I am building a Sinatra API and I have some custom configurations which needs to be used by the API.
For eg :
master:
- role: 'production'
node_ip: '192.168.1.1'
notify: 'abc#gmail.com'
- role: 'production'
node_ip: '192.168.1.2'
notify: 'def#gmail.com'
development:
role: 'production'
node_ip: '192.168.1.2'
notify: 'def#gmail.com'
So I need use these configuation in my app. Right now I have put it in yml files and loading it and using it in my app. Is there any better way to do achieve the same without using yaml.
Related
I am trying to configure raspberry pi journalctl using ansible.
I tried using some ansible-galaxy roles which seem too complicated and did not deliver in the end.
I am just trying to configure the /etc/systemd/journald.conf file.
Can I do it with ansible.builtin.systemd or any other suggestions?
You only need a playbook and a template file.
myproject/changejournald.yml # your playbook
myproject/journald.conf.j2 # a jinja2 template, the 'journald.conf as you want it'
in changejournald.yml
---
- name: upload new template
template:
src: 'journald.conf.j2'
dest: '/etc/systemd/journald.conf'
become: true #<-- unless you are connecting as root
- name: reload systemd-journald
systemd:
name: systemd-journald
state: restart
become: true
Something like that should work?
There are also other modules like lineinfile or blockinfile that might be more useful depending on how you intend to configure it.
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/lineinfile_module.html
https://unix.stackexchange.com/questions/253203/how-to-tell-journald-to-re-read-its-configuration
I've been using the netbox dynamic inventory plugin a lot recently, but want to make it a bit more consumable for my other team members. The config for the plugin looks like:
plugin: netbox
api_endpoint: http://our-netbox-server.com
validate_certs: False
config_context: False
token: abc123
group_by:
- device_roles
query_filters:
- role: tor-switch
- role: something
- role: something_else
I was hoping i could lookup the token section from my environment variables, so something like:
token: "{{ lookup('env', 'NETBOX_TOKEN') }}"
however this doesn't work at all. Anyone got any suggestions around how i can make this happen?
Use the community inventory plugin from https://github.com/netbox-community/ansible_modules. This already supports the environment variables. So the token and API endpoint does not need to be stored in the configuration.
api_endpoint:
description: Endpoint of the NetBox API
required: True
env:
- name: NETBOX_API
token:
required: False
description:
- NetBox API token to be able to read against NetBox.
- This may not be required depending on the NetBox setup.
env:
# in order of precedence
- name: NETBOX_TOKEN
- name: NETBOX_API_KEY
I have an ansible tomcat role
defaults/main.yml
tomcat_http:
port: "8080"
protocol: "HTTP/1.1"
connectionTimeout: "120000"
URIEncoding: "UTF-8"
I have another role (app) which uses tomcat role as a dependency and looks like below
defaults/main.yml
app_uriencoding: "ISO-8859-1"
meta/main.yml
dependencies:
- { role: common, tags: app }
- { role: tomcat, tomcat_http.URIEncoding: "{{ app_uriencoding }}", tags: app }
When I run the app role on my targets, Im expecting the URIEncoding value defined in the app role (ISO-8859-1) to be passed to the tomcat role and override the tomcat role default value for uriencoding.
Im unable to pass a value into tomcat roles' {{ tomcat_http.URIEncoding }}. Some of the options I have tried
tomcat_http.URIEncoding
tomcat_http[URIEncoding]
tomcat_http.["URIEncoding"]
Either I get syntax errors or it just doesn't work. Please let me know if anybody has any ideas on how to pass a value into a mapped variable.
Generally, this is not possible, because with default (and advised) Ansible configuration variables overrides lower-priority ones.
But there is hash_behavior option, which you can set to merge.
In this case, you can use:
- role: tomcat
tomcat_http:
URIEncoding: "{{ app_uriencoding }}"
tags: app
This way tomcat_http from role's var will be merged with role's defaults. But beware, this can brake some other parts of your playbooks.
If you expect role's defaults to be overriden independently, use:
tomcat_http_port: "8080"
tomcat_http_protocol: "HTTP/1.1"
tomcat_http_connectionTimeout: "120000"
tomcat_http_URIEncoding: "UTF-8"
As per ansible documentation here I am using the below syntax to trigger a role when the variable "mdb_user" starts with prod.
