User’s guide
Introduction
Run this role to install and configure Ansible. Optionally, install Ansible plugins, checkout repo with the source code, and download the Ansible release notes.
Ansible role: ansible
Supported systems:
Requirements:
Installation
The most convenient way how to install an Ansible role is to use
Ansible Galaxy CLI ansible-galaxy
. The utility comes with the
standard Ansible package and provides the user with a simple interface
to the Ansible Galaxy’s services. For example, take a look at the
current status of the role
shell> ansible-galaxy role info vbotka.ansible
and install it
shell> ansible-galaxy role install vbotka.ansible
Install the library
shell> ansible-galaxy role install vbotka.ansible_lib
and install the collection if necessary
shell> ansible-galaxy collection install community.general
See also
To install specific versions from various sources see Installing content
Take a look at other roles
shell> ansible-galaxy search --author=vbotka
Playbook
Below is a simple playbook ansible.yml that calls this role (10) at a single host srv.example.com (2)
1---
2- hosts: srv.example.com
3 gather_facts: true
4 connection: ssh
5 remote_user: admin
6 become: true
7 become_user: root
8 become_method: sudo
9 roles:
10 - vbotka.ansible
Note
gather_facts: true
(3) must be set to gather facts
needed to evaluate OS-specific options of the role. For example, to
install packages, the variable ansible_os_family
is needed to
select the appropriate Ansible module.
See also
For details see Connection Plugins (4-5)
See also Understanding Privilege Escalation (6-8)
Debug
To see additional debug information enable debug output in the configuration
ma_debug: true
, or set the extra variable in the command
shell> ansible-playbook ansible.yml -e ma_debug=true
Note
The debug output of this role is optimized for the yaml callback plugin. Set this plugin for example in the environment
shell> export ANSIBLE_STDOUT_CALLBACK=yaml
.See details about the yaml callback plugin
shell> ansible-doc -t callback yaml
See list of other callback plugins
shell> ansible-doc -t callback -l
See also
Tasks
Test single tasks at single remote host test_01. Create the playbook ansible.yml
---
- hosts: test_01
become: true
roles:
- vbotka.ansible
Customize configuration, for example, in host_vars/test_01/ma-*.yml
and check the syntax
shell> ansible-playbook ansible.yml --syntax-check
Then dry-run the selected task and see what will be changed. Replace <tag> with valid tag
shell> ansible-playbook ansible.yml -t <tag> --check --diff
When all seems to be ready run the command. Run the command twice and make sure the playbook and the configuration is idempotent
shell> ansible-playbook ansible.yml -t <tag>
Install Ansible package
There are three options:
Install OS-specific packages
Install PyPI package
Install PyPI package in Python virtual environment
By default, nothing will be installed:
ma_pkg_install: false
ma_pip_install: false
ma_venv_install: false
Warning
By default, ma_pkg_install, ma_pip_install, and ma_venv_install are mutually exclusive. Disable ma_sanity_pip_exclusive if you want to install more options in the same play.
Install OS-specific packages
Dry run the installation and see what will be installed
shell> ansible-playbook ansible.yml -t ma_pkg -e ma_debug=true -e ma_pkg_install=true -CD
If all is right install the package
shell> ansible-playbook ansible.yml -t ma_pkg -e ma_debug=true -e ma_pkg_install=true
See also
Annotated Source code pkg.yml
Install PyPI package
Dry run the installation and see what will be installed
shell> ansible-playbook ansible.yml -t ma_pip -e ma_debug=true -e ma_pip_install=true -CD
If all is right install the package
shell> ansible-playbook ansible.yml -t ma_pip -e ma_debug=true -e ma_pip_install=true
See also
Annotated Source code pip.yml
Warning
Conclusions. The pip module isn’t always idempotent #28952 Quoting: “Managing system site-packages with Pip is not a good idea and will probably break your OS. Those should be solely managed by the OS package manager (apt/yum/dnf/etc.). If you want to manage env for some software in Python, better use a virtualenv technology.”
Install PyPI package in Python virtual environment
Dry run the installation and see what will be installed
shell> ansible-playbook ansible.yml -t ma_venv -e ma_debug=true -e ma_venv_install=true -CD
If all is right install the package
shell> ansible-playbook ansible.yml -t ma_venv -e ma_debug=true -e ma_venv_install=true
See also
Annotated Source code venv.yml
Configure Ansible
Synopsis
Configure Ansible <WIP>.
See also
Annotated Source code config.yml
Install Ansible plugins
Synopsis
Install Ansible plugins.
See also
Annotated Source code plugins.yml
Examples
Ansible devel
Synopsis
Ansible development <WIP>.
See also
Annotated Source code devel.yml
Examples
Variables
The default variables are stored in the directory defaults. OS specific variables are stored in the directory vars/defaults.
