Category: ansible
-
Running Ansible Playbooks safely
A good way to explicitly and dynamically control which inventory hosts or groups a playbook executes against is by defining the host’s field in the playbook as a variable, commonly named “target”. This variable is then defined as an extra vars each time you run the playbook, and if you forget it the playbook will…
-
Ansible Navigator intro
Ansible Navigator is a text-based command-line version of AAP/AWX (with some limitations), and I use it to test and troubleshoot newly created execution environments. Ansible Navigator can be installed with pip. Once installed, create an ansible-navigator.yml configuration file, and point to the execution environment image, along with your inventory and ansible.cfg file. Then run a…
-
Useful Ansible commands
Table with Ansible commands I use often: Command Explanation $ ansible-playbook playbook.yml -i ~/inventory/production -e “target=host1” Run a playbook with some common options. $ ansible-vault encrypt_string ‘secret’ –name ‘foobar’ Encrypt a variable. $ ansible localhost -m debug -a var=’foobar’ -e ‘@inventory/group_vars/all/foobar.yml’ Decrypt a variable. $ ansible-inventory –list -i ./inventory/production Parse the inventory. $ ansible-galaxy collection…
-
Ansible Builder intro
Ansible Builder is a Python tool used to build execution environments for AAP/AWX. An execution environment is a container acting as the Ansible Controller Node and is a required component in AAP/AWX. To get started, install Ansible Builder with pip, and make sure you have Podman/Docker installed, as Ansible Builder depends on a containerization tool.…
-
Installing Ansible correctly
The Ansible controller requires a UNIX-based OS and Python. Since Ansible runs in Python, it can (and should) be installed through pip – the package manager for Python. The optimal way to manage Python packages is by first creating and enabling a virtual environment; a disposable and OS-isolated environment locked to a specific Python interpreter.…
-
Ansible inventory structure
The inventory is Ansible’s source of truth. It is where all your hosts and groups, along with data like NTP and VLANs, are defined. Building and maintaining an inventory for Ansible can be difficult, but less so if you get the structure right. I define my groups and hosts in a (ini) file named groups_and_hosts.…
-
Ansible loop speed to the max
Imagen you want to use Ansible to set interface description based on CDP. The following example is super slow because each iteration in the loop, that satisfies the condition, is a separate task that Ansible has to execute. Modern modules, so-called resource modules, start with a “config” option that accepts multiple items from a list.…
-
Ansible persistent logging
By default, Ansible logs the output of playbooks to stdout. This is all fun and games until you close the terminal, something breaks, your logs are gone and you (like me) don’t remember exactly what you did. Luckily, persistent logging can easily be configured on the Ansible controller. These logs do not give you the…