Ansible - Loop 12-18-2020
Loop
Install software on a host
- hosts: worker1
tasks:
- package:
name: httpd
state: present
- package:
name: php
Installing two software, say you run it on RHEL systems, you call package two times and also yum command two times.
It comsumes more CPU/Memory time. You waster unwanted CPU/RAM.
How we can resolve this kind of situation?
-> Rather than calling same command multiple times, we call these command one time and pass list of sfotware packages..
software we supply like this order
[ php, httpd, ... bac ]
items
its a list..
for loop..
Lets try an example in python
1. We have list of packages
>>> p = [ "httpd", "php", "xyz"]
2. Print them
>>> p
['httpd', 'php', 'xyz']
3. Loop through it
>>> for i in p:
... print(i)
...
httpd
php
xyz
>>>
You can directly asign values.
>>> for i in [1,2,3, 4]:
... print(i)
...
1
2
3
4
- hosts: worker1
tasks:
- package:
name: "{{ item }}"
state: present
loop:
- "httpd"
- "php"
note: older versions they use items
Define with variable
# cat myloop.yaml
- hosts: worker1
vars:
- x:
- "httpd"
- "php"
tasks:
- package:
name: "{{ item }}"
state: present
loop: ""{{ x }}"
- debug:
var: x
# ap
# cat myloop.yaml
- hosts: worker1
vars:
- x:
- "httpd"
- "php"
tasks:
- debug:
var: x[0]
print the first value
In linux systems,
we create a user and associate this group to multiple users.
groupadd mygroup
# useradd [user1, user2 ...] -g/G mygroup
# cat /etc/passwd, etc/group
How do we do on ansible
google for ansible-doc to create user
ansible-doc user
# cat user.yaml
- hosts: localhost
tasks:
- user: # ansible module to create user ansible-doc user
name: "jack"
password: "password"
state: present
# ap user.yaml
-> Add user to the group
# ansible-doc user
go to groups (secondary group) and see the options
# cat user.yaml
- hosts: localhost
tasks:
- user: # ansible module to create user ansible-doc user
name: "jack"
password: "password"
state: present
groups: "devops"
[root@master day16]# ansible-playbook user.yaml
how do we create multiple group?
# cat user.yaml
- hosts: localhost
vars:
- u1:
- "jack1"
- "redhat"
- "devops"
# u1=[ "jack", "redhat", "devops" ]
0 1 2
we know, but how system knows?
tasks:
- user: # ansible module to create user ansible-doc user
name: "jack"
password: "password"
state: present
groups: "devops"
loop:
---------------------
# cat user.yaml
- hosts: localhost
vars:
- u1:
- "jack1"
- "redhat"
- "devops"
tasks:
- user: # ansible module to create user ansible-doc user
name: "{{ u1[0] }}"
password: "{{ u1[1] }}
state: present
groups: "{{ u1[2] }}"
# loop:
How can we arrange data better.
Arrangement of data structure is not easy.
- hosts: localhost
vars:
- u1:
- "jack1"
- 1234abc
- "redhat"
- "devops"
tasks:
- user: # ansible module to create user ansible-doc user
name: "{{ u1[0] }}"
password: "{{ u1[1] }}
state: present
groups: "{{ u1[2] }}"
loop:
say if you add a value, then it will mess up your passwd.
here your pw is going to be 1234abc rather than redhat.
we are not going to use list any more. Instead of taking index number, we will give the name to it. such as user, password, group..
Instead of precreated 0, 1, 2, 3 .., we will use our own.
- hosts: localhost
vars:
- u1:
- "name": "jack1"
- "gid" 1234
- "password" "redhat"
- "g": "devops"
tasks:
- user:
name: "{{ u1[0] }}"
password: "{{ u1[1] }}
state: present
groups: "{{ u1['g'] }}"
This is called dictionary or HASH..
- hosts: localhost
vars:
- u1:
- "name": "jack1"
# - "gid": 1234
- "password": "redhat"
- "g": "devops"
tasks:
- user:
name: "{{ u1[0] }}"
password: "{{ u1['password'] }}
state: present
groups: "{{ u1['g'] }}"
python dictionary
userdb = ["Ram",1111, "sam",2222, "chris", 3333]
userdb = [ ["Ram",1111], ["sam",2222], ["chris", 3333]]
> userdb
> userdb[1]
> userdb[1][1]
> userdb[0][1]
> userdb[2][1]
to retirve, you need to know the position number
Lets try on ansible
- hosts: localhost
vars:
- u1:
- "name": "jack1"
# - "gid": 1234
- "password": "redhat"
- "g": "devops"
tasks:
- user:
name: "{{ u1[0] }}"
password: "{{ u1['password'] }}
state: present
groups: "{{ u1['g'] }}"
Three information in one variable
- hosts: 127.0.0.1
vars:
- userdb:
- "Sam", 1111
- "Bill", 222
- "Cabob", 333
can be written as
- hosts: 127.0.0.1
vars:
- userdb:
- "Sam"
1111
- "Bill"
222
- "Cabob"
333
or
- hosts: 127.0.0.1
vars:
- userdb:
- name: "Ram"
- phone: 1111
- name: "jack"
# password: redhat
name: "Chris"
phone: 222
tasks:
- debug:
var: userdb
- hosts: 127.0.0.1
vars:
- userdb:
- name: "Ram"
- phone: 1111
- name: "jack"
# password: redhat
name: "Chris"
phone: 222
tasks:
- debug:
var: userdb[1]
loop is a for loop...
for loop is always applies to variable..
pw stored on plain text is not supported.
============================
encript pw
ansible-doc passwd
convert clear text into hash
item.p | password_hash('sha512')
previledge escalation - Tuesday ..
know about sudo ...
you can use loop inside jinga template
jinga can only be use on template file
replace with varaible with vault...
Wednesday, December 23, 2020
Ansible - Ansible - Loop
Subscribe to:
Post Comments (Atom)
Git branch show detached HEAD
Git branch show detached HEAD 1. List your branch $ git branch * (HEAD detached at f219e03) 00 2. Run re-set hard $ git reset --hard 3. ...
-
snmpconfig command allow you to managge snmpv1/v3 agent configuration on SAN switch. Event trap level is mapped with event severity level....
-
Firmware upgrade on HPE SuperDom Flex 280 - prerequisites tasks a. Set up repo b. Upload firmware to your webserver 1. For foundation so...
-
Disabling the Telnet protocol on Brocade SAN switches By default, telnet is enabled on Brocade SAN switches. As part of security hardening o...
No comments:
Post a Comment