In order to develop more meaningful Playbooks, we need to know more about Ansible Modules.
Ansible works by connecting to your nodes and pushing out small programs, called modules to them. Modules are used to accomplish automation tasks in Ansible.
These programs are written to be resource models of the desired state of the system. Ansible then executes these modules and removes them when finished.
Ansible modules are categorized into various groups based on their functionality. There are hundreds of Ansible modules are available. We have categorized all the modules as shown in the below image:
System : System modules are actions to be performed at a system level such as modifying the users and groups on the system, modifying iptables and firewall configurations, working with logical volume groups, mounting operations and working with services.
Command : Command module are used to execute command or script on the host. This could be a simple command using the command module or an interactive execution using expect by responding to prompts. You could also run a script on the host using the script module.
Files : Files module will help in working with files. For example, using an ACL module to set an acl information on files, use the archive and unarchive module to compress and unpack files, use find, line in file, and replace the module to modify the contents of an existing file.
Database : Database module helps in working with databases such as mongodb, mysql, mssql, postgresql, proxysql and vertica to add or remove databases or modifying database configurations, etc.
Cloud : The Cloud section has a vast collection of modules for different cloud providers like Amazon, Azure, Google, Docker, VMware, Digital Ocean, Openstack, and many more. There are number a of modules available of each of these that allow you to perform various tasks such as, creating and destroying instances, performing configuration changes, security, managing containers, clusters, and much more.
Windows : Windows module helps you in the Windows environment. Some of them are, Win_copy to copy files, Win_command to execute a command, configuring a domain, configuring IIS, configuring registry, and lot more.
A module provides a defined interface, accepts arguments, and returns information to Ansible by printing a JSON string to stdout before exiting. Lets take a look at command module for example.
Command Modules executes a command on a remote node, it is good to know that command module is a default module if no modules is specified.
cd into this directory before running the command
a filename or (since 2.0) glob pattern, when it already exists, this step will not be run
change the shell used to execute the command. Should be an absolute path to the executable
the command module takes a free form command to run. There is no parameter actually named 'free form'. see the examples!
a filename or (since 2.0) glob pattern, when it does not exist, this step will not be run.
warn (added in1.8)
if command warnings are on in ansible.cfg, do not warn about this particular line if set to no/false.
---# Simple ansible playbook command-playbook.yml-name: Play commandshosts: localhosttasks:- name: Execute command 'date'command: date- name: Display resolv.conf contentscommand: cat /etc/resolv.conf- name: Display resolv.conf contents using chdircommand: cat resolv.conf chdir=/etc- name: Create a directorycommand: mkdir /home/demo-module/user1/folder
Runs a local script on one or more remote node(s) after transferring it.
---#Sample Ansible script-playbook.yml-name: Play Scriptshosts: centosbecome: yestasks:- name: Run a script on remote serverscript: /home/user1/demo-module/script.sh
Used to manage services on a system, Start, Stop, Restart. The Service module does not have a free_form input, which means we have to pass input in a key value pair format.
---#Sample Ansible service-playbook1.yml-name: Start some Services in orderhosts: centosbecome: yestasks:- name: Start the database serviceservice: name=postgresql state=started- name: Start the httpd serviceservice: name=httpd state=started
also we can write above playbook it in a dictionary or map format like this:
---#Sample Ansible service-playbook2.yml-name: Start some Services in orderhosts: centosbecome: yestasks:- name: Start the database serviceservice:name: postgresqlstate: started- name: Start the httpd serviceservice:name: httpdstate: started
httpd service is started, so if it is already started, do nothing. As we mentioned before, this is called idempotency.
Lineinfile module is used to find a line in a file and replace it or add it if it doesn't already exist.
---#Sample Ansible Playbook-lineinfile.yml-name: Add DNS serverhosts: localhosttasks:- name: Add DNS server to resolv.conflineinfile:path: /etc/resolv.confline: 'nameserver 18.104.22.168'
What if we do the same thing using a script and run it multiple times?
This module is useful for sending emails from playbooks.
---#Sample Ansible mail-playbook.yml-name: sending mailhosts: localhosttasks:- name: sending mail to rootmail:subject: 'System has been successfully configured'delegate_to: localhost- name: Sending an e-mail using Gmail SMTP serversmail:host: smtp.gmail.comport: 587username: [email protected]password: mysecretto: John Smith <[email protected]>subject: Ansible-reportbody: 'System has been successfully provisioned.'delegate_to: localhost- name: sendMail to a mail server with attachmentsmail:host: smtp.example.comport: 465username: [email protected]password: [email protected]from: [email protected]attach: /etc/fstab /etc/hostssubject: Ansible-reportbody: 'System has been successfully provisioned.'
Installs, upgrade, downgrades, removes, and lists packages and groups with the yum package manager.
---#Sample Ansible yum-playbook.yml-name: Install package(s) using yumhosts: centosbecome: yestasks:- name: Install the latest version of Apacheyum:name: httpdstate: latest- name: Install apache >= 2.4yum:name: httpd>=2.4state: present- name: Install a list of packages (suitable replacement for 2.11 loop deprecation warning)yum:name: Install apache and postgresql- httpd- postgresql- postgresql-serverstate: present
This module allows for addition or deletion of services and ports (either TCP or UDP) in either running or permanent firewalld rules.
---#Sample Ansible Playbook-firewalld.yml-name: Set Firewall Configurationshosts: centosbecome: yestasks:- firewalld:service: httpspermanent: truestate: enabled- firewalld:port: 8080/tcppermanent: truestate: disabled- firewalld:port: 162-162/udppermanent: truestate: disabled- firewalld:source: 192.168.100.0/24zone: internalstate: enabled
ansible-doc <module-name> to get more information about any module you would like, it also gives you some examples!
With the special thanks of mumshad mannambeth.