Install ansible on CentOS7:yum install epel-release
yum install -y ansible
Standard directory structure:[root@lab-1 ansible_playbooks]# tree
.
├── fs_servers.yml
├── inventories
│ ├── production
│ │ ├── group_vars
│ │ └── host_vars
│ └── staging
│ ├── group_vars
│ ├── hosts
│ └── host_vars
├── roles
│ └── fileserver
│ ├── files
│ ├── tasks
│ ├── templates
│ └── vars
└── site.yml
When using git with GitHub create (touch) .gitkeep file in each directory to sync the directory structure.
To provide ssh_key use next parameter in the hosts file:ansible_ssh_private_key_file=/root/.ssh/id_rsa
List all information about ansible inventory:[root@lab-1 ansible_playbooks]# ansible-inventory --list -i ./inventories/staging/hosts
Tree-like inventory info:ansible-inventory --graph -i ./inventories/staging/hosts
Check information of the server:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m setup
Execute shell command on remote servers:ansible -i ./inventories/staging/hosts staging_lab_servers -m shell -a "uptime"
Copy file from source VM to all servers:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m copy -a "src=/home/file.txt dest=/home mode=777" -b
Delete file from all servers:[root@lab-1 ansible_playbooks]#ansible -i ./inventories/staging/hosts staging_lab_servers -m file -a "path=/home/file.txt state=absent"
Download file from URL to all servers:[root@lab-1 ansible_playbooks]#ansible -i ./inventories/staging/hosts staging_lab_servers -m get_url -a "url=https://ya.ru dest=/home" -b
Make Get request to URL:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m uri -a "url=https://ya.ru"
Make Get request with content to URL:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m uri -a "url=https://ya.ru return_content=true"
Install yum package on all servers:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m yum -a "name=tree state=latest" -b
Remove yum package from all servers:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m yum -a "name=tree state=removed" -b
Enable service and start it:[root@lab-1 ansible_playbooks]# ansible -i ./inventories/staging/hosts staging_lab_servers -m service -a "name=httpd state=started enabled=yes" -b
Initialize role in the current folder (will create a subfolder with provided role name):ansible-galaxy init ROLE_NAME
********************************************************************
********************************************************************
********************************************************************
Ansible vault encrypt a file:ansible-vault encrypt FILE
Ansible decrypt the encrypted file:ansible-vault decrypt FILE
Cat encrypted file:ansible-vault view FILE
Edit encrypted file:ansible-vault edit FILE
Run encrypted playbook:ansible-playbook FILE.yml --ask-vault-pass
Run encrypted playbook with predefined passwd:ansible-playbook FILE.yml --vault-password-file passwd_file.txt
Ansible encrypt variable:ansible-vault encrypt_string
enter var: VAR_PASSWORD
copy the encrypted string to the playbook.
orecho -n "VAR_PASSWORD" | ansible-vault encrypt_string
Prepare Windows Server for Ansible automation:Set-Service -Name "WinRM" -StartupType Automatic
Start-Service -Name "WinRM"
winrm quickconfig
Enable-PSRemoting -SkipNetworkProfileCheck -Force