<h2>Bundling Ansible Modules With Playbooks<aclass="headerlink"href="#bundling-ansible-modules-with-playbooks"title="Permalink to this headline">¶</a></h2>
<p>In version 0.5 and later, if a playbook has a ”./library” directory relative to it’s YAML file, this directory can be used to add ansible modules that will automatically be in the ansible module path. This is a great way to keep modules that
go with a playbook together.</p>
</div>
<divclass="section"id="miscellaneous-tips">
<divclass="section"id="miscellaneous-tips">
<h2>Miscellaneous Tips<aclass="headerlink"href="#miscellaneous-tips"title="Permalink to this headline">¶</a></h2>
<h2>Miscellaneous Tips<aclass="headerlink"href="#miscellaneous-tips"title="Permalink to this headline">¶</a></h2>
<p>When you can do something simply, do something simply. Do not reach to use every feature of Ansible together, all
<p>When you can do something simply, do something simply. Do not reach to use every feature of Ansible together, all
@ -289,7 +297,7 @@ This way you have an audit trail describing when and why you changed the rules a
<h3>Are transports other than SSH supported?<aclass="headerlink"href="#are-transports-other-than-ssh-supported"title="Permalink to this headline">¶</a></h3>
<h3>Are transports other than SSH supported?<aclass="headerlink"href="#are-transports-other-than-ssh-supported"title="Permalink to this headline">¶</a></h3>
<p>Currently SSH and local connections are supported. In 0.5, we’ll also be including
<p>Currently SSH (you can choose between paramiko or the openssh binaries)
a faster SSH transport. The interface is actually pluggable so a
and local connections are supported. The interface is actually pluggable so a
small patch could bring transport over message bus or XMPP as an option.</p>
small patch could bring transport over message bus or XMPP as an option.</p>
<p>Stop by the mailing list if you have ideas. The connection-specific parts of Ansible
<p>Stop by the mailing list if you have ideas. The connection-specific parts of Ansible
are all abstracted away from the core implementation so it is very easy to extend.</p>
are all abstracted away from the core implementation so it is very easy to extend.</p>
@ -386,7 +388,7 @@ tasks – whether for a QA sytem, build system, or anything you can think of
<p>NOTE: Ansible 0.4 will have ways to remote bootstrap this, using Ansible itself. Stay tuned.</p>
<p>(Note that even that’s not quite true. Ansible’s “raw” module (for executing commands in a quick and dirty way) and the copy module – some of the most basic features in ansible don’t even need that. So technically, you can use Ansible to install python-simplejson using the raw module, which then allows you to use everything else. That’s jumping ahead though.)</p>
<h2>Python 2.6 EPEL instructions for RHEL and CentOS 5<aclass="headerlink"href="#python-2-6-epel-instructions-for-rhel-and-centos-5"title="Permalink to this headline">¶</a></h2>
<h2>Python 2.6 EPEL instructions for RHEL and CentOS 5<aclass="headerlink"href="#python-2-6-epel-instructions-for-rhel-and-centos-5"title="Permalink to this headline">¶</a></h2>
<h2>Choosing Between Paramiko and Native SSH<aclass="headerlink"href="#choosing-between-paramiko-and-native-ssh"title="Permalink to this headline">¶</a></h2>
<p>By default, ansible uses paramiko to talk to managed nodes over SSH. Paramiko is fast, works
very transparently, requires no configuration, and is a good choice for most users.
