Skip to content

Instantly share code, notes, and snippets.

@zaki-lknr

zaki-lknr/00_Ansible.md

Last active August 3, 2021 06:18
Show Gist options
  • Save zaki-lknr/64a89cfd0f43d0707c63c4fc7b251e06 to your computer and use it in GitHub Desktop.
Save zaki-lknr/64a89cfd0f43d0707c63c4fc7b251e06 to your computer and use it in GitHub Desktop.
Download ZIP
Ansible memo
Raw
00_Ansible.md

Ansibleに関するメモ書き

Raw
ansible-runner.md

雑に動かす

docker-compose

version: '3'
services:
  runner:
    image: ansible/ansible-runner
    volumes:
    - ./ansible_practice:/ansible_practice
    command: tail -f /dev/null
    networks:
      network_automation:
        ipv4_address: 10.0.0.4

一応これで動く。(ネットワーク指定は無くていい)

Raw
collection.md

コレクションのインストール先

ansible-galaxy collection install

(2.10-base) [zaki@cloud-dev ansible]$ ansible-galaxy collection install netbox.netbox
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Installing 'netbox.netbox:1.1.0' to '/home/zaki/.ansible/collections/ansible_collections/netbox/netbox'
Downloading https://galaxy.ansible.com/download/netbox-netbox-1.1.0.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
netbox.netbox (1.1.0) was installed successfully
Installing 'ansible.netcommon:1.3.0' to '/home/zaki/.ansible/collections/ansible_collections/ansible/netcommon'
Downloading https://galaxy.ansible.com/download/ansible-netcommon-1.3.0.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
ansible.netcommon (1.3.0) was installed successfully
Installing 'community.general:1.2.0' to '/home/zaki/.ansible/collections/ansible_collections/community/general'
Downloading https://galaxy.ansible.com/download/community-general-1.2.0.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
community.general (1.2.0) was installed successfully
Installing 'google.cloud:1.0.1' to '/home/zaki/.ansible/collections/ansible_collections/google/cloud'
Downloading https://galaxy.ansible.com/download/google-cloud-1.0.1.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
google.cloud (1.0.1) was installed successfully
Installing 'ansible.posix:1.1.1' to '/home/zaki/.ansible/collections/ansible_collections/ansible/posix'
Downloading https://galaxy.ansible.com/download/ansible-posix-1.1.1.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
ansible.posix (1.1.1) was installed successfully
Installing 'community.kubernetes:1.1.1' to '/home/zaki/.ansible/collections/ansible_collections/community/kubernetes'
Downloading https://galaxy.ansible.com/download/community-kubernetes-1.1.1.tar.gz to /home/zaki/.ansible/tmp/ansible-local-107495y37u1rdg/tmpcn9a_eq0
community.kubernetes (1.1.1) was installed successfully
(2.10-base) [zaki@cloud-dev ansible]$

この通り、デフォルトは$HOME/.ansible/collections/ansible_collections/以下。
依存するコレクションも一緒にインストールされる。

before

(2.10-base) [zaki@cloud-dev ~]$ ansible-galaxy collection list
[WARNING]: - the configured path /home/zaki/.ansible/collections does not exist.
usage: ansible-galaxy [-h] [--version] [-v] TYPE ...

Perform various Role and Collection related operations.

positional arguments:
  TYPE
    collection   Manage an Ansible Galaxy collection.
    role         Manage an Ansible Galaxy role.

optional arguments:
  --version      show program's version number, config file location,
                 configured module search path, module location, executable
                 location and exit
  -h, --help     show this help message and exit
  -v, --verbose  verbose mode (-vvv for more, -vvvv to enable connection
                 debugging)
ERROR! - None of the provided paths were usable. Please specify a valid path with --collections-path

after

(2.10-base) [zaki@cloud-dev ansible]$ ansible-galaxy collection list

# /home/zaki/.ansible/collections/ansible_collections
Collection           Version
-------------------- -------
ansible.netcommon    1.3.0
ansible.posix        1.1.1
community.general    1.2.0
community.kubernetes 1.1.1
google.cloud         1.0.1
netbox.netbox        1.1.0

あ、これ、kubernetesも入るんだ。へー

コレクションのバージョン指定インストール

$ ansible-galaxy collection install ansible.netcommon:1.4.1

Installing an older version of a collection

requirements.ymlを使ったインストール

collections:
- name: netbox.netbox
  version: 1.2.1

みたいなファイルを用意しておき、以下を実行。

$ ansible-galaxy collection install -r requirements.yml

https://docs.ansible.com/ansible/latest/user_guide/collections_using.html#install-multiple-collections-with-a-requirements-file