See also
Annotated Source code vars.yml
Default variables
<TBD>
1---
2# default vars for ansible
3ma_role_version: 2.6.23
4
5ma_pkg_install: false
6ma_pip_install: false
7ma_venv_install: false
8
9ma_packages_state: present
10# ma_packages see vars/defaults
11ma_pip_packages_state: present
12ma_pip_packages:
13 - name: ansible
14 state: "{{ ma_pip_packages_state }}"
15
16ma_debug: false
17ma_backup_conf: false
18
19ma_supported_linux_family: [RedHat, Debian]
20ma_pip_extraagrs: --user --upgrade
21
22# Sanity
23ma_sanity: true
24# Test ma_pip_install, ma_venv_install, and ma_pkg_install are mutually exclusive
25ma_sanity_pip_exclusive: true
26# Test ma_owner is defined
27ma_sanity_pip_owner_defined: "{{ ma_pip_install }}"
28# Test ma_pip_executable exists
29ma_sanity_pip_exists: "{{ ma_pip_install }}"
30
31# FreeBSD
32freebsd_install_retries: 3
33freebsd_install_delay: 10
34freebsd_install_method: packages
35# freebsd_install_method: ports
36freebsd_use_packages: true
37
38# Linux
39linux_install_retries: 3
40linux_install_delay: 10
41
42# pip
43pip_install_retries: 3
44pip_install_delay: 10
45
46# venv
47ma_virtualenv: $HOME/env
48
49# Config
50ma_config: []
51# ma_config_type options: template, lineinfile, ini_file
52# See tasks/configure.yml
53ma_config_type: template
54ma_config_template_default: ansible-auto.cfg.j2
55ma_src_path: /usr/local/ansible/src
56
57# ARA
58ma_ara: false
59
60# Plugins
61ma_plugins_paths_list: []
62ma_plugins_path: /usr/local/ansible/plugins
63ma_plugins: []
64ma_plugins_sections:
65 action_plugins: defaults
66 cache_plugins: defaults
67 callback_plugins: defaults
68 connection_plugins: defaults
69 filter_plugins: defaults
70 httpapi_plugins: defaults
71 inventory_plugins: defaults
72 lookup_plugins: defaults
73 netconf_plugins: defaults
74 strategy_plugins: defaults
75 terminal_plugins: defaults
76 test_plugins: defaults
77 vars_plugins: defaults
78
79# Devel
80ma_devel: false
81ma_devel_owner: root
82ma_repo: false
83ma_repo_version: devel
84ma_repo_url: https://github.com/ansible/ansible
85ma_repo_dir: /scratch/ansible-git
86ma_rnotes: false
87ma_rnotes_core_url: https://raw.githubusercontent.com/ansible/ansible/stable-
88ma_rnotes_core_dir: /scratch/ansible-release-notes/core
89ma_rnotes_core_list: ["2.15", "2.16", "2.17"]
90ma_rnotes_build_url: https://raw.githubusercontent.com/ansible-community/ansible-build-data/main/
91ma_rnotes_build_dir: /scratch/ansible-release-notes/build
92ma_rnotes_build_list: ["7", "8", "9"]
OS variables
<TBD>
Debian
1---
2# Debian vars/defaults for ansible
3
4ma_packages:
5 - name: ansible
6 state: "{{ ma_packages_state }}"
7
8ma_virtualenv_command: python3 -m venv
9ma_virtualenv_packages:
10 - name: python3-venv
11 state: "{{ ma_packages_state }}"
12 - name: python{{ ansible_python_version | splitext | first }}-venv
13 state: "{{ ma_packages_state }}"
14
15ma_pip_executable: /usr/bin/pip3
16
17# Path to a pip requirements file local to the remote system
18ma_pip_requirements: ""
19
20# EOF
FreeBSD
1---
2# FreeBSD vars/defaults for ansible
3
4ma_packages:
5 - name: sysutils/ansible
6 state: "{{ ma_packages_state }}"
7 - name: sysutils/py-ansible-lint
8 state: "{{ ma_packages_state }}"
9# - name: devel/py-epdb
10# state: "{{ ma_packages_state }}"
11
12ma_virtualenv_command: python3 -m venv
13ma_virtualenv_packages: []
14ma_pip_executable: /usr/local/bin/pip-{{ ansible_python_version | splitext | first }}
15
16# Path to a pip requirements file local to the remote system
17ma_pip_requirements: ""
18
19# EOF
RedHat
1---
2# RedHat vars for ansible
3
4ma_packages:
5 - name: python-ansible
6 state: "{{ ma_packages_state }}"
7
8ma_virtualenv_command: python3 -m venv
9ma_virtualenv_packages:
10 - name: python3-venv
11 state: "{{ ma_packages_state }}"
12
13ma_pip_executable: /usr/bin/pip3
14
15# Path to a pip requirements file local to the remote system
16ma_pip_requirements: ""
17
18# EOF
Ubuntu
1---
2# Ubuntu vars/defaults for ansible
3
4ma_packages:
5 - name: ansible
6 state: "{{ ma_packages_state }}"
7
8ma_virtualenv_command: python3 -m venv
9ma_virtualenv_packages:
10 - name: python3-venv
11 state: "{{ ma_packages_state }}"
12 - name: python{{ ansible_python_version | splitext | first }}-venv
13 state: "{{ ma_packages_state }}"
14
15ma_pip_executable: /usr/bin/pip3
16
17# Path to a pip requirements file local to the remote system
18ma_pip_requirements: ""
19
20# EOF
Best practice
Test the syntax
shell> ansible-playbook ansible.yml --syntax-check
Display and review the variables. Then disable debug
ma_debug=false
to speedup the playbook
shell> ansible-playbook ansible.yml -t ma_debug -e ma_debug=true
Dry-run the playbook in the check mode and display changes
shell> ansible-playbook ansible.yml --check --diff
Install OS packages ma_pkg_install=true
or PyPI packages
ma_pip_install=true
. Optionally, install the packages in Python
virtual environment ma_venv_install=true
. Then disable the
installation to speedup the playbook
shell> ansible-playbook ansible.yml -t ma_pkg -e ma_pkg_install=true
Create directories. The following check would fail without the directories
shell> ansible-playbook ansible.yml -t ma_plugins_dirs,ma_src_path
If you want to download the repository and the release notes create also these directories
shell> ansible-playbook ansible.yml -t ma_repo_path,ma_rnotes_path
If all seems to be right run the playbook. The role and the configuration data in the examples are idempotent. After the installation and configuration completed there should be no changes reported by ansible-playbook when running the playbook repeatedly
shell> ansible-playbook ansible.yml