However, it does not support some advanced SSH features that folks will want to use.</p>
<p>Starting in version 0.5, if you want to leverage more advanced SSH features (such as Kerberized SSH or jump hosts),
pass the flag “–connection=ssh” to any ansible command, or set the
ANSIBLE_TRANSPORT environment variable to ‘ssh’. This will cause Ansible to use openssh
tools instead.</p>
<p>If ANSIBLE_SSH_ARGS are not set, ansible will try to use some sensible ControlMaster options
by default. You are free to override this environment variable, but should still pass ControlMaster
options to ensure performance of this transport. With ControlMaster in use, both transports
are roughly the same speed. Without CM, the binary ssh transport is signficantly slower.</p>
<p>If none of this makes sense to you, the default paramiko option is probably fine.</p>
</div>
<divclass="section"id="your-first-commands">
<divclass="section"id="your-first-commands">
<h2>Your first commands<aclass="headerlink"href="#your-first-commands"title="Permalink to this headline">¶</a></h2>
<h2>Your first commands<aclass="headerlink"href="#your-first-commands"title="Permalink to this headline">¶</a></h2>
<p>Now that you’ve installed Ansible, it’s time to test it.</p>
<p>Now that you’ve installed Ansible, it’s time to test it.</p>
@ -306,9 +322,21 @@ bserver.example.org</pre>
<divclass="highlight-python"><pre>ssh-agent bash
<divclass="highlight-python"><pre>ssh-agent bash
ssh-add ~/.ssh/id_rsa</pre>
ssh-add ~/.ssh/id_rsa</pre>
</div>
</div>
<p>(Depending on your setup, you may wish to ansible’s –private-key-file option to specify a pem file instead)</p>
<p>Now ping all your nodes:</p>
<p>Now ping all your nodes:</p>
<divclass="highlight-python"><pre>ansible all -m ping</pre>
<divclass="highlight-python"><pre>ansible all -m ping</pre>
</div>
</div>
<p>If you want to access machines remotely as a different user than root, you will want to
specify the ‘-u’ option to ansible. If you would like to access sudo mode, there are also flags to do that:</p>
<divclass="highlight-python"><pre># as bruce
ansible all -m ping -u bruce
# as bruce, sudoing to root
ansible all -m ping -u bruce --sudo
# as bruce, sudoing to batman
ansible all -m ping -u bruce --sudo --sudo-user batman</pre>
</div>
<p>Now run a live command on all of your nodes:</p>
<p>Now run a live command on all of your nodes:</p>
<divclass="highlight-python"><pre>ansible all -a "/bin/echo hello"</pre>
<divclass="highlight-python"><pre>ansible all -a "/bin/echo hello"</pre>
</div>
</div>
@ -349,7 +377,7 @@ explore, but you already have a fully working infrastructure!</p>
<liclass="toctree-l2"><aclass="reference internal"href="gettingstarted.html#choosing-between-paramiko-and-native-ssh">Choosing Between Paramiko and Native SSH</a></li>
<liclass="toctree-l2"><aclass="reference internal"href="gettingstarted.html#your-first-commands">Your first commands</a></li>
<liclass="toctree-l2"><aclass="reference internal"href="gettingstarted.html#your-first-commands">Your first commands</a></li>
<spanid="id7"></span><h2>ohai<aclass="headerlink"href="#ohai"title="Permalink to this headline">¶</a></h2>
<spanid="id9"></span><h2>ohai<aclass="headerlink"href="#ohai"title="Permalink to this headline">¶</a></h2>
<p>Similar to the <aclass="reference internal"href="#facter"><em>facter</em></a> module, this returns JSON inventory data.
<p>Similar to the <aclass="reference internal"href="#facter"><em>facter</em></a> module, this returns JSON inventory data.
Ohai data is a bit more verbose and nested than facter.</p>
Ohai data is a bit more verbose and nested than facter.</p>
<p>Requires that ‘ohai’ be installed on the remote end.</p>
<p>Requires that ‘ohai’ be installed on the remote end.</p>
@ -445,7 +485,7 @@ support change hooks, nor does it make any changes on the system.</p>
<aclass="reference internal"href="#setup"><em>setup</em></a> module behind the scenes instead.</p>
<aclass="reference internal"href="#setup"><em>setup</em></a> module behind the scenes instead.</p>
</div>
</div>
<divclass="section"id="ping">
<divclass="section"id="ping">
<spanid="id8"></span><h2>ping<aclass="headerlink"href="#ping"title="Permalink to this headline">¶</a></h2>
<spanid="id10"></span><h2>ping<aclass="headerlink"href="#ping"title="Permalink to this headline">¶</a></h2>
<p>A trivial test module, this module always returns the integer <ttclass="docutils literal"><spanclass="pre">1</span></tt> on
<p>A trivial test module, this module always returns the integer <ttclass="docutils literal"><spanclass="pre">1</span></tt> on
successful contact.</p>
successful contact.</p>
<p>This module does not support change hooks and is informative only - it
<p>This module does not support change hooks and is informative only - it
@ -468,8 +508,8 @@ for this module.</p>
<divclass="highlight-python"><pre>ansible newhost.example.com raw -a "yum install python-simplejson"</pre>
<divclass="highlight-python"><pre>ansible newhost.example.com raw -a "yum install python-simplejson"</pre>
</div>
</div>
</div>
</div>
<divclass="section"id="id9">
<divclass="section"id="id11">
<h2>service<aclass="headerlink"href="#id9" title="Permalink to this headline">¶</a></h2>
<h2>service<aclass="headerlink"href="#id11" title="Permalink to this headline">¶</a></h2>
<p>Controls services on remote machines.</p>
<p>Controls services on remote machines.</p>
<p><em>state</em>:</p>
<p><em>state</em>:</p>
<ulclass="simple">
<ulclass="simple">
@ -499,7 +539,7 @@ service name=httpd state=reloaded</pre>
</div>
</div>
</div>
</div>
<divclass="section"id="setup">
<divclass="section"id="setup">
<spanid="id10"></span><h2>setup<aclass="headerlink"href="#setup"title="Permalink to this headline">¶</a></h2>
<spanid="id12"></span><h2>setup<aclass="headerlink"href="#setup"title="Permalink to this headline">¶</a></h2>
<p>Writes a JSON file containing key/value data, for use in templating.
