From 4d7f9fbb70f050e66c3fcfaafae09373519ac9e4 Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Fri, 3 Aug 2012 10:31:43 -0500 Subject: [PATCH] Fixing the MySQL docs --- rst/modules.rst | 122 +++++++++++++++++++++++++++--------------------- 1 file changed, 69 insertions(+), 53 deletions(-) diff --git a/rst/modules.rst b/rst/modules.rst index 1672feec2dd..31832df2dd6 100644 --- a/rst/modules.rst +++ b/rst/modules.rst @@ -1,11 +1,11 @@ Ansible Modules =============== -Ansible ships with a number of modules (called the 'module library') +Ansible ships with a number of modules (called the 'module library') that can be executed directly on remote hosts or through :doc:`playbooks`. Users can also write their own modules. These modules can control system -resources, like services, packages, or files (anything really), or -handle executing system commands. +resources, like services, packages, or files (anything really), or +handle executing system commands. Let's review how we execute three different modules from the command line:: @@ -13,14 +13,14 @@ Let's review how we execute three different modules from the command line:: ansible webservers -m ping ansible webservers -m command -a "/sbin/reboot -t now" -Each module supports taking arguments. Nearly all modules take ``key=value`` -arguments, space delimited. Some modules take no arguments, and the +Each module supports taking arguments. Nearly all modules take ``key=value`` +arguments, space delimited. Some modules take no arguments, and the command/shell modules simply take the string of the command you want to run. From playbooks, Ansible modules are executed in a very similar way:: - name: reboot the servers - action: command /sbin/reboot -t now + action: command /sbin/reboot -t now All modules technically return JSON format data, though if you are using the command line or playbooks, you don't really need to know much about @@ -45,10 +45,10 @@ Manages apt-packages (such as for Debian/Ubuntu). +====================+==========+=========+============================================================================+ | name | no | | A package name or package specifier with version, like `foo` or `foo=1.0` | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| state | no | present | 'absent', 'present', or 'latest'. | +| state | no | present | 'absent', 'present', or 'latest'. | +--------------------+----------+---------+----------------------------------------------------------------------------+ | update_cache | no | no | Run the equivalent of apt-get update before the operation. | -| | | | Can be run as part of the package installation or a seperate step | +| | | | Can be run as part of the package installation or a seperate step | +--------------------+----------+---------+----------------------------------------------------------------------------+ | purge | no | no | Will forge purge of configuration files if state is set to 'absent'. | +--------------------+----------+---------+----------------------------------------------------------------------------+ @@ -124,7 +124,7 @@ command ``````` The command module takes the command name followed by a list of -arguments, space delimited. +arguments, space delimited. +--------------------+----------+---------+----------------------------------------------------------------------------+ | parameter | required | default | comments | @@ -137,12 +137,12 @@ arguments, space delimited. +--------------------+----------+---------+----------------------------------------------------------------------------+ The given command will be executed on all selected nodes. It will not -be processed through the shell, so variables like "$HOME" and +be processed through the shell, so variables like "$HOME" and operations like "<", ">", "|", and "&" will not work. As such, all paths to commands must be fully qualified. NOTE:: If you want to run a command through the shell (say you are using -'<', '>', '|', etc), you actually want the 'shell' module instead. +'<', '>', '|', etc), you actually want the 'shell' module instead. The 'command' module is much more secure as it's not affected by the user's environment. Example action from Ansible :doc:`playbooks`:: @@ -171,7 +171,7 @@ module. | src | yes | | Local path to a file to copy to the remote server, can be absolute or | | | | | relative. | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| dest | yes | | Remote absolute path where the file should end up | +| dest | yes | | Remote absolute path where the file should end up | +--------------------+----------+---------+----------------------------------------------------------------------------+ | OTHERS | | | All arguments the file module takes are also supported | +--------------------+----------+---------+----------------------------------------------------------------------------+ @@ -187,13 +187,13 @@ facter `````` Runs the discovery program 'facter' on the remote system, returning -JSON data that can be useful for inventory purposes. +JSON data that can be useful for inventory purposes. Requires that 'facter' and 'ruby-json' be installed on the remote end. Playbooks do not actually use this module, they use the :ref:`setup` module behind the scenes. - + Example from /usr/bin/ansible:: ansible foo.example.org -m ohai @@ -254,7 +254,7 @@ support the same options as the file module -- including 'copy', 'template', and | src | | | path of the file to link to (applies only to state=link) | +--------------------+----------+---------+----------------------------------------------------------------------------+ | seuser | | | user part of SELinux file context. Will default to system policy, if | -| | | | applicable. If set to '_default', it will use the 'user' portion of the | +| | | | applicable. If set to '_default', it will use the 'user' portion of the | | | | | the policy