About
Playbook is the language of Ansible.
- Ansible modules are the function
- Playbooks are declarative instruction written in Yaml that run module functions
A playbook is a list of play.
Playbooks are:
- kept in source control
Playbooks can be used to manage remote machines:
- configurations (push out or assure that the configurations are in sync)
- deployments
They can :
- sequence multi-tier rollouts involving rolling updates,
- delegate actions to other hosts,
- interacting with monitoring servers and load balancers along the way.
Format
Playbooks are expressed in YAML format
---
Play1:
- Task11
- Task12
---
Play2:
- Task21
- Task22
....
Play
Each playbook is composed of one or more ‘plays’ in a list.
A play map a group of hosts to some well defined roles, represented by tasks.
Plays run in the order specified: top to bottom.
By composing a playbook of multiple plays, it is possible to orchestrate multi-machine deployments. For instance:
- running certain steps on all machines in the webservers group,
- then certain steps on the database server group,
- then more commands back on the webservers group,
- etc.
Example:
---
- hosts: all # one or more group or host patterns
order: sorted # Host order: value can be 'inventory' ie as is in the inventory file, reverse_inventory, sorted (alpha), reverse_sorted, shuffle (random)
remote_user: yourname # or root This property was called user before Ansible 1.4
become: yes # optional
become_user: postgres # optional
gather_facts: False
where:
- --- separates play
- host defines the target machines: one or more groups or host patterns, separated by colons that should match hosts in the inventory. all is a group that means all hosts in the inventory file.
- remote_user, become and become_user are connection variable
- remote_user defines the default logging remote user (The remote user can also be defined for a task)
- become and become_user defines user escalation mechanism
- gather_facts defines if fact must be gathered
Task
A task is a call to an ansible module with arguments. See Ansible PlayBook - Task
vars
Variable definition
includes, imports, and roles
import statement in Playbook
All include task are dynamic (ie included at runtime) whereas import tasks are included at start time.
- include / import
Doc:
Include with variable
Example to loop over several domains and get the certificates by passing the variable letsencrypt_domain
- name: Get the Ovh certificate
with_items: "{{ovh_domains}}"
include: certbot_certonly_ovh.yml letsencrypt_domain: '{{ item }}'
tags: nginx-cert-ovh
Import with variable
- name: Compile and copy
import_tasks: nginx_compile_dynamic_module.yml
vars:
nginx_dynamic_library_name: 'ngx_pagespeed.so'
nginx_dynamic_library_source_path: '{{ nginx_build_base_dir }}/{{ nginx_pagespeed_archive_dir_name }}'
Example
Two plays:
---
- hosts: webservers
remote_user: root
tasks:
- name: ensure apache is at the latest version
yum:
name: httpd
state: latest
- name: write the apache config file
template:
src: /srv/httpd.j2
dest: /etc/httpd.conf
- hosts: databases
remote_user: root
tasks:
- name: ensure postgresql is at the latest version
yum:
name: postgresql
state: latest
- name: ensure that postgresql is started
service:
name: postgresql
state: started
Management
Check Syntax
ansible-playbook --syntax-check
Pre-processing ? Filters / Function
https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html
Execution
Push
at the command line with ansible-playbook
ansible-playbook [options] playbook.yml [playbook2 ...]
- –ask-become-pass (-K).
- –verbose
If you run a become playbook and the playbook seems to hang, it’s probably stuck at the privilege escalation prompt. Just kill it.
hosts with failed tasks are taken out of the rotation for the entire playbook.
- execute a playbook using a parallelism level of 10
ansible-playbook playbook.yml -f 10
Pull
The ansible-pull is a small script that will checkout a repo of configuration instructions from git, and then run ansible-playbook against that content.
Docker Run
- Ansible Playbook can be used to install an application inside docker
Example from webserver-simple
# From a image with Ansible installed
FROM ansible/centos7-ansible:stable
# Add playbooks to the Docker image
ADD ansible /srv/example/
WORKDIR /srv/example
# Run Ansible to configure the Docker image
RUN ansible-playbook site.yml -c local
# Other Dockerfile directives are still valid
EXPOSE 22 3000 80
ENTRYPOINT ["/usr/local/bin/apachectl", "-DFOREGROUND"]
Local
On the localhost:
ansible-playbook playbook.yml --connection=local
# or
ansible-playbook playbook.yml -i hosts.ini
with
localhost ansible_connection=local