<p>Writes a JSON file containing key/value data, for use in templating.
Call this once before using the <aclass="reference internal"href="#template"><em>template</em></a> module. Playbooks
Call this once before using the <aclass="reference internal"href="#template"><em>template</em></a> module. Playbooks
will execute this module automatically as the first step in each play
will execute this module automatically as the first step in each play
@ -592,7 +632,7 @@ on your remote systems.</p>
</div>
</div>
</div>
</div>
<divclass="section"id="shell">
<divclass="section"id="shell">
<spanid="id11"></span><h2>shell<aclass="headerlink"href="#shell"title="Permalink to this headline">¶</a></h2>
<spanid="id13"></span><h2>shell<aclass="headerlink"href="#shell"title="Permalink to this headline">¶</a></h2>
<p>The shell module takes the command name followed by a list of
<p>The shell module takes the command name followed by a list of
arguments, space delimited. It is almost exactly like the command module
arguments, space delimited. It is almost exactly like the command module
but runs the command through the user’s configured shell on the remote node.</p>
but runs the command through the user’s configured shell on the remote node.</p>
@ -610,7 +650,7 @@ command was running.</p>
</div>
</div>
</div>
</div>
<divclass="section"id="template">
<divclass="section"id="template">
<spanid="id12"></span><h2>template<aclass="headerlink"href="#template"title="Permalink to this headline">¶</a></h2>
<spanid="id14"></span><h2>template<aclass="headerlink"href="#template"title="Permalink to this headline">¶</a></h2>
<p>Templates a file out to a remote server. Call the <aclass="reference internal"href="#setup"><em>setup</em></a> module
<p>Templates a file out to a remote server. Call the <aclass="reference internal"href="#setup"><em>setup</em></a> module
prior to usage if you are not running from a playbook. In addition to the options
prior to usage if you are not running from a playbook. In addition to the options
listed below, the arguments available to the <cite>file</cite> and <cite>copy</cite> modules can also be passed
listed below, the arguments available to the <cite>file</cite> and <cite>copy</cite> modules can also be passed
@ -630,7 +670,7 @@ be a relative or absolute path.</li>
</div>
</div>
</div>
</div>
<divclass="section"id="user">
<divclass="section"id="user">
<spanid="id13"></span><h2>user<aclass="headerlink"href="#user"title="Permalink to this headline">¶</a></h2>
<spanid="id15"></span><h2>user<aclass="headerlink"href="#user"title="Permalink to this headline">¶</a></h2>
<p>Creates user accounts, manipulates existing user accounts, and removes user accounts.</p>
<p>Creates user accounts, manipulates existing user accounts, and removes user accounts.</p>
<p><em>name</em>:</p>
<p><em>name</em>:</p>
<ulclass="simple">
<ulclass="simple">
@ -664,6 +704,10 @@ be a relative or absolute path.</li>
<ulclass="simple">
<ulclass="simple">
<li>Whether to create the user’s home directory. Takes ‘yes’, or ‘no’. The default is ‘yes’.</li>
<li>Whether to create the user’s home directory. Takes ‘yes’, or ‘no’. The default is ‘yes’.</li>
</ul>
</ul>
<p><em>home=</em>:</p>
<ulclass="simple">
<li>Specifies where the user’s home directory should be, if not in /home/$username.</li>
</ul>
<p><em>password</em>:</p>
<p><em>password</em>:</p>
<ulclass="simple">
<ulclass="simple">
<li>Sets the user’s password to this crypted value. Pass in a result from crypt. See the users example in the github examples directory for what this looks like in a playbook.</li>
<li>Sets the user’s password to this crypted value. Pass in a result from crypt. See the users example in the github examples directory for what this looks like in a playbook.</li>
@ -691,7 +735,7 @@ user name=mdehaan state=absent force=yes</pre>
</div>
</div>
</div>
</div>
<divclass="section"id="virt">
<divclass="section"id="virt">
<spanid="id14"></span><h2>virt<aclass="headerlink"href="#virt"title="Permalink to this headline">¶</a></h2>
<spanid="id16"></span><h2>virt<aclass="headerlink"href="#virt"title="Permalink to this headline">¶</a></h2>
<p>Manages virtual machines supported by libvirt. Requires that libvirt be installed
<p>Manages virtual machines supported by libvirt. Requires that libvirt be installed
on the managed machine.</p>
on the managed machine.</p>
<p><em>guest</em>:</p>
<p><em>guest</em>:</p>
@ -728,7 +772,7 @@ ansible host -m virt -a "command=virttype"</pre>
</div>
</div>
</div>
</div>
<divclass="section"id="yum">
<divclass="section"id="yum">
