-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAnsible notes
More file actions
230 lines (174 loc) · 5.05 KB
/
Ansible notes
File metadata and controls
230 lines (174 loc) · 5.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
**Ansible Notes for SRE / AWS DevOps Interview Preparation**
---
### 1. **Introduction to Ansible**
* Open-source tool for automation: provisioning, configuration management, application deployment.
* Used for managing servers, installing software, updates, orchestration.
* Written in Python; uses **YAML** for playbooks.
* **Agentless**: communicates via SSH; no client agent needed.
* GUI: **Ansible Tower** (drag and drop interface).
---
### 2. **Key Features**
* **Agentless** architecture.
* **Simple syntax** using YAML (human-readable, key-value format).
* **Extensible and modular** via custom roles.
* Efficient for large environments.
---
### 3. **Playbooks**
* Written in YAML, used to define automation tasks.
* Components:
* **Target Section**: hosts definition.
* **Variable Section**: variable definitions.
* **Task Section**: modules used to execute actions.
* Structure includes `vars`, `tasks`, `handlers`, `files`, `templates`, and `roles`.
**Example Modules Used in Playbooks:**
* `yum`, `apt`: Package installation
* `copy`, `template`: File and template handling
* `service`: Service management
* `debug`: Debugging output
---
### 4. **Variable Handling**
* Use `--extra-vars` to pass dynamic variables:
* Single: `ansible-playbook file.yml --extra-vars "abc=git"`
* Multiple: `ansible-playbook file.yml --extra-vars "abc=git def=maven"`
---
### 5. **Common Use Cases / Tasks**
* Install packages (e.g., Git, Apache)
* Start/stop/restart services
* Create users and groups
* Manage files and directories
* Configure permissions
* Deploy websites
* Pull code from GitHub (with token if private repo)
---
### 6. **Handlers & Conditions**
* **Handlers**: Execute only if notified (e.g., restart service if config changes).
* **Conditions**: Run tasks based on `when` clauses (conditional logic).
---
### 7. **Tags in Playbooks**
* Execute specific parts of playbook:
* Run specific: `ansible-playbook file.yml --tags tagname`
* Skip tags: `ansible-playbook file.yml --skip-tags tagname`
---
### 8. **Roles**
* Used to organize complex playbooks into reusable components.
* Directory structure includes: `defaults`, `files`, `handlers`, `meta`, `tasks`, `templates`, `vars`.
* Created with `ansible-galaxy init rolename`
---
### 9. **Ad-Hoc Commands**
* Quick one-time tasks from CLI without playbooks.
* Ex: `ansible all -m yum -a "name=httpd state=present"`
---
### 10. **Modules Overview**
* **Core building blocks** of Ansible.
* Types include: `yum`, `apt`, `service`, `file`, `copy`, `user`, `command`, `debug`, etc.
---
### 11. **Ansible Galaxy**
* Community repository for roles/playbooks.
* Common commands:
* Search: `ansible-galaxy search role`
* Install: `ansible-galaxy install author.rolename`
---
### 12. **Ansible Vault**
* Secure sensitive data like passwords and tokens.
* Commands:
* `ansible-vault create vault.yml`
* `ansible-vault edit/view/encrypt/decrypt vault.yml`
* Use `--ask-vault-pass` or `--vault-password-file` during execution.
---
### 13. **Interview Tips**
* Emphasize idempotency.
* Mention role-based modularization.
* Describe Vault use for secrets.
* Explain handlers for service restart.
* Reference ad-hoc use for real-time on-call troubleshooting.
* Discuss dynamic inventory or EC2 provisioning.
Here’s a set of sample Ansible playbooks you can add to your practice or portfolio, based on your notes and common SRE/AWS DevOps use cases:
📦 1. Install Apache Web Server
yaml
Copy
Edit
- name: Install Apache on Web Servers
hosts: webservers
become: yes
tasks:
- name: Install Apache
yum:
name: httpd
state: present
- name: Start Apache
service:
name: httpd
state: started
enabled: yes
📁 2. Create a File with Content
yaml
Copy
Edit
- name: Create and write to a file
hosts: localhost
tasks:
- name: Create file with content
copy:
content: "Hello from Ansible!"
dest: /tmp/hello.txt
👥 3. Add Multiple Users
yaml
Copy
Edit
- name: Add multiple users
hosts: all
become: yes
vars:
users:
- alice
- bob
tasks:
- name: Create users
user:
name: "{{ item }}"
state: present
loop: "{{ users }}"
🔁 4. Restart Service with Handlers
yaml
Copy
Edit
- name: Update config and restart service
hosts: all
become: yes
tasks:
- name: Update config file
copy:
src: myconfig.conf
dest: /etc/myapp/config.conf
notify: Restart myapp
handlers:
- name: Restart myapp
service:
name: myapp
state: restarted
🔄 5. Conditional Task Execution
yaml
Copy
Edit
- name: Run only if variable is true
hosts: localhost
vars:
install_git: true
tasks:
- name: Install Git if condition is met
yum:
name: git
state: present
when: install_git
🌐 6. Deploy Website from GitHub
yaml
Copy
Edit
- name: Deploy static website
hosts: webservers
become: yes
tasks:
- name: Clone website repo
git:
repo: https://token@github.com/youruser/yourrepo.git
dest: /var/www/html