Raw
install ansible-2.10とモジュール数.md

pip install ansible

(2.10) [zaki@cloud-dev modules]$ ansible-doc -l 2>/dev/null | wc -l
4402

pip install ansible-base

$ ansible-doc -l | wc -l
68

ansible/lib/ansible/modulesのモジュール数と同じ…じゃない

(2.10-base) [zaki@cloud-dev modules]$ ls [a-z]* | wc -l
69

--- ansible-doc.list    2020-09-25 15:53:33.943092041 +0900
+++ module-ls.list      2020-09-25 15:55:20.049947941 +0900
@@ -5,6 +5,7 @@
 assemble
 assert
 async_status
+async_wrapper
 blockinfile
 command
 copy

なんやこいつ!

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/index.html#plugins-in-ansible-builtinを見る限り、モジュールではなさそう。

Raw
install.md

pipを使ったインストール

install

$ pip install ansible

その時の最新がインストールされる。

upgrade

(a2.10) [zaki@cloud-dev ansible-sample (master)]$ ansible --version
ansible 2.10.5
  config file = /home/zaki/.ansible.cfg
  configured module search path = ['/home/zaki/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/zaki/src/ansible-sample/venv/a2.10/lib64/python3.6/site-packages/ansible
  executable location = /home/zaki/src/ansible-sample/venv/a2.10/bin/ansible
  python version = 3.6.8 (default, Nov 16 2020, 16:55:22) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
(a2.10) [zaki@cloud-dev ansible-sample (master)]$ pip list -o | grep ansible
ansible            2.10.6  3.2.0  sdist
ansible-base       2.10.5  2.10.7 sdist
ansible-lint       4.3.7   5.0.6  wheel

この状態で以下にアップグレードする

  • ansible 2.10.7
  • ansible-base 2.10.7
$ pip install -U ansible==2.10.7 ansible-base==2.10.7

(a2.10) [zaki@cloud-dev ansible-sample (master)]$ pip install -U ansible==2.10.7 ansible-base==2.10.7
Collecting ansible==2.10.7
  Downloading ansible-2.10.7.tar.gz (29.9 MB)
     |████████████████████████████████| 29.9 MB 17.2 MB/s 
Collecting ansible-base==2.10.7
  Using cached ansible-base-2.10.7.tar.gz (5.7 MB)
Requirement already satisfied: jinja2 in ./venv/a2.10/lib/python3.6/site-packages (from ansible-base==2.10.7) (2.11.2)
Requirement already satisfied: PyYAML in ./venv/a2.10/lib/python3.6/site-packages (from ansible-base==2.10.7) (5.3.1)
Requirement already satisfied: cryptography in ./venv/a2.10/lib/python3.6/site-packages (from ansible-base==2.10.7) (3.2.1)
Requirement already satisfied: packaging in ./venv/a2.10/lib/python3.6/site-packages (from ansible-base==2.10.7) (20.4)
Requirement already satisfied: cffi!=1.11.3,>=1.8 in ./venv/a2.10/lib/python3.6/site-packages (from cryptography->ansible-base==2.10.7) (1.14.3)
Requirement already satisfied: six>=1.4.1 in ./venv/a2.10/lib/python3.6/site-packages (from cryptography->ansible-base==2.10.7) (1.15.0)
Requirement already satisfied: pycparser in ./venv/a2.10/lib/python3.6/site-packages (from cffi!=1.11.3,>=1.8->cryptography->ansible-base==2.10.7) (2.20)
Requirement already satisfied: MarkupSafe>=0.23 in ./venv/a2.10/lib/python3.6/site-packages (from jinja2->ansible-base==2.10.7) (1.1.1)
Requirement already satisfied: pyparsing>=2.0.2 in ./venv/a2.10/lib/python3.6/site-packages (from packaging->ansible-base==2.10.7) (2.4.7)
Using legacy 'setup.py install' for ansible, since package 'wheel' is not installed.
Using legacy 'setup.py install' for ansible-base, since package 'wheel' is not installed.
Installing collected packages: ansible-base, ansible
  Attempting uninstall: ansible-base
    Found existing installation: ansible-base 2.10.5
    Uninstalling ansible-base-2.10.5:
      Successfully uninstalled ansible-base-2.10.5
    Running setup.py install for ansible-base ... done
  Attempting uninstall: ansible
    Found existing installation: ansible 2.10.6
    Uninstalling ansible-2.10.6:
      Successfully uninstalled ansible-2.10.6
    Running setup.py install for ansible ... done
Successfully installed ansible-2.10.7 ansible-base-2.10.7
(a2.10) [zaki@cloud-dev ansible-sample (master)]$ 
(a2.10) [zaki@cloud-dev ansible-sample (master)]$ ansible --version
ansible 2.10.7
  config file = /home/zaki/.ansible.cfg
  configured module search path = ['/home/zaki/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/zaki/src/ansible-sample/venv/a2.10/lib64/python3.6/site-packages/ansible
  executable location = /home/zaki/src/ansible-sample/venv/a2.10/bin/ansible
  python version = 3.6.8 (default, Nov 16 2020, 16:55:22) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]