<spanid="id15"></span><h2>yum<aclass="headerlink"href="#yum"title="Permalink to this headline">¶</a></h2>
<spanid="id17"></span><h2>yum<aclass="headerlink"href="#yum"title="Permalink to this headline">¶</a></h2>
<p>Will install, upgrade, remove, and list packages with the yum package manager.</p>
<p>Will install, upgrade, remove, and list packages with the yum package manager.</p>
<li><aclass="reference internal"href="#running-operations-on-change">Running Operations On Change</a></li>
<li><aclass="reference internal"href="#running-operations-on-change">Running Operations On Change</a></li>
<li><aclass="reference internal"href="#include-files-and-reuse">Include Files And Reuse</a></li>
<li><aclass="reference internal"href="#include-files-and-reuse">Include Files And Reuse</a></li>
<li><aclass="reference internal"href="#executing-a-playbook">Executing A Playbook</a></li>
<li><aclass="reference internal"href="#executing-a-playbook">Executing A Playbook</a></li>
<li><aclass="reference internal"href="#tips-and-tricks">Tips and Tricks</a></li>
</ul>
</ul>
</li>
</li>
</ul>
</ul>
@ -271,7 +272,7 @@ Just <cite>Control-C</cite> to kill it and run it again with <cite>-K</cite>.</p
<divclass="highlight-python"><pre>$varname or ${varname}</pre>
<divclass="highlight-python"><pre>$varname or ${varname}</pre>
</div>
</div>
<p>The later is useful in the event you need to do something like ${other}_concatenated_value.</p>
<p>The later is useful in the event you need to do something like ${other}_concatenated_value.</p>
<p>In templates, the full power of the Jinja2 templating language is also available, which looks like this:</p>
<p>The full power of the Jinja2 templating language is also available (note: in 0.4, this is only true inside of templates), which looks like this:</p>
@ -222,13 +222,20 @@ want to reference data from must be included in either the current play or any p
<divclass="section"id="magic-variables">
<divclass="section"id="magic-variables">
<h2>Magic Variables<aclass="headerlink"href="#magic-variables"title="Permalink to this headline">¶</a></h2>
<h2>Magic Variables<aclass="headerlink"href="#magic-variables"title="Permalink to this headline">¶</a></h2>
<p>Some variables made available to hosts don’t come from definitions in a playbook, the inventory file, or discovery from the system. There are only two of these, and are used in special cases that many users won’t need.</p>
<p>Some variables made available to hosts don’t come from definitions in a playbook, the inventory file, or discovery from the system. There are only two of these, and are used in special cases that many users won’t need.</p>
<p><cite>groups</cite> is a list (array) of all the groups the current host is in. This can be used in templates using Jinja2
<p><em>group_names</em> is a list (array) of all the groups the current host is in. This can be used in templates using Jinja2
syntax to make template source files that vary based on the group membership (or role) of the host:</p>
syntax to make template source files that vary based on the group membership (or role) of the host:</p>
<divclass="highlight-python"><pre>{% if 'webserver' in groups %}
<divclass="highlight-python"><pre>{% if 'webserver' in group_names %}
# some part of a configuration file that only applies to webservers
# some part of a configuration file that only applies to webservers
{% endif %}</pre>
{% endif %}</pre>
</div>
</div>
<p><cite>inventory_hostname</cite> is the name of the hostname as configured in Ansible’s inventory host file. This can
<p><em>groups</em> is a list of all the groups (and hosts) in the inventory. This can be used to enumerate all hosts within a group.
For example:</p>
<divclass="highlight-python"><pre>{% for host in groups['app_servers'] %}
# something that applies to all app servers.
{% endfor %}</pre>
</div>
<p>Use cases include pointing a frontend proxy server to all of the app servers, setting up the correct firewall rules between servers, etc.</p>
<p><em>inventory_hostname</em> is the name of the hostname as configured in Ansible’s inventory host file. This can
be useful for when you don’t want to rely on the discovered hostname <cite>ansible_hostname</cite> or for other mysterious
be useful for when you don’t want to rely on the discovered hostname <cite>ansible_hostname</cite> or for other mysterious
reasons. Don’t worry about it unless you think you need it.</p>
reasons. Don’t worry about it unless you think you need it.</p>
</div>
</div>
@ -501,7 +508,7 @@ logs from ansible-pull runs would be an excellent way to gather and analyze remo
Michael DeHaan
13 years ago