- hosts: category_workstation
gather_facts: False
name: common workstation applications
roles:
- apps_workstation
- { role: apps_workstation_production, when: mdb_user.startswith('prod') }
This works nicely but what i want to know is if i can do something similar to adjust the variables fed to the role in different conditions. For instance the below:
- hosts : category_workstation
name: common workstation applications
roles:
- apps_workstation
- { role: apps_workstation_production, vars={'user':'prod'}, when: mdb_user.startswith('prod')}
Currently I am having to use when and set_fact to get the right variables setup before caling a roles and this approach above (if possible) seems more concise.
You can try something like:
- hosts : category_workstation
name: common workstation applications
roles:
- apps_workstation
- { role: apps_workstation_production, user: prod, when: mdb_user.startswith('prod')}
I have a playbook that installs tomcat and then deploys some web applications. The web application deploy task(s) notifies a handler to restart tomcat. But the handler never fires. I am using a handler to manage the tomcat service because I understand from the docs that handlers should only fire once even if called multiple times. Am I missing something obvious?
This is the playbook:
---
- hosts: all
become: true
become_user: root
roles:
- role: common
- role: nginx
- role: tomcat
- role: launchpad
- role: manager
- role: reporting
handlers:
- include: /tomcat/handlers/etitomcat_service_ctrl.yml
This is one of the roles that deploys the web app:
---
- name: Remove the current installation of LaunchPad
file: path={{etitomcat_path}}/webapps/{{launchpad_module}} state=absent
- name: Remove the current war file for {{launchpad_module}}
file: path={{etitomcat_path}}/webapps/{{launchpad_module}}.war state=absent
- name: Download the latest snapshot of LaunchPad and deploy it to {{etitomcat_path}}
get_url: url={{launchpad_source_url}} dest={{etitomcat_path}}/webapps/{{launchpad_module}}.war mode=0744 owner={{etitomcat_user}} group={{etitomcat_group}} force=yes
notify: "restart_eti_tomcat"
This is the handler:
- name: "Restart ETI Tomcat"
service: name=etitomcat state=restarted
become: true
become_user: root
listen: "restart_eti_tomcat"
- name: "Start ETI Tomcat"
service: name=etitomcat state=started
become: true
become_user: root
listen: "start_eti_tomcat"
- name: "Stop ETI Tomcat"
service: name=etitomcat state=stopped
become: true
become_user: root
listen: "stop_eti_tomcat"
Adding static: yes should resolve this issue when using Ansible >= 2.1.
handlers:
- include: /tomcat/handlers/etitomcat_service_ctrl.yml
static: yes
Take a look at this Github issue, the linked google groups thread might contain valuable information as well.
edit
As pointed out by #rhythmicdevil the documentation notes:
You cannot notify a handler that is defined inside of an include. As of Ansible 2.1, this does work, however the include must be static.
This may be beside the point but I'll add this regardless as the question headline is rather wide and this is the question I found when googling and below is the solution for the particular issue I had.
Do take into consideration that the handlers only triggers when there is a change registered in the corresponding task. Even if you run the play with the highest verbosity level there will be NO entry like this which spells this out.
RUNNING HANDLER [base : somehandler ] ***********************
Unchanged: Skipping
And when they are triggered after a change it will be after all the tasks has been performed.
This really did my head in since the tasks notified you regardless of if they really did something or not whereas handlers stays quiet.
For example, if you have a task A that you have been running a few times until it works like you expect.
Then after that connect a handler B to restart the service, nothing will happen unless you wipe the operation the task A are doing or change it.
As long as task A registers no change it will not trigger handler B.
This is the behavior for ansible 2.2.1 anyways.
You can add the tasks and post_tasks section instead of handlers, hope it will work for you:
---
- hosts: all
become: true
become_user: root
tasks:
- role: common
- role: nginx
- role: tomcat
- role: launchpad
- role: manager
- role: reporting
post_tasks:
- include: /tomcat/handlers/etitomcat_service_ctrl.yml