AnsibleCheatSheet icon indicating copy to clipboard operation
AnsibleCheatSheet copied to clipboard

Published 20 hours ago verified publisher icon eon01

Metadata

A cheat sheet for Ansible, the automation tool.

The Ansible Cheat Sheet

A cheat sheet for Ansible, the automation tool.

Let's create the largest and most comprehensive cheat sheet for Ansible. If you have a tip or trick that you think should be included, please contribute.



X (formerly Twitter) URL X (formerly Twitter) Follow

Sponsors

❤️ The ansible Workshop: Hands-On Learning For Rapid Mastery

In "The Ansible Workshop," you will deep dive into the world of Ansible, the amazing automation tool that converts complex IT tasks into a set of easy, simple-to-repeat steps. This guide is your roadmap to mastering Ansible, whether you are a novice just starting to use Ansible or an intermediate user who has already used Ansible and is looking for additional information and tricks to enhance your skills.

You can get it on Amazon

📩 DevOpsLinks: The Ultimate DevOps Newsletter

DevOpsLinks - The Ultimate DevOps Newsletter. Curated DevOps news, tutorials, tools, jobs, podcasts, and more. Delivered to your inbox every week.

🛍️ ByteVibe: Show off your love for all things TECH

If you're seeking a cozy sweatshirt to wear during your extended coding sessions or a mug to exhibit your passion for programming, you can find it all here

💌 Sponsorship

If you would like to sponsor this project, please contact me at aymen at faun dot dev.

Call for Contributions

Let's create the largest and most comprehensive list of Ansible tools and resources. If you have a tool or resource that you think should be included, please contribute.

Table of Contents

  • Sponsors
    • ❤️ The ansible Workshop: Hands-On Learning For Rapid Mastery
    • 📩 DevOpsLinks: The Ultimate DevOps Newsletter
    • 🛍️ ByteVibe: Show off your love for all things TECH
    • 💌 Sponsorship
  • Call for Contributions
  • Table of Contents
  • The Ansible Cheat Sheet
    • Installing Ansible
      • On Linux
      • On macOS
      • On Windows
    • Configuring Ansible
    • Inventory
      • Setting Up the Inventory File (INI)
      • Setting Up the Inventory File (YAML)
    • Ansible Host Variables
    • Testing Your Setup
    • Playbook Structure
    • Playbook Keywords
    • Common Modules
      • Running a Command
      • Running a Shell Command
      • Running a Raw Command
      • Copying a File
      • Installing a Package
      • Restarting a Service
      • Copying a File with Permissions
      • Copying a File with Permissions and Context
    • Playbooks
      • Running a Playbook
      • Running a Playbook with Inventory
      • Running a Playbook with Inventory and Limit
      • Running a Playbook with Limit
      • Running a Playbook with Tags
      • Running a Playbook with Skip Tags
      • Running a Playbook with Extra Variables
      • Running a Playbook with a Vault Password File
      • Running a Playbook with Ask Vault Password
      • Running a Playbook with Ask Sudo Password
      • Running a Playbook with Ask Pass
      • Running a Playbook in Check Mode
      • Running a Playbook in Diff Mode
      • Running a Playbook in Verbose Mode
      • Running a Playbook in Extra Verbose Mode
      • Running a Playbook in Extra Extra Verbose Mode
      • Running a Playbook in Extra Extra Extra Verbose Mode
      • Running a Playbook in Extra Extra Extra Extra Verbose Mode
      • Running a Playbook with Forks
      • Running a Playbook with Timeout
    • Jinja2
      • Using Jinja2
      • Using Jinja2 with Filters
      • Jinja2 Template
      • Jinja2 Template with Variables
      • Templates with Loops
      • Templates with Conditionals
      • Templates with Filters
    • Host Patterns
    • Debugging
      • Syntax Check a Playbook
      • Check if Hosts Are Reachable
      • Check if Hosts Are Reachable with SSH
      • Check if Hosts Are Reachable with WinRM
      • Check if Hosts Are Reachable Locally
      • Verbose Mode
      • Debug Mode
      • Capture Output
      • Capture Output and Show Only Specific Fields
      • Capture Output and Show Only Specific Fields with Jinja2
    • Gathering Facts
      • Gathering Facts for All Hosts
      • Gathering Facts for a Specific Host
      • Gathering Facts for a Specific Host and Saving to a File
    • Variables
      • Setting a Variable
      • Setting a Variable with Multiple Lines
      • Setting a Variable with Multiple Lines and Indentation
    • Conditionals
      • When
      • When with Multiple Conditions
    • Loops
      • Looping Over a List
      • Looping Over a Dictionary
      • Looping Over a Dictionary Using "with_dict"
      • Looping Over a List with "with_items"
    • Handlers
      • Using Handlers
      • Using Handlers with Multiple Tasks
      • Using Handlers with Multiple Tasks and Different Handlers
    • Conditional Execution
      • Using "ignore_errors" to Continue Execution Even After Failures
      • Using "changed_when" to Control When a Task Is Considered Changed
      • Using "failed_when" to Control When a Task Is Considered Failed
      • Failing a Playbook with "fail"
    • Vault
      • Editing an Encrypted File
      • Updating Encryption Password
      • Viewing an Encrypted File
      • Encrypting a File
      • Encrypting a File with a Password File
      • Decrypting a File
      • Encrypting a String
      • Encrypting a String with a Password File
    • Asynchronous Tasks
      • Running a Task Asynchronously
      • Checking the Status of Asynchronous Tasks
    • Roles
      • Creating a Role
      • Using a Role
      • Using a Role with Variables
      • Using a Role with Multiple Variables
      • Using a Role with Tags
    • Ansible Galaxy
      • Searching for Roles
      • Installing a Role
      • Installing a Role with a Specific Version
    • Ansible Collections
      • Installing a Collection
      • Installing a Collection with a Specific Version
      • Installing a Collection from a File
      • Installing a Collection from a Directory
    • Resources About Ansible
      • Official Ansible Documentation
      • Ansible Blogs and Articles
      • Ansible Community and Forums
      • Ansible GitHub Repository
      • Ansible Videos
      • Ansible Tools
      • IDE Extensions
        • VSCode
        • PyCharm
        • Sublime
        • Vim
      • Newsletters