if available | +--------------------+----------+---------+----------------------------------------------------------------------------+ | serole | | | role part of SELinux file context, '_default' feature works as above. | @@ -388,28 +388,35 @@ mysql_db Add or remove MySQL databases from a remote host. -+--------------------+----------+----------+-----------------------------------------------------------------------------+ -| parameter | required | default | comments | -+====================+==========+==========+=============================================================================+ -| name | yes | | name of the database to add or remove | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| login_user | no | | user used to authenticate with | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| login_password | no | | password used to authenticate with | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| login_host | no | localhost | host running the database | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| state | no | present | 'absent' or 'present' | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| collation | no | | collation mode | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ -| encoding | no | | encoding mode | -+--------------------+----------+-----------+----------------------------------------------------------------------------+ +Requires the MySQLdb Python package on the remote host. For Ubuntu, this is as easy as +apt-get install python-mysqldb. + ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| parameter | required | default | comments | ++====================+==========+===========+=============================================================================+ +| name | yes | | name of the database to add or remove | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| login_user | no | | user name used to authenticate with | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| login_password | no | | password used to authenticate with | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| login_host | no | localhost | host running the database | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| state | no | present | 'absent' or 'present' | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| collation | no | | collation mode | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ +| encoding | no | | encoding mode | ++--------------------+----------+-----------+-----------------------------------------------------------------------------+ + +Both 'login_password' and 'login_username' are required when you are passing credentials. +If none are present, the module will attempt to read the credentials from ~/.my.cnf, and +finally fall back to using the MySQL default login of 'root' with no password. Example action from Ansible :doc:`playbooks`:: - name: Create database - action: mysql_db loginpass=$mysql_root_password db=bobdata state=present + action: mysql_db db=bobdata state=present mysql_user @@ -417,33 +424,42 @@ mysql_user Adds or removes a user from a MySQL database. +Requires the MySQLdb Python package on the remote host. For Ubuntu, this is as easy as +apt-get install python-mysqldb. + +--------------------+----------+------------+----------------------------------------------------------------------------+ | parameter | required | default | comments | +====================+==========+============+============================================================================+ | name | yes | | name of the user (role) to add or remove | +--------------------+----------+------------+----------------------------------------------------------------------------+ -| password | yes | | set the user's password | -+--------------------+----------+------------+----------------------------------------------------------------------------+ -| db | yes | | name of an existing database to grant user access to | +| password | no | | set the user's password | +--------------------+----------+------------+----------------------------------------------------------------------------+ -| login_user | no | | user (role) used to authenticate with | +| login_user | no | | user name used to authenticate with | +--------------------+----------+------------+----------------------------------------------------------------------------+ | login_password | no | | password used to authenticate with | +--------------------+----------+------------+----------------------------------------------------------------------------+ -| login_host | no | localhost | host running MySQL. Default (blank) implies localhost | +| login_host | no | localhost | host running MySQL. | +--------------------+----------+------------+----------------------------------------------------------------------------+ -| priv | no | | MySQL priveledges string | +| priv | no | | MySQL privileges string in the format: db.table:priv1,priv2 | +--------------------+----------+------------+----------------------------------------------------------------------------+ | state | no | present | 'absent' or 'present' | +--------------------+----------+------------+----------------------------------------------------------------------------+ +Both 'login_password' and 'login_username' are required when you are passing credentials. +If none are present, the module will attempt to read the credentials from ~/.my.cnf, and +finally fall back to using the MySQL default login of 'root' with no password. + +Example privileges string format: + + mydb.*:INSERT,UPDATE/anotherdb.*:SELECT/yetanotherdb.*:ALL + Example action from Ansible :doc:`playbooks`:: - name: Create database user - action: mysql_user loginpass=$mysql_root_password name=bob passwd=12345 priv=*.*:ALL state=present + action: mysql_user name=bob passwd=12345 priv=*.