User’s guide

Introduction

Run this role to install and configure Ansible. Optionally, install Ansible plugins, checkout repo with the source code, and download the Ansible release notes.

Installation

The most convenient way how to install an Ansible role is to use Ansible Galaxy CLI ansible-galaxy. The utility comes with the standard Ansible package and provides the user with a simple interface to the Ansible Galaxy’s services. For example, take a look at the current status of the role

shell> ansible-galaxy role info vbotka.ansible

and install it

shell> ansible-galaxy role install vbotka.ansible

Install the library

shell> ansible-galaxy role install vbotka.ansible_lib

and install the collection if necessary

shell> ansible-galaxy collection install community.general

See also

  • To install specific versions from various sources see Installing content

  • Take a look at other roles shell> ansible-galaxy search --author=vbotka

Playbook

Below is a simple playbook ansible.yml that calls this role (10) at a single host srv.example.com (2)

 1---
 2- hosts: srv.example.com
 3  gather_facts: true
 4  connection: ssh
 5  remote_user: admin
 6  become: true
 7  become_user: root
 8  become_method: sudo
 9  roles:
10    - vbotka.ansible

Note

gather_facts: true (3) must be set to gather facts needed to evaluate OS-specific options of the role. For example, to install packages, the variable ansible_os_family is needed to select the appropriate Ansible module.

See also

Debug

To see additional debug information enable debug output in the configuration

ma_debug: true

, or set the extra variable in the command

shell> ansible-playbook ansible.yml -e ma_debug=true

Note

  • The debug output of this role is optimized for the yaml callback plugin. Set this plugin for example in the environment shell> export ANSIBLE_STDOUT_CALLBACK=yaml.

  • See details about the yaml callback plugin shell> ansible-doc -t callback yaml

  • See list of other callback plugins shell> ansible-doc -t callback -l

Tags

The tags provide the user with a very useful tool to run selected tasks of the role. To see what tags are available list the tags of the role:

shell> ansible-playbook ansible.yml --list-tags

playbook: ansible.yml

play #1 (srv.example.com): srv.example.com   TAGS: []

    TASK TAGS: [always, ma_ara, ma_config, ma_debug, ma_devel,
    ma_devel_repo, ma_devel_rnotes, ma_pip, ma_pkg, ma_plugins,
    ma_plugins_download, ma_plugins_extract, ma_plugins_link,
    ma_plugins_lists, ma_plugins_path, ma_plugins_test_inikeys,
    ma_repo_path, ma_rnotes_path, ma_sanity, ma_src_path, ma_vars,
    ma_venv]

For example, display the list of the variables and their values with the tag ma_debug (when the debug is enabled ma_debug=true)

shell> ansible-playbook ansible.yml -t ma_debug -e ma_debug=true

Create directories

shell> ansible-playbook ansible.yml -t ma_plugins_path,ma_src_path,ma_repo_path,ma_rnotes_path

See what OS packages will be installed

shell> ansible-playbook ansible.yml -t ma_pkg --check

Install OS packages and exit the play

shell> ansible-playbook ansible.yml -t ma_pkg

Tasks

Test single tasks at single remote host test_01. Create the playbook ansible.yml

---
- hosts: test_01
  become: true
  roles:
    - vbotka.ansible

Customize configuration, for example, in host_vars/test_01/ma-*.yml and check the syntax

shell> ansible-playbook ansible.yml --syntax-check

Then dry-run the selected task and see what will be changed. Replace <tag> with valid tag

shell> ansible-playbook ansible.yml -t <tag> --check --diff

When all seems to be ready run the command. Run the command twice and make sure the playbook and the configuration is idempotent

shell> ansible-playbook ansible.yml -t <tag>

Install Ansible package

There are three options:

  • Install OS-specific packages

  • Install PyPI package

  • Install PyPI package in Python virtual environment

By default, nothing will be installed:

ma_pkg_install: false
ma_pip_install: false
ma_venv_install: false

Warning

By default, ma_pkg_install, ma_pip_install, and ma_venv_install are mutually exclusive. Disable ma_sanity_pip_exclusive if you want to install more options in the same play.

