Ansible commands cheatsheet
Ansible Cheatsheet
Today we will look at various frequently used Ansible commands that i used to refer everytime.
We are connecting to remote users via username “john”
1. Get hostname for all servers
MACOS:ansible ngeuser$ ansible -m shell -a 'hostname' all -u john r172-linux5.NGEL.ngelinux.com | SUCCESS | rc=0 >> r172-linux5.NGEL.ngelinux.com r189-linux5.NGEL.ngelinux.com | SUCCESS | rc=0 >> r189-linux5.NGEL.ngelinux.com
2. Check ping response to all the servers
MACOS:ansible ngeuser$ ansible -m ping all -u john r172-linux5.NGEL.ngelinux.com | SUCCESS => { "changed": false, "ping": "pong" } r189-linux5.NGEL.ngelinux.com | SUCCESS => { "changed": false, "ping": "pong" }
3. To add user on all servers
# ansible -b -K -m user -a ’name=testuser’ all
4. Delete Users on all servers
# ansible -b -K -m user -a 'name=testuser state=absent’ all
5. Get root user passwd entry
MACOS:ansible ngeuser$ ansible -m shell -a 'getent passwd | grep root' all -u john r189-linux5.NGEL.ngelinux.com | SUCCESS | rc=0 >> root:x:0:0:root:/root:/bin/bash operator:x:11:0:operator:/root:/sbin/nologin
6. Referring to other hosts by using separate file.
MACOS:ansible ngeuser$ ansible -i other_hosts -m ping all r163-linux5.NGEL.ngelinux.com | SUCCESS => { "changed": false, "ping": "pong" } r159-linux5.NGEL.ngelinux.com | SUCCESS => { "changed": false, "ping": "pong" } MACOS:ansible ngeuser$ cat other_hosts r159-linux5.NGEL.ngelinux.com r163-linux5.NGEL.ngelinux.com
7. Check system basic information.
MACOS:ansible ngeuser$ ansible -i other_hosts -m shell -a "uname -a" all r163-linux5.NGEL.ngelinux.com | SUCCESS | rc=0 >> Linux r163-linux5.NGEL.ngelinux.com 3.10.0-862.el7.x86_64 #1 SMP Wed Apr 11 11:40:58 PDT 2018 x86_64 x86_64 x86_64 GNU/Linux r159-linux5.NGEL.ngelinux.com | SUCCESS | rc=0 >> Linux r159-linux5.NGEL.ngelinux.com 3.10.0-862.el7.x86_64 #1 SMP Wed Apr 11 11:40:58 PDT 2018 x86_64 x86_64 x86_64 GNU/Linux MACOS:ansible ngeuser$
8. Running script via ansible
# ansible -i custom_hosts -m shell -a "/ngs/global/bin/acl_check.py | grep cranium -A4" all >> ./output.txt
9. Ansible Configuration file
MACOS:ansible ngeuser$ cat ansible.cfg [defaults] inventory = hosts remote_user=john host_key_checking = False MACOS:ansible ngeuser$
10. To run command as sudo
--extra-vars "ansible_sudo_pass=yourPassword”
--extra-vars "ansible_become_pass=yourPassword"
11. Sample playbook to get rpm version from various servers.
--- - name: a play that get the RPM version on the NGEL Compute infrastructure gather_facts: no hosts: all tasks: - name: Get version of RPM on VIS 1 HyperVisor shell: rpm -qa | grep NGER- register: version changed_when: False args: warn: no - debug: var: version.stdout_lines
12. Get System release version
ngeuser@ngelinux001:~/ansible/playbook$ cat oracle-release.yml --- - hosts: dev remote_user: ngeuser tasks: - shell: cat /etc/oracle-release register: result - debug: var=result.stdout
13. Get RPM kernel release version
ngeuser@ngelinux001:~/ansible/playbook$ cat kernel-version.yml --- - hosts: dev remote_user: e0044378 tasks: - shell: uname -r register: kernel_running - shell: rpm -q kernel | head -1 register: kernel_installed - debug: var=kernel_running.stdout - debug: var=kernel_installed.stdout
14. Yum Update Playbook
ngeuser@ngelinux001:~/ansible/playbook$ cat yum-update.yaml --- - hosts: dev_vm remote_user: ngeuser become: yes become_method: sudo tasks: - name: update latest puppet yum: name=NGER-puppet state=latest update_cache=yes - name: update latest global yum: name=NGER-global state=latest update_cache=yes - name: run puppet command: /ngs/global/bin/run_puppet.py -r - name: yum update all packages command: /ngs/global/bin/yum_update.sh -y -l
