Ansible
DevOps automation framework.
- What makes Ansible unique is not host agent, all done through ssh.
Links / Playbooks
2021 - https://blog.isostech.com/atlassian-logos/confluence-rest-api-with-ansible
https://crunchify.com/ansible-how-to-grep-ps-few-and-kill-process-running-on-remote-host/
Azure api - https://n4stack.io/2020/04/27/ansible-and-the-azure-rest-api/
Idempotent shell command
Ansible jinja2 templating and whitespace
https://radeksprta.eu/posts/control-whitespace-in-ansible-templates/
- #jinja2: lstrip_blocks: "True"
Ansible module ping host
ping/test connectivity, create inventory file, and run module ping.
vi inventory.file [mygrp] myserver ansible mygrp -i inventory.file -m ping
Ansible module setup return facts about a host
ansible myserver -i inventory.file -m setup #Note: add "--tree /tmp/facts" to get facts from multiple servers in groupe, indexed by host cat /tmp/facts/* | jq '.ansible_facts | .ansible_fqdn + ", " + .ansible_distribution + ", python:"+.ansible_python_version +", IP:" + ( .ansible_all_ipv4_addresses | join(",") ) ' #or jq 'if( .unreachable == true ) then ( input_filename +" <<Missing data" ) else ( .ansible_facts | .ansible_fqdn + ", " + .ansible_distribution + ", python:"+.ansible_python_version +", IP:" + ( .ansible_all_ipv4_addresses | join(",") ) ) end ' /tmp/facts/*
Encrypt/Decrypt secrets with ansible-vault before saving in git
$ ANSIBLE_VAULT_PASSWORD_FILE="~/.ansible-vault-password" ansible-vault encrypt secrets.auto.tfvars
Ansible error's
2020-09 [WARNING]: Unable to parse <file> as an inventory source
Debug with
ansible --list-hosts all -i <file> -vvv
- error seen "Skipping due to inventory source not existing or not being readable by the current user"
- Apparently ansible tries to parse inventory files with different plugins, ini, yaml, etc.
- 2021-10 "sudo: sorry, you must have a tty to run sudo"
Was caused by /etc/ssh/sshd.conf setting Defaults requiretty
Fix by adding Defaults:User1,UserX !requiretty