Install OS-specific packages

Dry run the installation and see what will be installed

shell> ansible-playbook ansible.yml -t ma_pkg -e ma_debug=true -e ma_pkg_install=true -CD

If all is right install the package

shell> ansible-playbook ansible.yml -t ma_pkg -e ma_debug=true -e ma_pkg_install=true

See also

Install PyPI package

Dry run the installation and see what will be installed

shell> ansible-playbook ansible.yml -t ma_pip -e ma_debug=true -e ma_pip_install=true -CD

If all is right install the package

shell> ansible-playbook ansible.yml -t ma_pip -e ma_debug=true -e ma_pip_install=true

See also

Warning

Conclusions. The pip module isn’t always idempotent #28952 Quoting: “Managing system site-packages with Pip is not a good idea and will probably break your OS. Those should be solely managed by the OS package manager (apt/yum/dnf/etc.). If you want to manage env for some software in Python, better use a virtualenv technology.”

Install PyPI package in Python virtual environment

Dry run the installation and see what will be installed

shell> ansible-playbook ansible.yml -t ma_venv -e ma_debug=true -e ma_venv_install=true -CD

If all is right install the package

shell> ansible-playbook ansible.yml -t ma_venv -e ma_debug=true -e ma_venv_install=true

See also

Configure Ansible

Synopsis

Configure Ansible <WIP>.

See also

Install Ansible plugins

Synopsis

Install Ansible plugins.

See also

Examples

Ansible devel

Synopsis

Ansible development <WIP>.

See also

Examples

Variables

The default variables are stored in the directory defaults. OS specific variables are stored in the directory vars/defaults.

Default variables

<TBD>

[defaults/main.yml]

 1---
 2# default vars for ansible
 3ma_role_version: 2.6.23
 4
 5ma_pkg_install: false
 6ma_pip_install: false
 7ma_venv_install: false
 8
 9ma_packages_state: present
10# ma_packages see vars/defaults
11ma_pip_packages_state: present
12ma_pip_packages:
13  - name: ansible
14    state: "{{ ma_pip_packages_state }}"
15
16ma_debug: false
17ma_backup_conf: false
18
19ma_supported_linux_family: [RedHat, Debian]
20ma_pip_extraagrs: --user --upgrade
21
22# Sanity
23ma_sanity: true
24# Test ma_pip_install, ma_venv_install, and ma_pkg_install are mutually exclusive
25ma_sanity_pip_exclusive: true
26# Test ma_owner is defined
27ma_sanity_pip_owner_defined: "{{ ma_pip_install }}"
28# Test ma_pip_executable exists
29ma_sanity_pip_exists: "{{ ma_pip_install }}"
30
31# FreeBSD
32freebsd_install_retries: 3
33freebsd_install_delay: 10
34freebsd_install_method: packages
35# freebsd_install_method: ports
36freebsd_use_packages: true
37
38# Linux
39linux_install_retries: 3
40linux_install_delay: 10
41
42# pip
43pip_install_retries: 3
44pip_install_delay: 10
45
46# venv
47ma_virtualenv: $HOME/env
48
49# Config
50ma_config: []
51# ma_config_type options: template, lineinfile, ini_file
52# See tasks/configure.yml
53ma_config_type: template
54ma_config_template_default: ansible-auto.cfg.j2
55ma_src_path: /usr/local/ansible/src
56
57# ARA
58ma_ara: false
59
60# Plugins
61ma_plugins_paths_list: []
62ma_plugins_path: /usr/local/ansible/plugins
63ma_plugins: []
64ma_plugins_sections:
65  action_plugins: defaults
66  cache_plugins: defaults
67  callback_plugins: defaults
68  connection_plugins: defaults
69  filter_plugins: defaults
70  httpapi_plugins: defaults
71  inventory_plugins: defaults
72  lookup_plugins: defaults
73  netconf_plugins: defaults
74  strategy_plugins: defaults
75  terminal_plugins: defaults
76  test_plugins: defaults
77  vars_plugins: defaults
78
79# Devel
80ma_devel: false
81ma_devel_owner: root
82ma_repo: false
83ma_repo_version: devel
84ma_repo_url: https://github.com/ansible/ansible
85ma_repo_dir: /scratch/ansible-git
86ma_rnotes: false
87ma_rnotes_core_url: https://raw.githubusercontent.com/ansible/ansible/stable-
88ma_rnotes_core_dir: /scratch/ansible-release-notes/core
89ma_rnotes_core_list: ["2.15", "2.16", "2.17"]
90ma_rnotes_build_url: https://raw.githubusercontent.com/ansible-community/ansible-build-data/main/
91ma_rnotes_build_dir: /scratch/ansible-release-notes/build
92ma_rnotes_build_list: ["7", "8", "9"]