バージョン指定install

$ pip install ansible==2.10.5

(venv) [zaki@cloud-dev tmp]$ ansible --version
ansible 2.10.7
  config file = /home/zaki/.ansible.cfg
  configured module search path = ['/home/zaki/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/zaki/tmp/venv/lib64/python3.6/site-packages/ansible
  executable location = /home/zaki/tmp/venv/bin/ansible
  python version = 3.6.8 (default, Nov 16 2020, 16:55:22) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]

(venv) [zaki@cloud-dev tmp]$ pip list -o
Package    Version Latest Type
---------- ------- ------ -----
ansible    2.10.5  3.2.0  sdist
setuptools 39.2.0  54.2.0 wheel
(venv) [zaki@cloud-dev tmp]$ pip list | grep ansible
ansible      2.10.5
ansible-base 2.10.7

ansible==2.10.5でインストールするとansible-baseは最新になるっぽい。

Raw
sanityテスト.md

モジュール名を指定

(2.10) [zaki@cloud-dev esxissh (main)]$ cd /var/tmp/ansible-test/ansible_collections/zaki_lknr/esxissh/
(2.10) [zaki@cloud-dev esxissh]$ ls
(2.10) [zaki@cloud-dev esxissh]$ cd -
/path/to/collections/ansible_collections/zaki_lknr/esxissh
(2.10) [zaki@cloud-dev esxissh (main)]$ cp -a . /var/tmp/ansible-test/ansible_collections/zaki_lknr/esxissh/
(2.10) [zaki@cloud-dev esxissh (main)]$ cd -
/var/tmp/ansible-test/ansible_collections/zaki_lknr/esxissh
(2.10) [zaki@cloud-dev esxissh (main)]$ ls -a
.  ..  .git  .gitignore  README.md  docs  galaxy.yml  plugins  sample-playbook  tmp  venv  venv.bak
(2.10) [zaki@cloud-dev esxissh (main)]$ ansible-test sanity esxissh_guest_power 
Running sanity test 'action-plugin-docs' with Python 3.6
Running sanity test 'ansible-doc' with Python 3.6
Running sanity test 'changelog' with Python 3.6
WARNING: Skipping sanity test 'compile' on Python 2.6 due to missing interpreter.
Running sanity test 'compile' with Python 2.7
WARNING: Skipping sanity test 'compile' on Python 3.5 due to missing interpreter.
Running sanity test 'compile' with Python 3.6
WARNING: Skipping sanity test 'compile' on Python 3.7 due to missing interpreter.
WARNING: Skipping sanity test 'compile' on Python 3.8 due to missing interpreter.
WARNING: Skipping sanity test 'compile' on Python 3.9 due to missing interpreter.
Running sanity test 'empty-init' with Python 3.6
Running sanity test 'future-import-boilerplate' with Python 3.6
ERROR: Found 1 future-import-boilerplate issue(s) which need to be resolved:
ERROR: plugins/modules/esxissh_guest_power.py:0:0: missing: from __future__ import (absolute_import, division, print_function)
See documentation for help: https://docs.ansible.com/ansible/2.10/dev_guide/testing/sanity/future-import-boilerplate.html
Running sanity test 'ignores'
WARNING: Skipping sanity test 'import' on Python 2.6 due to missing interpreter.
Running sanity test 'import' with Python 2.7
WARNING: Skipping sanity test 'import' on Python 2.7 due to missing virtual environment support.
WARNING: Skipping sanity test 'import' on Python 3.5 due to missing interpreter.
Running sanity test 'import' with Python 3.6
ERROR: Found 1 import issue(s) on python 3.6 which need to be resolved:
ERROR: plugins/modules/esxissh_guest_power.py:122:0: traceback: ImportError: No module named 'paramiko'
See documentation for help: https://docs.ansible.com/ansible/2.10/dev_guide/testing/sanity/import.html
WARNING: Skipping sanity test 'import' on Python 3.7 due to missing interpreter.
WARNING: Skipping sanity test 'import' on Python 3.8 due to missing interpreter.
WARNING: Skipping sanity test 'import' on Python 3.9 due to missing interpreter.
Running sanity test 'line-endings' with Python 3.6
Running sanity test 'metaclass-boilerplate' with Python 3.6
ERROR: Found 1 metaclass-boilerplate issue(s) which need to be resolved:
ERROR: plugins/modules/esxissh_guest_power.py:0:0: missing: __metaclass__ = type
See documentation for help: https://docs.ansible.com/ansible/2.10/dev_guide/testing/sanity/metaclass-boilerplate.html
Running sanity test 'no-assert' with Python 3.6
Running sanity test 'no-basestring' with Python 3.6
Running sanity test 'no-dict-iteritems' with Python 3.6
Running sanity test 'no-dict-iterkeys' with Python 3.6
Running sanity test 'no-dict-itervalues' with Python 3.6
Running sanity test 'no-get-exception' with Python 3.6
Running sanity test 'no-illegal-filenames' with Python 3.6
Running sanity test 'no-main-display' with Python 3.6
Running sanity test 'no-smart-quotes' with Python 3.6
Running sanity test 'no-unicode-literals' with Python 3.6
Running sanity test 'pep8' with Python 3.6
ERROR: Command "/home/zaki/src/esxi-ansible/venv/2.10/bin/python3 -m pycodestyle --max-line-length 160 --config /dev/null --ignore E402,E741,W503,W504 plugins/modules/esxissh_guest_power.py" returned exit status 1.
>>> Standard Error
/home/zaki/src/esxi-ansible/venv/2.10/bin/python3: No module named pycodestyle
(2.10) [zaki@cloud-dev esxissh (main)]$

