Ansible Playbooks
Below are some Ansible playbooks to demostrate some of the features of Ansible, these are to refresh your Ansible knowledge from time to time, don't forget to also checkout the Ansible documentation for latest modules and options. I describe all of the below in my main Ansible cheatsheet.
You can use Ansible Galaxy to create the roles structure, the whole structure may look like something below
| site.yml | ---
- hosts: all
become: true
gather_facts: false
tasks:
- name: update apt cache
apt: update_cache=yes cache_valid_time=86400
tags: [ 'packages' ]
- include: control.yml
- include: database.yml
- include: webserver.yml
- include: loadbalancer.yml |
| webserver.yml | ---
- hosts: webserver
become: true
gather_facts: false
roles:
- apache2
- demo_app |
| database.yml | ---
- hosts: database
become: true
roles:
- role: mysql
db_user_name: "{{ db_user }}"
db_user_pass: "{{ db_pass }}"
db_user_host: '%' |
| group_vars/all | ---
db_name: demo
db_user: demo
db_pass: "{{ vault_db_pass }}" |
| stack_status.yml | ---
- hosts: webserver
become: true
gather_facts: false
tasks:
- name: verify apache2 service
command: service apache2 status
changed_when: false
- name: verify apache2 is listening on 80
wait_for: port=80 timeout=1
- hosts: database
become: true
tasks:
- name: verify mysql service
command: service mysql status
changed_when: false
- name: verify mysql is listening on 3306
wait_for: host={{ ansible_eth0.ipv4.address }} port=3306 timeout=1
- hosts: control
gather_facts: false
tasks:
- name: verify end-to-end index response
uri: url=http://{{item}} return_content=yes
with_items: groups.loadbalancer
register: lb_index
- fail: msg="index failed to return content"
when: "'Hello, from sunny' not in item.content"
with_items: "{{lb_index.results}}"
- name: verify end-to-end db response
uri: url=http://{{item}}/db return_content=yes
with_items: groups.loadbalancer
register: lb_db
- fail: msg="db failed to return content"
when: "'Database Connected from' not in item.content"
with_items: "{{lb_db.results}}"
|
| stack_restart.yml | ---
# Bring stack down
- hosts: webserver
become: true
gather_facts: false
tasks:
- service: name=apache2 state=stopped
- wait_for: port=80 state=stopped
# Restart mysql
- hosts: database
become: true
tasks:
- service: name=mysql state=restarted
- wait_for: host={{ ansible_eth0.ipv4.address }} port=3306 state=started
# Bring stack up
- hosts: webserver
become: true
gather_facts: false
tasks:
- service: name=apache2 state=started
- wait_for: port=80
|
| role/mysql/defaults/main.yml | --- db_name: myapp db_user_name: dbuser db_user_pass: dbpass db_user_host: localhost |
| role/mysql/handlers/main.yml | --- - name: restart mysql service: name=mysql state=restarted |
| role/mysql/tasks/main.yml | ---
- name: install tools
apt: name={{item}} state=present
with_items:
- python-mysqldb
tags: [ 'packages' ]
- name: install mysql-server
apt: name=mysql-server state=present
tags: [ 'packages' ]
- name: ensure mysql listening on all ports
lineinfile: dest=/etc/mysql/my.cnf regexp=^bind-address
line="bind-address = {{ ansible_eth0.ipv4.address }}"
notify: restart mysql
tags: [ 'configure' ]
- name: ensure mysql started
service: name=mysql state=started enabled=yes
tags: [ 'service' ]
- name: create database
mysql_db: name={{ db_name }} state=present
tags: [ 'configure' ]
- name: create user
mysql_user: name={{ db_user_name }} password={{ db_user_pass }} priv={{ db_name }}.*:ALL
host='{{ db_user_host }}' state=present
tags: [ 'configure' ] |