OS variables

<TBD>

Debian

[vars/defaults/Debian.yml]

 1---
 2# Debian vars/defaults for ansible
 3
 4ma_packages:
 5  - name: ansible
 6    state: "{{ ma_packages_state }}"
 7
 8ma_virtualenv_command: python3 -m venv
 9ma_virtualenv_packages:
10  - name: python3-venv
11    state: "{{ ma_packages_state }}"
12  - name: python{{ ansible_python_version | splitext | first }}-venv
13    state: "{{ ma_packages_state }}"
14
15ma_pip_executable: /usr/bin/pip3
16
17# Path to a pip requirements file local to the remote system
18ma_pip_requirements: ""
19
20# EOF

FreeBSD

[vars/defaults/FreeBSD.yml]

 1---
 2# FreeBSD vars/defaults for ansible
 3
 4ma_packages:
 5  - name: sysutils/ansible
 6    state: "{{ ma_packages_state }}"
 7  - name: sysutils/py-ansible-lint
 8    state: "{{ ma_packages_state }}"
 9# - name: devel/py-epdb
10#   state: "{{ ma_packages_state }}"
11
12ma_virtualenv_command: python3 -m venv
13ma_virtualenv_packages: []
14ma_pip_executable: /usr/local/bin/pip-{{ ansible_python_version | splitext | first }}
15
16# Path to a pip requirements file local to the remote system
17ma_pip_requirements: ""
18
19# EOF

RedHat

[vars/defaults/RedHat.yml]

 1---
 2# RedHat vars for ansible
 3
 4ma_packages:
 5  - name: python-ansible
 6    state: "{{ ma_packages_state }}"
 7
 8ma_virtualenv_command: python3 -m venv
 9ma_virtualenv_packages:
10  - name: python3-venv
11    state: "{{ ma_packages_state }}"
12
13ma_pip_executable: /usr/bin/pip3
14
15# Path to a pip requirements file local to the remote system
16ma_pip_requirements: ""
17
18# EOF

Ubuntu

[vars/defaults/Ubuntu.yml]

 1---
 2# Ubuntu vars/defaults for ansible
 3
 4ma_packages:
 5  - name: ansible
 6    state: "{{ ma_packages_state }}"
 7
 8ma_virtualenv_command: python3 -m venv
 9ma_virtualenv_packages:
10  - name: python3-venv
11    state: "{{ ma_packages_state }}"
12  - name: python{{ ansible_python_version | splitext | first }}-venv
13    state: "{{ ma_packages_state }}"
14
15ma_pip_executable: /usr/bin/pip3
16
17# Path to a pip requirements file local to the remote system
18ma_pip_requirements: ""
19
20# EOF

Best practice

Test the syntax

shell> ansible-playbook ansible.yml --syntax-check

Display and review the variables. Then disable debug ma_debug=false to speedup the playbook

shell> ansible-playbook ansible.yml -t ma_debug -e ma_debug=true

Dry-run the playbook in the check mode and display changes

shell> ansible-playbook ansible.yml --check --diff

Install OS packages ma_pkg_install=true or PyPI packages ma_pip_install=true. Optionally, install the packages in Python virtual environment ma_venv_install=true. Then disable the installation to speedup the playbook

shell> ansible-playbook ansible.yml -t ma_pkg -e ma_pkg_install=true

Create directories. The following check would fail without the directories

shell> ansible-playbook ansible.yml -t ma_plugins_dirs,ma_src_path

If you want to download the repository and the release notes create also these directories

shell> ansible-playbook ansible.yml -t ma_repo_path,ma_rnotes_path

If all seems to be right run the playbook. The role and the configuration data in the examples are idempotent. After the installation and configuration completed there should be no changes reported by ansible-playbook when running the playbook repeatedly

shell> ansible-playbook ansible.yml