*:ALL state=present - - name: Ensure no user named 'sally' exists - action: mysql_user loginpass=$mysql_root_password name=sally state=absent + - name: Ensure no user named 'sally' exists, also passing in the auth credentials. + action: mysql_user login_user=root login_password=123456 name=sally state=absent .. _ohai: @@ -561,12 +577,12 @@ Executes a low-down and dirty SSH command, not going through the module subsyste This is useful and should only be done in two cases. The first case is installing python-simplejson on older (python 2.4 and before) hosts that need it as a dependency -to run modules, since nearly all core modules require it. Another is speaking to any +to run modules, since nearly all core modules require it. Another is speaking to any devices such as routers that do not have any Python installed. In any other case, using the 'shell' or 'command' module is much more appropriate. -Arguments given to 'raw' are run directly through the configured remote shell and -only output is returned. There is no error detection or change handler support +Arguments given to 'raw' are run directly through the configured remote shell and +only output is returned. There is no error detection or change handler support for this module. Example from `/usr/bin/ansible` to bootstrap a legacy python 2.4 host:: @@ -680,7 +696,7 @@ More ansible facts will be added with successive releases. If facter or ohai are installed, variables from these programs will also be snapshotted into the JSON file for usage in templating. These variables are prefixed with ``facter_`` and ``ohai_`` so it's easy to -tell their source. +tell their source. All variables are bubbled up to the caller. Using the ansible facts and choosing to not install facter and ohai means you can avoid ruby-dependencies @@ -710,9 +726,9 @@ but runs the command through the user's configured shell on the remote node. | chdir | no | | cd into this directory before running the command (0.6 and later) | +--------------------+----------+---------+----------------------------------------------------------------------------+ -The given command will be executed on all selected nodes. +The given command will be executed on all selected nodes. -NOTE:: If you want to execute a command securely and predicably, it may +NOTE:: If you want to execute a command securely and predicably, it may be better to use the 'command' module instead. Best practices when writing playbooks will follow the trend of using 'command' unless 'shell' is explicitly required. When running ad-hoc commands, @@ -728,7 +744,7 @@ Example action from a playbook:: template ```````` -Templates a file out to a remote server. +Templates a file out to a remote server. +--------------------+----------+---------+----------------------------------------------------------------------------+ | parameter | required | default | comments | @@ -766,13 +782,13 @@ Creates user accounts, manipulates existing user accounts, and removes user acco +--------------------+----------+---------+----------------------------------------------------------------------------+ | groups | | | puts the user in this comma-delimited list of groups | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| append | | no | if 'yes', will only add groups, not set them to just the list in 'groups' | +| append | | no | if 'yes', will only add groups, not set them to just the list in 'groups' | +--------------------+----------+---------+----------------------------------------------------------------------------+ | shell | | | optionally set the user's shell | +--------------------+----------+---------+----------------------------------------------------------------------------+ | createhome | | yes | unless 'no', a home directory will be made for the user | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| home | | | sets where the user's homedir should be, if not the default | +| home | | | sets where the user's homedir should be, if not the default | +--------------------+----------+---------+----------------------------------------------------------------------------+ | password | | | optionally set the user's password to this crypted value. See the user's | | | | | example in the github examples directory for what this looks like in a | @@ -783,7 +799,7 @@ Creates user accounts, manipulates existing user accounts, and removes user acco | system | | no | only when initially creating, setting this to 'yes' makes the user a | | | | | system account. This setting cannot be changed on existing users. | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| force | | no | when used with state=absent, behavior is as with userdel --force | +| force | | no | when used with state=absent, behavior is as with userdel --force | +--------------------+----------+---------+----------------------------------------------------------------------------+ | remove | | no | when used with state=remove, behavior is as with userdel --remove | +--------------------+----------+---------+----------------------------------------------------------------------------+ @@ -850,7 +866,7 @@ Will install, upgrade, remove, and list packages with the yum package manager. +====================+==========+=========+============================================================================+ | name | yes | | package name, or package specifier with version, like 'name-1.0' | +--------------------+----------+---------+----------------------------------------------------------------------------+ -| state | | present | 'present', 'latest', or 'absent'. | +| state | | present | 'present', 'latest', or 'absent'. | +--------------------+----------+---------+----------------------------------------------------------------------------+ | list | | | various non-idempotent commands for usage with /usr/bin/ansible and not | | | | | playbooks. See examples below. |