What is templates ?
Ansible is used to manage configurations of
multiple servers and environments. But these configuration files can vary for
each cluster or remote server. But apart from a few parameters, all other
settings will be the same.
Creating static files for each of these
configurations is not an efficient solution. It will take a lot of time, and
every time a new cluster is added, then you have to add more files. If there is
an efficient way to manage these dynamic values, it would be beneficial. This
is where Ansible template modules come into play.
A template is a file that contains all your
configuration parameters, but the dynamic values are given as variables in the
Ansible. During the playbook execution, it depends on the conditions such as
which cluster you are using, and the variables will be replaced with the
relevant values. The template files will usually have the .j2 extension,
which denotes the Jinja2 templating engine used.
1. {{
}}
: These double curly braces are the widely used tags in a template file and
they are used for embedding variables and ultimately printing their value
during code execution. For example, a simple syntax using the double curly braces
is as shown: The
{{ webserver }} is
running on {{ nginx-version }}
2. {%
%} :
These are mostly used for control statements such as loops and if-else
statements.
3. {#
#} :
These denote comments that describe a task.
We need to have two parameters when using the
Ansible Template module, such as:
- src: The source
of the template file. It can be a relative and absolute path.
- dest: Dest is the destination path on the remote server.
Template Module Attributes.
Here are some other parameters which can be used
to change some default behavior of the template module:
- Force: If the
destination file already exists, then the Force parameter will decide
whether it should be replaced or not. By default, the value is yes.
- Backup: If you
want a backup file to be created in the destination directory, you should
set the value of the backup parameter to yes. By default, the value is no.
and the backup file will be created every time there is a change in the
destination directory.
- owner – The owner of the file on the
remote hosts.
- group – The group of the file on the
remote hosts.
- mode – The file permission mode on
the remote hosts.
Example 1 :-
We are using the template
module on the example1.j2 file that replaces the default variables with values
given in the playbook.
- hosts: jenkins
vars:
variable1: 'Hello...!!!'
variable2: 'My first playbook using template'
tasks:
- name: Basic Template Example
template:
src: example1.j2
dest: /tmp/output.txt
# vim example1.j2
{{ variable1 }}
No effects on this line
{{ variable2 }}
Check remote server change :-
# ansible jenkins -a "cat /tmp/output.txt"
---
- hosts: jenkins
become: yes
tasks:
- name: install index.html file
template:
src: index.html.j2
dest: /var/www/html/index.html
mode: 0777
<html>
<center>
<h1> The hostname of this webserver is {{ ansible_hostname }}</h1>
<h3> It is running on {{ ansible_os_family }}system </h3>
</center>
</html>
Example
3 :-
- hosts: all
vars:
list1: ['Apple','Banana','Cat', 'Dog']
tasks:
- name: Template Loop example.
- template:
src: example2.j2
dest: /home/knoldus/Documents/Ansible/output.txt
# vim example2.j2
{% for item in list1 %}
{{ item }}
{% endfor %}
Multiple
Files in Ansible
- hosts: all
tasks:
- name: Template with_items example.
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: 'example.j2',dest: '/tmp/output.txt'}
- {src: 'example1.j2',dest: '/tmp/output1.txt'}
- {src: 'example2.j2',dest: '/tmp/output2.txt'}
########## template create variable for status #####
anisble_project
What is Ansible Vault ?
Ansible Vault encrypts variables and files so you can
protect sensitive content such as passwords or keys rather than leaving it
visible as plaintext in playbooks or roles. You can then place encrypted
content under source control and share it more safely.
Using Ansible Vault
The simple use of
the Ansible vault is to encrypt variables files. It can encrypt any YAML file,
but the most common files to encrypt are:
1. A role's defaults/ main.yml file
2. A role's vars/main.yml file
3. Files within the group_vars
directory
4. Any other file used to store variables
1. How to Create
an Encrypted File in Ansible
# ansible-vault
create filename
# ansible-vault view mysecrets.yml
3. How to Edit an Encrypted File in Ansible.
# ansible-vault edit mysecrets.yml
4. How to Change Ansible Vault Password.
# ansible-vault rekey mysecrets.yml
# ansible-vault encrypt classified.txt
# ansible-vault decrypt classified.txt
7. Using Ansible playbook with vault password file.
# ansible-vault edit --vault-id=pass.txt hosts
# ansible-vault encrypt /etc/ansible/hosts
# ansible all --list-hosts --vault-password-file=pass.txt
# ansible-playbook secret.yml --vault-password-file=pass.txt
No comments:
Post a Comment