Skip to content
Snippets Groups Projects
Commit ee51d32e authored by Vincent Mazenod's avatar Vincent Mazenod
Browse files

ansible

parent c467f802
No related branches found
No related tags found
No related merge requests found
Pipeline #3420 passed
......@@ -38,6 +38,7 @@
* virtualenv
[<i class="fa fa-book" aria-hidden="true"></i> ansible doc](https://docs.ansible.com/)
[<i class="fa fa-book" aria-hidden="true"></i> ansible windows modules](https://docs.ansible.com/ansible/latest/modules/list_of_windows_modules.html)
## ansible
......@@ -217,13 +218,50 @@ $ ansible-playbook my-playbook.yml --inventory-file=inventory.ini
## variables
* affectation
* role
* [<i class="fa fa-book" aria-hidden="true"></i> `default`](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#role-default-variables)
* [<i class="fa fa-book" aria-hidden="true"></i> inventaire](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#defining-variables-in-inventory)
* [<i class="fa fa-book" aria-hidden="true"></i> `group_vars`, `host_vars`, ou `inventaire.ini`](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#hosts-and-groups)
* [<i class="fa fa-book" aria-hidden="true"></i> playbook](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#defining-variables-in-a-playbook)
* [<i class="fa fa-book" aria-hidden="true"></i> ligne de commande](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#passing-variables-on-the-command-line)
`my-playbook.yml`
```yaml
- name: my-playbook
hosts: server.test
vars:
awesomevar: awesome
```
`group_vars/all.yml`
```yaml
mail_address: vincent.mazenod@isima.fr
ssl:
country_name: FR
state_province_name: puy de dome
locality_name: Aubière
organization_name: LIMOS
organizational_unit_name: IT
```
## variables
lit une valeur à partir Vault (<strike>`ansible-vault`</strike>)
```yaml
vars_prompt:
- name: "name"
prompt: "what is your name?"
```
les [<i class="fa fa-book" aria-hidden="true"></i> var_prompts](https://docs.ansible.com/ansible/latest/user_guide/playbooks_prompts.html)
permettent de lire les variables à partir de l'entrée standard.
## variables
* role
* [<i class="fa fa-book" aria-hidden="true"></i> `default`](https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#role-default-variables)
* [<i class="fa fa-book" aria-hidden="true"></i> inventaire](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#defining-variables-in-inventory)
* [<i class="fa fa-book" aria-hidden="true"></i> `group_vars`, `host_vars`, ou `inventaire.ini`](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#hosts-and-groups)
* [<i class="fa fa-book" aria-hidden="true"></i> playbook](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#defining-variables-in-a-playbook)
* [<i class="fa fa-book" aria-hidden="true"></i> ligne de commande](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#passing-variables-on-the-command-line)
#### [précédence des variables](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable)
......@@ -247,6 +285,33 @@ $ ansible-playbook my-playbook.yml --inventory-file=inventory.ini
[<i class="fa fa-book" aria-hidden="true"></i> Variables discovered from systems: Facts](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts)
## [<i class="fa fa-book" aria-hidden="true"></i> set_fact](https://docs.ansible.com/ansible/latest/modules/set_fact_module.html)
```yaml
criprod:
pvecriprod1:
api_users:
- proxmoxapi
- vimazeno
```
```yaml
- name: provisionner l'environnement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
_pve: "{ 'cluster': '{{ lookup('env','PVE_CLUSTER') }}', 'node': '{{ lookup('env','PVE_NODE') }}', 'host': '{{ lookup('env','PVE_HOST') }}'}"
- name: provisionner les utilisateurs d'api pve uniquement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
api_users: "{ 'api_users': {{ hostvars[inventory_hostname][_pve.cluster][_pve.node]['api_users'] }}}"
- name: fusionner l'environnement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
pve: "{{ _pve | combine(api_users) }}"
```
[<i class="fa fa-gitlab" aria-hidden="true"></i> réorganiser les variables dans une pre_task](https://gitlab.isima.fr/cri/stack/blob/master/ansible/pre-tasks/set-pve-vars.yml)
## jinja
[<i class="fa fa-book" aria-hidden="true"></i> templating](https://docs.ansible.com/ansible-container/container_yml/template.html)
......@@ -295,7 +360,7 @@ vars:
[<i class="fa fa-book" aria-hidden="true"></i> callback](https://docs.ansible.com/ansible/latest/plugins/callback.html)
## variable & secret
## lookup
```yaml
- debug:
......@@ -309,27 +374,13 @@ lit une valeur à partir d'une variable d'environement
msg: "{{ lookup('hashi_vault', 'secret=secret/hi:value token=xxx url=http://myvault')}}"
```
lit une valeur à partir Vault (<strike>`ansible-vault`</strike>)
```yaml
vars_prompt:
- name: "name"
prompt: "what is your name?"
```
les [<i class="fa fa-book" aria-hidden="true"></i> var_prompts](https://docs.ansible.com/ansible/latest/user_guide/playbooks_prompts.html)
permettent de lire les variables à partir de l'entrée standard.
lit un secret dans vault
## task
## basic tasks
[<i class="fa fa-book" aria-hidden="true"></i> debug](https://docs.ansible.com/ansible/latest/modules/debug_module.html)
```yaml
- debug:
msg: "System {{ inventory_hostname }} has uuid {{ ansible_product_uuid }}"
```
* [<i class="fa fa-book" aria-hidden="true"></i> raw](https://docs.ansible.com/ansible/latest/modules/raw_module.html)
* n'utilise que ssh et pas python
* permet d'installer python
......@@ -337,9 +388,6 @@ permettent de lire les variables à partir de l'entrée standard.
* [<i class="fa fa-book" aria-hidden="true"></i> shell](https://docs.ansible.com/ansible/latest/modules/shell_module.html)
* comme **command** mais au travers d'un shell
## task
```yaml
- shell: somescript.sh >> somelog.txt
args:
......@@ -347,6 +395,9 @@ permettent de lire les variables à partir de l'entrée standard.
creates: somelog.txt
```
## register
[<i class="fa fa-book" aria-hidden="true"></i> register](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#registering-variables)
```yaml
......@@ -515,33 +566,6 @@ exécute toutes les tâches du playbook sur py.isima.fr uniquement
```
## [<i class="fa fa-book" aria-hidden="true"></i> set_fact](https://docs.ansible.com/ansible/latest/modules/set_fact_module.html) & pre_task
```yaml
criprod:
pvecriprod1:
api_users:
- proxmoxapi
- vimazeno
```
```yaml
- name: provisionner l'environnement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
_pve: "{ 'cluster': '{{ lookup('env','PVE_CLUSTER') }}', 'node': '{{ lookup('env','PVE_NODE') }}', 'host': '{{ lookup('env','PVE_HOST') }}'}"
- name: provisionner les utilisateurs d'api pve uniquement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
api_users: "{ 'api_users': {{ hostvars[inventory_hostname][_pve.cluster][_pve.node]['api_users'] }}}"
- name: fusionner l'environnement du noeud (pour y accéder plus facilement dans les roles)
set_fact:
pve: "{{ _pve | combine(api_users) }}"
```
[<i class="fa fa-gitlab" aria-hidden="true"></i> exemple permettant de réorganiser les variables](https://gitlab.isima.fr/cri/stack/blob/master/ansible/pre-tasks/set-pve-vars.yml)
## roles
[<i class="fa fa-book" aria-hidden="true"></i> debops](https://docs.debops.org/en/master/)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment