sandeepk

Ansible's roles allow grouping the content, which can be reused and easily share with other users. The role consists of vars, files, tasks, and other artifacts in a standard directory structure which have these subdirectories.

  • Tasks
  • Handlers
  • Library
  • Default
  • Vars
  • Files
  • Templates
  • Meta

We can use roles in the playbook or task with the help of Include and Import. To know more about Import/Include, you can check here

  • At Playbook level with the roles
  • At task level with include_roles
  • At task level with import_roles

Playbook Roles at playbook level are imported statically and executes the playbook in this order

  • Pre tasks
  • Roles listed in the playbook
  • Tasks define in the playbook and any handler triggered by the tasks
  • Post tasks define after the role
---
- hosts: webservers
  roles:
    - aws

Task with Include

---
- hosts: all
  tasks:
    - name: Use a dynamic roles
       include_roles:
           name: role_name  

Task with Import

---
- hosts: all
  tasks:
    - name: Use a static roles
       import_role:
           name: role_name  

Passing parameter to the roles

---
- hosts: all
  roles:
    - { role: aws, message: "ec2" }
    - { role: aws, message: "s3" }

Conditionally adding roles

---
- hosts: all
  tasks:
    - name: Include the some_role role
      include_role:
        name: some_role
      when: "ansible_facts['os_family'] == 'Ubuntu'"

Ansible's roles are really helpful to group the similar content and use in the different playbook and give the feasibility to the user to share with other which saves a lot of work. It's worth using them and shares your roles in the community to help others.

Cheers!

#100DaysToOffload #Ansible

In Ansible playbooks are a collection of different tasks. It's a good idea to break the tasks into the different files, which make it easier to include/import these task in different playbooks. Now the question is when to use include or import and how these two are different from each other?

Ansible provides four distributed – Variables – Task – Playbook – Role

Include

Including variables, tasks, or role adds them into the playbook dynamically. This means when Ansible processes these files as they come up they are included in the current playbook as its variable, task, or role. So, these can be affected by the previous tasks.

Playbook's can not be used with the include

Import

Importing task, playbook, or role add them into playbook statically. Ansible pre-processes these files before it runs any task in the playbook, which means these are not affected by other tasks.

Tip: Import variables if you want to use these more than once in the playbook.

Import and Include differ with the way Ansible loads these files into the playbook. So, it is good to use the one which best fits your use case.

Cheers!

#100DaysToOffload #Ansible

Ansible stops executing on the host whenever it receives a non-zero return code from a command. We can handle these situations with the helps of settings and tools to behave as it we want.

Ignoring Errors Ansible stops executing commands on the host when it receives non-zero code, but we can ignore these errors and run the rest of the tasks as it is.

- name: I will cause an error
  ...configs
  ignore_errors: yes

Failed when Ansible let you define the condition when you want explicitly fail when a certain condition is true.

- name: Fail task under certain condition true
  command: ls/tmp/dir_not_exist
  register: result
  failed_when: result.rc == 0

Aborting on first error anyerrorsfatal finishes the fatal task on all hosts in the current batch, then stops executing on all hosts.

- hosts: somehosts
  any_errors_fatal: true
  tasks:
    - block:
         - include_tasks: sometask.yml

Handling errors with blocks Ansible let you control errors in a block with rescue and always section. In rescue, we can define tasks which we want to run when an earlier task in a block fails. You can also think of rescue as except and always as finally in other languages to handle errors.

task:
- name: tasks to be run
  block:
     - name: task 1
       // code
     - name: task 2
       // code
     - name: task 3
       // code
rescue:
     - name: Run when one of the above task fails
       // code
always:
     - name: Always run 
       // code

Ansible provide ignore, rescue, always, failed_when to easily handle the behavior of playbook when we face any errors. We can use these commands/settings to gracefully record errors and take specific action.

Cheers!

#100DaysToOffload #Ansible

Ansible's tags are helpful to run a specific part of the playbook, rather running the whole playbook. Using tags, you can run or skip the tasks.

Tags can be added to one task or multiple tasks or role, block etc. Let see how to do that

Adding tags to a task

  tasks:
  - name: Assign the var
    apt:
      name: apache2
      state: latest
    tags:
      - vars
  - name: Enable and run httpd
    apt:
      name: httpd
      state: started
      enabled: 'yes'
    tags:
      - httpd
      - vars

Adding tags to role

roles:
  - role: config
    vars:
      port: 8003
    tags: [ web, flask ]

Adding tags to block All the tasks in the block will share the same tag's

tasks:
- name: git tasks
  tags: git
  block:
  - name: install apache
    apt:
      name: git
      state: latest

Special tags Ansible have two special tags, never and always. If you add always tag to task, play, Ansible will always run the task or play, unless explicitly asked to skip with the help of (—skip-tags always)

On the other hand, never tag if assign to a task or play, Ansible will skip that task or play unless you explicitly asked it (—tags never).

Running the Playbook with tags

  • will run tasks with tag git : ansible-playbook example.yml --tags "git"

  • will not run tasks with tag git : ansible-playbook example.yml --skip-tags "git"

  • list all the tags : ansible-playbook example.yml --list-tags

  • run all tasks, ignore tags (default behavior): --tags all

  • run only tasks with either the tag tag1 or the tag tag2: --tags [tag1, tag2]

  • run all tasks, except those with either the tag tag3 or the tag tag4: --skip-tags [tag3, tag4]

  • run only tasks with at least one tag: --tags tagged

  • run only tasks with no tags: --tags untagged

That's all about the Ansible tags. Now go and tag your tasks :).

Cheers!

#100DaysToOffload #Ansible

While running your Ansible playbook, we can have the option of passing the argument from the command line. With the help of this, we define a generic playbook and use command line arguments to control the play. Let see how

Let's first start with the playbook, where we have defined the variable x is the playbook.

---
- hosts: all
  vars:
    x: 45
  tasks:
    - debug: var=x

In this playbook, we will pass the value of x from the command line arguments with the help -e “value”.

---
- hosts: all
  tasks:
    - debug: var=x
>> ansible-playbook playbook_nmae.yml -e "x=56"

Now let's write a playbook which can uninstall/install a package with the help of command line arguments.

---
- name: Install/Unistall pacakges with command line
  hosts: all
  became: 'yes'
  tasks:
    - name: 'working with {{pkg}}'
      apt:
        name: '{{pkg}}'
        state: '{{req_state}}'

Now, from the command line, we can pass the package name and state of the package.

>>ansible-playbook playbook_name.yml -e  "pkg=nginx req_state=present"

>>ansible-playbook playbook_name.yml -e  "pkg=nginx req_state=absent"

Cheers!

#100DaysToOffload #Ansible

Inventory(Hosts) file contains the information of the Ansible nodes. We can group based on our use case like web servers, DB servers and uses these groups to execute commands on them. But you have to create a group in the inventory file, let see how to do that.

[webserver]
IP_ADDRESS_1
IP_ADDRESS_2
IP_ADDRESS_3

[webserverduck]
IP_ADDRESS_1

[dbserver]
IP_ADDRESS_1
IP_ADDRESS_2
IP_ADDRESS_3

[clientduck:children]
dbserver
webserverduck

You can even assign variable nodes or group wise in inventory file

[webserverduck:vars]
ansible_connection=ssh
ansible_user=myotheruser
gather_fact=no


[dbserver]
IP_ADDRESS_1 ansible_user=myuser
IP_ADDRESS_2
IP_ADDRESS_3

Cheers!

#100DaysToOffload #Ansible #dgplug

Ansible Architecture

What is Ansible Ansible is a simple IT automation tool that make application and system easier to deploy and maintain. With the help of Ansible, you can automate task like network configuration, code deployment and cloud management. Ansible is an agent less system, which means that you don't need to install any software on the client system.

Inventory Inventory file is the one which contains the lists of the host servers on which Ansible works, it can be the IP Addresses, Domain name ...

Hosts It contains the IP addresses or Fully qualified domain name of the node servers which you want to configure.

Ansible.cfg This file contains the configuration for the Ansible, like the path of the Inventory file and values for the default variable in the Ansible

Ansible Nodes Ansible's nodes are the client system on which we want to execute, deploy or maintain the code(servers on which we want to work).

Ansible Engine Ansible engine/master/controller from which we manage all the server nodes.

Cheers!

#100DaysToOffload #Ansible #dgplug

Able to sneak out sometime today to watch this talk by Brain Chesky. Overall the talk is good worth spending your time on.

Brian Chesky on Launching Airbnb and the Challenges of Scale

My Notes

  • Find > What inside you have that no one else have
  • If you are not passionate about the thing you are doing, you will quit when the hard days come or thing go south
  • First best thing is to watch these all talks, but the second-best thing you can do is go out and build things by yourself.
  • Never wait to learn things before starting, just start and you will learn during the process.

Cheers!

#100DaysToOffload

I came to see this warning a few days back when I was seeing the git diff of a file in reaction to this I open the file and hit enter at the last line to my surprise the warning remains still the same.

What is a new line? The new line is usually \n, aka (CR or CRLF) at the end of the file. It's helpful to identify the last byte of the file.

Why it is good to have a new line at the end of the file?

Quoting from here

A source file that is not empty shall end in a new-line character, which shall not be immediately preceded by a backslash character. Since this is a “shall” clause, we must emit a diagnostic message for a violation of this rule.

So, it turns out that, according to POSIX, every text file should end with a \n, or “newline” (not “a new line”) character. This acts as the eol, or the “end of line” character. It is a line “terminator”.

It's helpful to identify the end of file.

How to automatically add one with your favorite editor?

In your favorite editor, you can add newline automatically like this.

  • Emacs : Add (setq require-final-newline t) to your .emacs or .emacs.d/init.el file.
  • VS Code: set “files.insertFinalNewline”: true

#100DaysToOffload #POSIX #Git #NoNewLine

It is an abstract machine that can be in exactly one of a finite number of states at any given time. A state machine is just a specification of how to handle events. It consists of a set of states, one of which is the current state. For each state, we list the events that are significant to that state. For each of those events, we define the new current state of the system.

Let see with an example

Devops:
Stable (DB down) --> Critical (DB up) --> Stable (N/w down) --> Warning (N/w up) --> Stable

FSM

Here we have defined the states Stable, Critical, Warning and events DB down, DB up, and N/W down. In this case, we have a stable state so whenever our database goes down or the network goes down the state changes to critical/warning. We can link some logic with these states to perform any action for transition.

This logic can help in designing a good program around a problem statement that will have less coupled code and easy to maintain. Cheers!

#100DaysToOffload