Templating is a huge work power in Ansible when we want to write reusable code. Just imagine about having to create different playbooks and roles for every host that have a slightly different configuration from each other. That would be nonsense. Luckily we have configuration file templates in Ansible to make our life easier, and Infrastructure as Code less complex. We have already used Jinja2 templates in our playbook when we included variables. Let’s investigate what else can we do!
Continue reading “Configuration file blueprints: Jinja2 templates in the Ansible code”Tag: ansible
How to write more advanced Ansible inventory files?
Previously we took a look at creating a basic plain text file inventory for our Ansible automation project, but we will need more functionality when we start using it seriously. Luckily Ansible provides us some other ways to create groups of hosts and handle them. Let’s investigate what else can we do in an Ansible inventory!
Continue reading “How to write more advanced Ansible inventory files?”How to implement and use handlers in Ansible code?
Handlers are Ansible’s solution for running specific operations only when other tasks made changes, like when we update the configuration of a web server, and we want to restart the service. Obviously we do not want to restart the Apache2 on every playbook run, only if there is a change in its configuration. This is why we use handlers.
Continue reading “How to implement and use handlers in Ansible code?”How to implement Ansible blocks in our code to group and manage tasks together?
There are some limitations of using YAML instead of a scripting language or a DSL, but the developers of Ansible thought about the issue, and they integrated some cool, more advanced features into the tool. We can use blocks collecting and handling tasks together Let’s investigate this feature a bit more!
Continue reading “How to implement Ansible blocks in our code to group and manage tasks together?”How to protect sensitive data with encrypted files (or elements) in Ansible – Ansible Vault
When we automate configurations we cannot avoid providing secrets to Ansible. The last thing we want is our secret data running around in plain text files on our control node. Luckily Ansible has a tool for this.
Ansible Vault is an integrated encryption tool in Ansible to manage sensitive data like passwords, keys and certificates. As with most parts of Ansible, we can start simple, and complexity can come later on.
Continue reading “How to protect sensitive data with encrypted files (or elements) in Ansible – Ansible Vault”Conditional statements – making decisions in Ansible code
In a playbook or in a role sometimes we want to run different tasks based on different conditions. In most cases it depends on a fact (detail about the managed host) or some data collected during the playbook run. Ansible conditionals are there to make it possible to run different tasks based on different conditions, or skip executing tasks entirely.
Continue reading “Conditional statements – making decisions in Ansible code”Loops in the Ansible code – the basics of iteration
Ansible loops and conditional statements are very cool inventions, but they are a double edged sword as well. The limitless freedom they give us can turn our roles into horrible mess. It is our responsibility to balance on the edge and use just the right amount of them in our code while we keep in mind that YAML is not a programming language.
Continue reading “Loops in the Ansible code – the basics of iteration”Creating an Ansible role from a playbook: modular, reusable code
After we ran ad-hoc commands and created a monolith playbook, we will increase our level of automation. We will separate our code much better with introducing modular, reusable file structures called roles. Ansible roles will load variables, handlers and tasks automatically for us based on a defined directory and file structure.
Continue reading “Creating an Ansible role from a playbook: modular, reusable code”Getting started with Ansible playbooks: more steps towards DevOps
Ansible playbooks are YAML files with target host/group information, command execution and some loops and logic. A playbook is a blueprint of an operation on our managed nodes. Playbooks are the first step towards managing infrastructure as code.
Continue reading “Getting started with Ansible playbooks: more steps towards DevOps”Getting started with Ansible for managing our personal lab – ad-hoc commands
After we installed Ansible and tested that it works well, then we want to make it work for us. There are three methods Ansible can operate. The first one is running so called ad-hoc commands with the ansible command line tool. The second option is to write re-usable code (playbooks, roles and variables) and run them with the ansible-playbook command. Both commands use the push mechanism to interact with the controlled nodes. A third option is a tool called ansible-pull that (as its name suggests) pulls the configuration onto a managed machine from a source code management repo. Let’s take a look at the easiest method, the ad-hoc commands first!
Continue reading “Getting started with Ansible for managing our personal lab – ad-hoc commands”Windows as Ansible control host in WSL2
We all want to work smarter, not harder. (Or at least some of us…) Automating the repetitive tasks was always a huge leap forward even before the “DevOps times” when we wrote shell scripts and Perl code to create automation out of the box. Today we have the luxury of choosing between a lot of automation and orchestration frameworks.
Continue reading “Windows as Ansible control host in WSL2”
Tom's IT Cafe 