Tag: infrastructure as code

Handling sensitive data with Ansible Vault: encrypting strings instead of files

~ Tom's IT Cafe ~ 1 Comment

Sometimes we may want to encrypt only a single variable value or a short piece of text that we need to use in our playbook or role. For example, we may want to encrypt a user password or an API key, and not an entire file. Encrypting single variables is also a good idea when we keep our files in Source Control Management like Git.

Ansible Vault has a function to encrypt only parts of files, to encrypt variables instead of the whole file.

Continue reading “Handling sensitive data with Ansible Vault: encrypting strings instead of files”

Configuration file blueprints: Jinja2 templates in the Ansible code

~ Tom's IT Cafe ~ 1 Comment

Templating is a huge work power in Ansible when we want to write reusable code. Just imagine about having to create different playbooks and roles for every host that have a slightly different configuration from each other. That would be nonsense. Luckily we have configuration file templates in Ansible to make our life easier, and Infrastructure as Code less complex. We have already used Jinja2 templates in our playbook when we included variables. Let’s investigate what else can we do!

Continue reading “Configuration file blueprints: Jinja2 templates in the Ansible code”

How to write more advanced Ansible inventory files?

~ Tom's IT Cafe ~ Leave a comment

Previously we took a look at creating a basic plain text file inventory for our Ansible automation project, but we will need more functionality when we start using it seriously. Luckily Ansible provides us some other ways to create groups of hosts and handle them. Let’s investigate what else can we do in an Ansible inventory!

Continue reading “How to write more advanced Ansible inventory files?”

How to implement and use handlers in Ansible code?

~ Tom's IT Cafe ~ Leave a comment

Handlers are Ansible’s solution for running specific operations only when other tasks made changes, like when we update the configuration of a web server, and we want to restart the service. Obviously we do not want to restart the Apache2 on every playbook run, only if there is a change in its configuration. This is why we use handlers.

Continue reading “How to implement and use handlers in Ansible code?”