to supply template data. Default is /etc/ansible/setup
which is the same as the default for the setup module. Change if running as a non-root
remote user who does not have permissions on /etc/ansible.</p>
<p>This module also returns md5sum information about the resultant file.</p>
<p>This module also returns md5sum information about the resultant file.</p>
</div>
</div>
<divclass="section"id="user">
<h2>user<aclass="headerlink"href="#user"title="Permalink to this headline">¶</a></h2>
<p>This module is in plan.</p>
</div>
<divclass="section"id="yum">
<h2>yum<aclass="headerlink"href="#yum"title="Permalink to this headline">¶</a></h2>
<p>This module is in plan.</p>
</div>
<divclass="section"id="writing-your-own-modules">
<divclass="section"id="writing-your-own-modules">
<h2>writing your own modules<aclass="headerlink"href="#writing-your-own-modules"title="Permalink to this headline">¶</a></h2>
<h2>Writing your own modules<aclass="headerlink"href="#writing-your-own-modules"title="Permalink to this headline">¶</a></h2>
<p>To write your own modules, simply follow the convention of those already available in
<p>To write your own modules, simply follow the convention of those already available in
/usr/share/ansible. Modules must return JSON but can be written in any language.
/usr/share/ansible. Modules must return JSON but can be written in any language.
Modules should return hashes, but hashes can be nested.
Modules should return hashes, but hashes can be nested.</p>
To support change hooks, modules should return hashes with a changed: True/False
<p>To support change hooks, modules should return hashes with a changed: True/False
element at the top level. Modules can also choose to indicate a failure scenario
element at the top level:</p>
by returning a top level ‘failure’ element with a True value, and a ‘msg’ element
<p>Playbooks are a completely different way to use ansible and are particularly awesome. They are the basis for a really simple configuration management and deployment system, unlike any that already exist, and one that is very well suited to deploying complex multi-machine applications. While you might run the main ansible program for ad-hoc tasks, playbooks are more likely to be kept in source control and used to push out your configuration or assure the configurations of your remote systems are in spec.</p>
<p>Playbooks are a completely different way to use ansible and are particularly awesome.</p>
<p>They are the basis for a really simple configuration management and multi-machine deployment system, unlike any that already exist, and one that is very well suited to deploying complex applications.</p>
<p>While you might run the main /usr/bin/ansible program for ad-hoc tasks, playbooks are more likely to be kept in source control and used to push out your configuration or assure the configurations of your remote systems are in spec.</p>
<divclass="section"id="playbook-example">
<divclass="section"id="playbook-example">
<h2>Playbook Example<aclass="headerlink"href="#playbook-example"title="Permalink to this headline">¶</a></h2>
<h2>Playbook Example<aclass="headerlink"href="#playbook-example"title="Permalink to this headline">¶</a></h2>
<p>Playbooks are expressed in YAML format and have a minimum of syntax. Each playbook is composed
<p>Playbooks are expressed in YAML format and have a minimum of syntax. Each playbook is composed
@ -89,30 +91,39 @@ back on the webservers group, etc:</p>
</div>
</div>
<divclass="section"id="hosts-line">
<divclass="section"id="hosts-line">
<h2>Hosts line<aclass="headerlink"href="#hosts-line"title="Permalink to this headline">¶</a></h2>
<h2>Hosts line<aclass="headerlink"href="#hosts-line"title="Permalink to this headline">¶</a></h2>
<p>The hosts line is alist of one or more groups or host patterns, seperated by colons, as
<p>The hosts line is alist of one or more groups or host patterns, seperated by colons, as
described in the ‘patterns’ documentation.</p>
described in the ‘patterns’ documentation. This is just like the first parameter to /usr/bin/ansible.</p>
</div>
</div>
<divclass="section"id="vars-section">
<divclass="section"id="vars-section">
<h2>Vars section<aclass="headerlink"href="#vars-section"title="Permalink to this headline">¶</a></h2>
<h2>Vars section<aclass="headerlink"href="#vars-section"title="Permalink to this headline">¶</a></h2>
<p>A list of variables that can be used in the templates, action lines, or included files.
<p>A list of variables and values that can be used in the plays. These can be used in templates
Variables are deferenced using <ttclass="docutils literal"><spanclass="pre">jinja2</span></tt> syntax like this:</p>
or ‘action’ lines and are dereferenced using <ttclass="docutils literal"><spanclass="pre">`jinja2`</span></tt> syntax like this:</p>
<p>These variables will be pushed down to the managed systems for use in templating operations, where
the way to dereference them in templates is exactly the same.</p>
<p>Further, if there are discovered variables about the system (say, if facter or ohai were
<p>Further, if there are discovered variables about the system (say, if facter or ohai were
installed) these variables bubble up back into the playbook, and can be used on each
installed) these variables bubble up back into the playbook, and can be used on each
system just like explicitly set variables. Facter variables are prefixed with ‘<ahref="#id1"><spanclass="problematic"id="id2">facter_</span></a>‘
system just like explicitly set variables. Facter variables are prefixed with ‘<ahref="#id1"><spanclass="problematic"id="id2">facter_</span></a>‘
and Ohai variables are prefixed with ‘<ahref="#id3"><spanclass="problematic"id="id4">ohai_</span></a>‘.</p>
and Ohai variables are prefixed with ‘<ahref="#id3"><spanclass="problematic"id="id4">ohai_</span></a>‘. So for instance, if I wanted to write the
hostname into the /etc/motd file, I could say:</p>
Michael DeHaan
13 years ago