実行パスはansible_collections/{namespace}/{collection}/以下でなければならない(symlinkじゃダメ)

(2.10) [zaki@cloud-dev esxissh (main)]$ ansible-test sanity esxissh_guest_power --skip-test symlinks
ERROR: The current working directory must be at or below:

 - an Ansible collection: {...}/ansible_collections/{namespace}/{collection}/

Current working directory: /home/zaki/src/esxi-ansible

ただし、モジュール名でなくモジュールファイル名を指定すれば任意のパス?でも行ける。

(2.10) [zaki@cloud-dev esxissh (main)]$ ansible-test sanity plugins/modules/esxissh_guest.py 
Running sanity test 'action-plugin-docs' with Python 3.6
Running sanity test 'ansible-doc' with Python 3.6
Running sanity test 'changelog' with Python 3.6
WARNING: Skipping sanity test 'compile' on Python 2.6 due to missing interpreter.
Running sanity test 'compile' with Python 2.7
:
:
Raw
Tower.md

REST操作

認証

トークンを使うか、URLにアクセス情報を入れる。

$ curl -sk https://admin:password@127.0.0.1/api/v2/

エンドポイント一覧

$ curl -sk https://${USERNAME}:${PASSWORD}@localhost/api/v2/

ジョブテンプレート一覧

$ curl -sk https://${USERNAME}:${PASSWORD}@localhost/api/v2/job_templates/

全部出てない気がする。

ジョブテンプレート詳細

URLにジョブテンプレートのID(webで見たときのURLの最後の数字)をつける

curl -sk https://${USERNAME}:${PASSWORD}@localhost/api/v2/job_templates/49/
  • name: ジョブテンプレート名
  • playbook: 使用playbook名
  • job_tags: 設定されたジョブタグ名

などなど

Raw
トラシュー.md

実行後にAnsiballZファイルを消さない

ANSIBLE_KEEP_REMOTE_FILES=trueをセットして実行する

$ ANSIBLE_KEEP_REMOTE_FILES=true ansible-playbook -i inventory.ini playbook.yml -v ...

これでターゲットノード上のスクリプトファイルが残る。 基本的に消えないので手動で消す必要あり。

ターゲットノードのどこに転送されるかは、-vvvくらいまでverboseレベルを上げておけば実行時に表示される。

Raw
実装関連.md
Raw
設定.md

設定ファイルの優先順位

Configuration settings

  1. ANSIBLE_CONFIG
  2. ./ansible.cfg
  3. ~/.ansible.cfg
  4. /etc/ansible/ansible.cfg

出力をYAML形式

ansible.cfg

[defaults]
stdout_callback = yaml

環境変数

$ export ANSIBLE_STDOUT_CALLBACK=yaml

$ ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook ...

でも可能

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment