Ansible Cheat Sheet for Quick Reference and understanding
http://bit.ly/gineesh | www.techbeats.guru
Item |
Description |
host_vars |
directory for host variable files |
group_vars |
directory for group variable files |
facts |
collecting the host specific data |
register |
registered variables |
vars |
in playbook |
vars_files |
in playbook |
include_vars |
module |
include_tasks: stuff.yml |
include a sub task file |
Item |
Description |
with_items |
then “item” inside action |
with_nested |
for nested loops |
with_file |
|
with_fileglob |
|
with_sequence |
|
with_random_choice |
|
when |
meet a condition |
Item |
Description |
copy |
copy file or content |
get_url |
download file |
file |
manage file/directories |
yum |
manage package |
service |
manage services |
firewalld |
firewall service |
lineinfile |
add a line to dest file |
template |
to template file with variables |
debug |
to debug and display |
add_host |
add host to inventory while play |
wait_for |
use for flow control |
Item |
Description |
ansible-playbook <YAML> |
Run on all hosts defined |
ansible-playbook <YAML> -f 10 |
Run 10 hosts parallel |
ansible-playbook <YAML> --verbose |
Verbose on successful tasks |
ansible-playbook <YAML> -C |
Test run |
ansible-playbook <YAML> -C -D |
Dry run |
ansible-playbook <YAML> -l <host> |
Run on single host |
Item |
Description |
'notify` |
to notify the handler |
'handlers` |
define handler |
Item |
Description |
tags |
add tags to the tasks |
--tags ‘<tag>’ |
during playbook execution |
--skip-tags |
for skipping those tags |
tagged |
run any tagged tasks |
untagged |
any untagged items |
all |
all items |
Item |
Description |
ignore_errors |
proceed or not if any error on current task |
force_handlers |
call handler even the play failed |
failed_when |
mark the task as failed if a condition met |
changed_when |
set “ok” or “failed” for a task |
block |
logical grouping of tasks (can use with when) |
rescue |
to run if block clause fails |
always |
always run even block success or fails |
To be added later with examples
main file in sub-directories should be main.yml
Role variable can define under roles directive
Role Directories
Item |
Description |
defaults |
default value of role variables |
files |
static files referenced by role tasks |
handlers |
role’s handlers |
meta |
role info like Author, Licence, Platform etc |
tasks |
role’s task defenition |
templates |
jinja2 templates |
tests |
test inventory and test.yml |
vars |
role’s variable values |
pre_tasks |
tasks before role |
post_tasks |
tasks after role |
pre_tasks |
tasks before role |
post_tasks |
tasks after role |
https://galaxy.ansible.com
Item |
Description |
ansible-galaxy search ‘install git’ --platform el |
search for a role |
ansible-galaxy info <role-name> |
display role information |
ansible-galaxy install <role-name> -p <directory> |
install role from galaxy |
ansible-galaxy list |
to list local roles |
ansible-galaxy remove <role-name> |
remove role |
ansible-galaxy init --offline <role-name> |
initiate a role directory |
Item |
Description |
delegate_to: localhost |
run the task on localhost instead of inventory item |
delegate_facts |
assign the gathered facts from the tasks to the delegated host instead of current host |
Item |
Description |
'forks' |
number of forks or parallel machines |
--forks |
when using ansible-playbook |
serial |
control number parallel machines |
async: 3600 |
wait 3600 seconds to complete the task |
poll: 10 |
check every 10 seconds if task completed |
wait_for |
module to wait and check if specific condition met |
async_status |
module to check an async task status |
Item |
Description |
ansible-vault create newfile |
create a new vault file |
ansible-vault view newfile |
view file which is already ansible vaulted |
ansible-vault edit newfile |
Edit file |
ansible-vault view --vault-password-file .secret newfile |
Provide vault password as file |
ansible-vault decrypt newfile |
Remove encryption or vault |
ansible-vault rekey newfile |
change vault password |
--ask-vault-pass or --vault-password-file <secret-password-file> |
ask for vault password for ansible-playbook |
Item |
Description |
log_path |
where logs are saved |
debug |
module for debugging |
--syntax-check |
syntax checking for playbooks before they run |
--step |
run playbook step by step |
--start-at-task |
run a playbook but start at specific task |
--check |
check mode |
--diff |
will show the expected changes if you run the playbook, but will not do any changes (kind of dry run) |
uri |
module for testing url |
script |
module for running script and return success code |
stat |
module to check the status of files/dir |
assert |
check file exist |
if you find any mistakes, please feel free to update or let me know
Thanks
http://bit.ly/gineesh | www.techbeats.guru