15. See all apache drives.
ngeuser@ngelinux001:~/ansible/playbook$ cat apache-drives.yaml --- - hosts: apache remote_user: ngeuser become: yes become_method: sudo tasks: - name: count physical drives shell: /opt/hp/hpssacli/bld/hpssacli ctrl slot=0 physicaldrive all show | grep -c physicaldrive register: result - debug: var=result.stdout
16. Deploy KVM VM
ngeuser@ngelinux001:~/ansible/playbook$ cat deploy_vm.yml --- - hosts: nate-hosts remote_user: ngarabed become: no tasks: - name: run hvadm add_all command: hvadm add_all ngeuser@ngelinux001:~/ansible/playbook$
17. Creating roles and tasks
MACOS:ansible ngeuser$ mkdir roles MACOS:ansible ngeuser$ ls -ltr total 152 -rw-r--r-- 1 ngeuser staff 77 Sep 13 14:09 ansible.cfg -rw-r--r-- 1 ngeuser staff 46 Sep 13 14:10 hosts drwxr-xr-x 2 ngeuser staff 68 Sep 14 12:38 roles MACOS:ansible ngeuser$ mkdir roles/basic MACOS:ansible ngeuser$ mkdir roles/basic/tasks
18. Playbook & Task Creation:
MACOS:ansible ngeuser$ pwd /Users/ngeuser/ansible MACOS:ansible ngeuser$ cat playbook.yml --- - hosts: all become: true roles: - basic MACOS:ansible ngeuser$ cat roles/basic/tasks/main.yml - name: "Getting last ten lines of /var/log/msssages" shell: "tail /var/log/messages" MACOS:ansible ngeuser$ # ansible-playbook -K playbook.yml Identities available via memento-agent: YubiKey 3501446 [*] PIN required after idle [OKAY] SUDO password:
19. Some other examples
a. Get last ten lines of error log from a host:
# cmd="tail /var/log/messages" # ansible -b -m shell -a "$cmd" all --extra-vars "ansible_sudo_pass=Google@345”
b. Shutdown a host:
# cmd="/sbin/shutdown -h now" # ansible -b -m shell -a "$cmd" all --extra-vars "ansible_sudo_pass=Google@345”
c. Use of check option.
—check will not copy the file, just check it. To copy remove this.
MACOS:ansible ngeuser$ ansible-playbook playbooks/thirdplay.yml --check --diff
PLAY [Copying test.html file] ******************************************************************************************************
TASK [Gathering Facts] *************************************************************************************************************
ok: [r168-linux5.NGEL.ngelinux.com]
ok: [r005-linux5.NGEL.ngelinux.com]
TASK [copy] ************************************************************************************************************************
--- before
+++ after: /Users/ngeuser/ansible/files/test.html
@@ -0,0 +1 @@
+This is sample file
changed: [r168-linux5.NGEL.ngelinux.com]
--- before
+++ after: /Users/ngeuser/ansible/files/test.html
@@ -0,0 +1 @@
+Thise is sample file
changed: [r005-linux5.NGEL.ngelinux.com]
PLAY RECAP *************************************************************************************************************************
r005-linux5.NGEL.ngelinux.com : ok=2 changed=1 unreachable=0 failed=0
r168-linux5.NGEL.ngelinux.com : ok=2 changed=1 unreachable=0 failed=0
d. Limit to one host or few hosts:
#ansible-playbook web.yml -l 'hostYYY.ws.ngelinux.com;hostZZZ.ws.ngelinux.com'
MACOS:ansible ngeuser$ ansible-playbook playbooks/firstplaybook.yml -l nglinux -u root PLAY [Get server uptime] ***************************************************************************************************************** TASK [Gathering Facts] ******************************************************************************************************************* ok: [nglinux] ansible-playbook -i inventory configure.yml --ask-sudo-pass -k [vagrant@Master ansible]$ cat configure.yml --- - hosts: web remote_user: vagrant sudo: yes tasks: - name: configure http yum: name=httpd state=present when: ansible_os_family == "Redhat" - name: Deploy configuration template: src=templates/httpd.j2 dest=/etc/httpd/conf/httpd.conf notify: - Restart Apache - name: stop firewall service: name=firewalld state=stopped enabled=no handlers: - name: Restart Apache service: name=httpd state=started enabled=yes - hosts: db remote_user: vagrant sudo: yes tasks: - name: install database yum: name=mariadb-server state=present when: ansible_os_family == "Redhat" - name: start database service: name=mariadb state=started enabled=yes - name: stop firewall service: name=firewalld state=stopped enabled=no - hosts: all remote_user: vagrant sudo: yes tasks: - name: install software yum: name=net-tools state=present when: ansible_os_family == "Redhat" - name: check user and server shell: /usr/bin/hostname register: Name - debug: msg="Hostname is {{ Name.stdout }}" --- - name: a play that check servers for linux bridge presence on the NGEL Compute infrastructure gather_facts: no become: true hosts: all tasks: - name: Check linux bridge presence shell: ifconfig -a | grep -i ovs register: version args: warn: no - debug: var: version.stdout_lines