network automation blog
-
Conditional variables in Ansible
I recently had to use a Jinja2 if statement to create variables depending on a set of conditions in an Ansible role. To achieve this, I had to revisit YAML block scalars and Jinja2 whitespace control. YAML block style scalar A scalar in YAML represents an indivisible value such as a string, number, or boolean,…
-
Linux troubleshooting with journald
systemd is a service and system manager for Linux that contains the command line tool journalctl and the journald daemon that aims to make life easier for anyone troubleshooting syslog messages in a Linux system. The journald daemon collects syslog messages and forwards them to the rsyslog service which sorts the syslog messages and writes…
-
SELinux and Firewalld
I harden all my RHEL servers with SELinux and Firewalld. Here is a crash course. SELinux SELinux (Security-Enhanced Linux) is a security architecture that enforces mandatory access controls to restrict applications, processes, and users to the least privileges necessary. For instance, if a web server tries to read files in /home/user/private (even if the file…
-
Ansible directory structure for efficient work
There is a lot of ways you can structure your playbooks, inventory, roles, and collections in Ansible, but it’s beneficial to find a structure that is suitable for both development and AWX/AAP. This is what my layout looks like: I have a Git repository called playbooks that contains all my playbooks. Symbolic links point to…
-
Adding directories to $PATH safely
$PATH is an environment variable containing a list of directories where executable programs are located in UNIX systems. The shell will search for executables in directories separated by the colon punctuation from left to right until it finds a match. A typical scenario is to add ~/.local/bin as the first directory in $PATH, so you…
-
Installing Python from source
The Ansible Control node requires a relatively new version of Python (see matrix here), often newer then the one your OS relies on. For example, the default Python implementation in RHEL 9 is Python 3.9, while ansible-core 2.17 requires Python 3.10 or higher for the Ansible Control Node. Sometimes you can install a newer version…
-
Faster Vim window navigation
Vim does two things when you open a file: Like Tmux, Vim allows us to split windows and navigate between them. By splitting a window, you are technically duplicating the current buffer. Here are the commands to split windows vertically and horizontally, respectively: The commands for switching between windows are: I like to remap the…
-
Quick automation in Vim with macros
A macro lets you record a sequence of commands to a registry. The macro can be replayed with the following command (once by default). You can view the macro using the reg command. Finally, these commands will edit the macro in a new buffer. Example Consider the following file. Suppose we want to move each…
-
Running Ansible Playbooks safely
A good way to explicitly and dynamically control which inventory hosts or groups a playbook executes against is by defining the host’s field in the playbook as a variable, commonly named “target”. This variable is then defined as an extra vars each time you run the playbook, and if you forget it the playbook will…
-
Neovim vs Vim
I started in Vim, but after a while, I replaced Vim with Neovim. I find that Neovim has more sensible defaults, “looks” better, and has good Language Server Protocol (LSP) integration and syntax highlighting plugins. I also prefer the Lua configuration setup in Neovim compared to Vim and Vimscript, even though I don’t do a…