Ansible useful tips for Config Management

Published in

DevOps Process and Tools

3 min readMar 10, 2017

We will provide brief commands/tips in maintaining the configurations and deployments and to achieve automation for every common scenario using ansible.

1. To start/stop/restart a service- you can use handlers and call handlers in the tasks.

example: to start and stop tomcat

vim /handlers/main.yml--- 
 - name: restart tomcat  
   service: name=tomcat state=restarted

then you have to call the handler in your tasks.

vim /tasks/main.yml- name: change the permission of tomcatfolder to 755 and restart  file: path=/opt/tomcat state=directory mode=755      owner=root group=root recurse=yes  notify: restart tomcat

2. To create a directory, change the ownership and mode and recursive

file: path=/opt/tomcat state=directory mode=755      owner=root group=root recurse=yes

3. To create a file , change the ownership and mode

file: path=/opt/tomcat.txt  state=file mode=755      owner=root group=root

4. To move the file from one location to other location with in the host.

Example: you are copying the /tmp/patch004 directory to /opt/patches directory.

- name: copy patch folder
  command: mv /tmp/patch0004 /opt/patches

5. To unzip the zipped file. Mostly useful for packaged softwares/directories.

Example: unzip the test.zip file to destined folder /opt

- name: unzip testing.zip file to /opt 
  unarchive: src=/tmp/testing.zip dest=/opt remote_src=yes

6. Change the entries by adding a new line before and after existing lines or modify the particular line in a config file.

we use lineinfile module to make different kind of below changes.

a. Insert multiple lines after a line in a file.

Example: add two lines after the line “<Url>https://localhost:9443</Url> “ and use with_items ansible module to repeat in a loop.

fyi: {{ansible_default_ipv4.address}}- is a default ansible variable which provides the ipaddress of the host.

{{inventory_hostname}}- is ansible default fact variable which provides the hostname of the host.

- name: insert ipadress and hostname 
 lineinfile:
 dest: /opt/tes/testing.xml
 insertafter: ‘<Url>https://localhost:9443</Url>'
 line: “{{item}}”
 with_items:
 — “<Url>https://{{ansible_default_ipv4.address}}:9443</Url>"
 — “ <Url>https://{{inventory_hostname}}:9443</Url>"

b. Insert a line before a particular line. “insertbefore” key is used in this.

- name: insert valve in catalina-server.xml
 lineinfile:
   dest: /opt/wso2esb/active/repository/conf/tomcat/catalina-   server.xml
   insertbefore: ‘<Valve className=”org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve” threshold=”600"/>’
    line: ‘<Valve className=”org.wso2.carbon.ui.valve.CSRFValve”/>’

c. Modify the lines that starts with entries mentioned in regex and change it to the the line mentioned in the ‘line:’ tag.

- name: change the lines starts with '<context prvileged="true" ' to as the line below. 
 lineinfile:
 dest: /opt/wso2esb/active/repository/conf/tomcat/carbon/META-INF/context.xml
 regexp: ‘^<Context privileged=”true”’
 line: ‘<Context privileged=”true” allowLinking=”true” useRelativeRedirects=”false”>’

7. Either to add,delete some new words in to the line using replace method.

Example:Requirement: we will add a {{domain_name}} to the search line in resolv.conf.

Implementation: we write the regex to first look if the line starts with search (^search)and then we look if the line has the {{domain-name}}, if we finds it ignore replacement module , if not it will add the {{domain_name}} at the end of line uisng the replace module.

vars/main.yml file

domain_name = dev.example.com

and in the /tasks/main.yml file add the below task

- name: Add new domain name
  replace:
    backup: yes
    dest: /etc/resolv.conf
    regexp: '^(search(?!.*\b{{ domain_name }}\b).*)$'
    replace: '\1 {{ domain_name }}'

8. Add a entire block of configuration to a file.Use ‘blockinfile:’ method

below example , will add the configuration inside the ‘block:’ tag to the destination file /home/pstg/.bashrc

- name: Adding content to bashrc file 
  blockinfile: 
   dest: /home/pstg/.bashrc
   block: |
   PATH=$PATH:$HOME/bin:/usr/local/pgsql/bin
   export PATH
   if [ -s /home/pstg/pgprofile ];then   
    . /home/pstgp/pgprofile   
   fi 
   set -o vi

9. Conditional checks — one/more tasks depends on another task/s

Below example- First task will look for the stats of /opt/patches/patch043 directory using stat module and stores its value in patch043 variable with register module and in the next task we use when method to check if it exists or not and if it exists this task will be skipped.

- name: checking the patch043 directory and storing in patch043
  stat: path=/opt/patches/patch043
  register: patch043- name: unarcheive the zip file, if patch043 doesnt exists, if it   exists this tasks will be skipped.
  unarchive: src=/home/patches/WSO2-4.4.0–0049.zip dest=/tmp
  when: patch043.stat.exists == false

10. download the package(get_url) from a central server and download for once only.

- name: Download ZooKeeper from Artifactory
 local_action: get_url
 url=http://arifactoryhost:port/artifactory/package_files/zookeeper-3.4.1.tar.gz dest=/var/tmp/zookeeper-3.4.1.tar.gz
 run_once: true
 become: false

11. Iptables to add and append using module

- name: Remove ZooKeeper outbound port 3888 to iptables
  iptables: chain=OUTPUT protocol=tcp source_port=2888   ctstate=ESTABLISHED jump=ACCEPT state=absent- name: Remove ZooKeeper inbound port 2888 to iptables
  iptables: chain=INPUT protocol=tcp destination_port=2888 ctstate=NEW,ESTABLISHED jump=ACCEPT state=absent

12. Environmental variables to pass externally from ansible

- name: Running a smoke test
 shell: /usr/erlang/otp_src_19.1/bin/erl -s /usr/erlang/otp_src_19.1/release/tests/test_server/ts install -s /usr/erlang/otp_src_19.1/release/tests/test_server/ts smoke_test batch -s init stop
 environment:
 ERL_TOP: /usr/erlang/otp_src_19.1
 PATH: /usr/erlang/otp_src_19.1/bin:$PATH
 ignore_errors: yes