ansible

Ansible: Collection

Manage collections

# Install collection
ansible-galaxy collection install ansible.posix
ansible-galaxy collection install git@git.example.com:foo/ansible-collections/bar
ansible-galaxy collection install git+file:///home/user/path/to/repo_name
 
# List collections
ansible-galaxy collection list
# default user Ansible collection directory
~/.ansible/collections/ansible_collections/
 
# env vars
ANSIBLE_COLLECTIONS_PATHS
 
# ~/.ansible.cfg 
[defaults]
collections_paths = /path/to/collection
 
# get current path
ansible-config dump | grep -i collection

Include collection in playbook

- hosts: all
  collections:
    - my_namespace.my_collection
 
 
- hosts: all
  tasks:
    - import_role:
        name: my_namespace.my_collection.my_role

Defile collection dependency in role

Kubernetes the hard way

Links
https://github.com/kelseyhightower/kubernetes-the-hard-way

Configure OpenStack application credentials

mkdir -p ~/.config/openstack
 
cat <<EOF> ~/.config/openstack/clouds.yaml
clouds:
  dev-foo:
    auth_type: "v3applicationcredential"
    auth:
      auth_url: https://keystone.service.dev.example.com/v3
      application_credential_id: "YOUR_CREDENTIAL_ID"
      application_credential_secret: "YOUR_CREDENTIAL_PASS"
EOF

Install Terraform

cat <<EOF> /tmp/install-terraform.yml 
---
- hosts: localhost
  tasks:
    - name: Get latest Terraform version
      uri:
        url: https://checkpoint-api.hashicorp.com/v1/check/terraform
      register: response
 
    - set_fact:
        terraform_download_url: "{{ response.json.current_download_url }}"
        terraform_version: "{{ response.json.current_version }}"
 
    - name: Download Terraform {{ terraform_version }}
      unarchive:
        src: "{{ terraform_download_url }}terraform_{{ terraform_version }}_{{ ansible_system | lower }}_amd64.zip"
        remote_src: yes
        dest: ~/bin
        creates: ~/bin/terraform
        mode: 0550
EOF
 
ansible-playbook /tmp/install-terraform.yml

Create test env on OpenStack

Deploy OpenStack host with Ironic and Redfish

Define node variables

NODE=com4-dev
NODE_BMC_HOST=com4-dev.ipmi.dev.i.example.com
NODE_MAC_NIC1=00:11:22:33:44:55

Define env variables

NODE_BMC_USER=ADMIN
NODE_BMC_PASS=ADMIN

Create now node with Redfish (pxe device boot broken)
https://docs.openstack.org/ironic/latest/admin/drivers/redfish.html

openstack baremetal node create \
  --name ${NODE} \
  --driver redfish \
  --driver-info redfish_address="https://${NODE_BMC_HOST}" \
  --driver-info redfish_username=${NODE_BMC_USER} \
  --driver-info redfish_password=${NODE_BMC_PASS} \
  --driver-info redfish_verify_ca=false \
  --driver-info redfish_system_id=/redfish/v1/Systems/1

Create now node with IPMI
https://docs.openstack.org/ironic/latest/admin/drivers/ipmitool.html

openstack baremetal node create \
  --name ${NODE} \
  --driver ipmi \
  --driver-info ipmi_address=${NODE_BMC_HOST} \
  --driver-info ipmi_username=${NODE_BMC_USER} \
  --driver-info ipmi_password=${NODE_BMC_PASS} 

iPXE
https://docs.openstack.org/ironic/latest/admin/interfaces/boot.html#pxe-boot

ansible-galaxy

Ansible galaxy

ansible-galaxy install <REPOSITORY>
 
ansible-galaxy role install  --roles-path /tmp https://github.com/avanov/ansible-galaxy-pyenv/archive/refs/tags/1.2.0.tar.gz
mv /tmp/1.2.0 ~/.ansible/roles/avanov.pyenv

https://galaxy.ansible.com/bennojoy/network_interface/ - Network configuration
https://github.com/Oefenweb/ansible-postfix
https://galaxy.ansible.com/geerlingguy/gitlab/

Linux software RAID (mdadm)
https://galaxy.ansible.com/mrlesmithjr/mdadm

ansible-galaxy install mrlesmithjr.mdadm

Docker: Anisble snippets

Ansible docker modules
https://docs.ansible.com/ansible/latest/modules/docker_container_module.html

- name: Enable autostart for running containers
  shell: docker update --restart=always $(docker ps -q)

- name: Get container info
  docker_container_info:
    name: www1
  register: result

- name: Does container exist?
  debug:
    msg: "The container {{ 'exists' if result.exists else 'does not exist' }}"

- name: Stop container
  docker_container:
    name: "{{ result.container.Name }}"
    state: stopped
  when:
    - result.exists
    - result.container.State.Running

OpenStack: Cloud management with Ansible

Ansible OpenStack modules
https://docs.ansible.com/ansible/latest/search.html?q=os_

Ansible OpenStack module repository
https://github.com/ansible/ansible/tree/devel/lib/ansible/modules/cloud/openstack

# Fix; To utilize this module, the installed version ofthe shade library MUST be >=1.8.0
wget http://mirrors.kernel.org/ubuntu/pool/universe/p/python-shade/python-shade_1.30.0-2_all.deb -O /tmp/python-shade_1.30.0-2_all.deb
sudo dpkg -i /tmp/python-shade_1.30.0-2_all.deb

Ansible Inventory

# http://docs.ansible.com/ansible/intro_inventory.html

[all:vars]
#host_key_checking=false
ansible_ssh_common_args='-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
#information_environment=dev
#information_product=prod1
#ansible_ssh_user=ubuntu
#ansible_ssh_pass=pass1234
#ansible_user=root

[example.com]
www.example.com
db.example.com

[all:children]
local
example.com

[local:children]
phy.local
vm.local

[phy:children]
phy.local
phy.example.com

[phy.local]
www.local
db.local
backup.local
lxc.local ansible_host=192.168.1.11

Ansible templates

{% for host in groups['db_servers'] %}
{{ host }}
{{ hostvars[host]['ansible_eth0']['ipv4']['address'] }}
{% endfor %}

{% elif student.department.upper() != "MATHS DEPARTMENT" %}
Maths department
{% endif %}

# generate SSH config
{% for host in groups['vm.example.com'] %}
Host {{ host }}
Hostname {{ hostvars[host]['ansible_eth0']['ipv4']['address'] }}
{% endfor %}

# value by group (condition)
{% if 'www' in group_names and ansible_fqdn in groups['www'] %}
foo=true
{% else %}
foo=false
{% endif %}

{% if 'index.html' in request.build_absolute_uri %}