The Ansible Cheat Sheet

Installing Ansible

On Linux

# Ubuntu/Debian
sudo apt update
sudo apt install ansible
# On Red Hat-based systems (Fedora, CentOS)
sudo yum install ansible

Or use pip:

pip install ansible

Or use pipx:

pipx install ansible

On macOS

Use Homebrew:

brew install ansible

On Windows

Ansible can be run from inside a Windows Subsystem for Linux (WSL) instance. First, ensure that WSL is installed, then install Ansible in the Linux distribution of your choice, following the Linux installation steps.

Configuring Ansible

Default Ansible configuration settings can be overridden using environment variables. The same variables can be used to override settings in the ansible.cfg file in ini format. Typically, environment variables are in capital letters, while the corresponding configuration settings are in lowercase.

Environment Variable ansible.cfg Variable ansible.cfg Section Description
ANSIBLE_CONFIG N/A N/A Specifies the path to the Ansible configuration file.
ANSIBLE_DEBUG debug [defaults] Enables or disables debug output. Set to True for verbose debug information.
ANSIBLE_INVENTORY inventory [defaults] Path to the inventory file or script.
ANSIBLE_NOCOLOR nocolor [defaults] Disables colored output in Ansible.
ANSIBLE_FORCE_COLOR force_color [defaults] Forces colored output even when not in a TTY.
ANSIBLE_HOST_KEY_CHECKING host_key_checking [defaults] Enables or disables SSH host key checking.
ANSIBLE_REMOTE_USER remote_user [defaults] Default remote user for SSH connections.
ANSIBLE_PRIVATE_KEY_FILE private_key_file [defaults] Specifies the private key file for SSH.
ANSIBLE_TIMEOUT timeout [defaults] Connection timeout duration in seconds.
ANSIBLE_ROLES_PATH roles_path [defaults] Specifies the path to Ansible roles.
ANSIBLE_LIBRARY library [defaults] Path to custom module directories.
ANSIBLE_RETRY_FILES_ENABLED retry_files_enabled [defaults] Enables or disables the creation of retry files.
ANSIBLE_VAULT_PASSWORD_FILE vault_password_file [defaults] Path to the Ansible vault password file.
ANSIBLE_VAULT_IDENTITY_LIST vault_identity_list [defaults] List of vault identities for decryption.
ANSIBLE_STDOUT_CALLBACK stdout_callback [defaults] Sets the default callback plugin for output formatting.
ANSIBLE_CALLBACK_WHITELIST callback_whitelist [defaults] List of callback plugins allowed to execute.
ANSIBLE_FORKS forks [defaults] Number of parallel processes to use.
ANSIBLE_ASK_VAULT_PASS ask_vault_pass [defaults] Determines whether Ansible prompts for the vault password by default.
ANSIBLE_TRANSPORT transport [defaults] Specifies the connection type (e.g., SSH, WinRM).
ANSIBLE_GATHERING gathering [defaults] Configures the default fact gathering behavior.
ANSIBLE_GATHER_SUBSET gather_subset [defaults] Specifies a subset of facts to gather.
ANSIBLE_SSH_ARGS ssh_args [ssh_connection] Extra arguments to pass to the SSH command.
ANSIBLE_SSH_RETRIES retries [ssh_connection] Specifies the number of attempts Ansible will make to connect via SSH before giving up.
ANSIBLE_BECOME become [privilege_escalation] Enables or disables privilege escalation. The default is False.
ANSIBLE_BECOME_METHOD become_method [privilege_escalation] The method used for privilege escalation, the default is sudo.
ANSIBLE_BECOME_USER become_user [privilege_escalation] The user to become on privilege escalation, the default is root.
ANSIBLE_BECOME_ASK_PASS become_ask_pass [privilege_escalation] Prompts for a password for privilege escalation, the default is False.
ANSIBLE_GALAXY_SERVER server [galaxy] Specifies the default Galaxy server from which roles are installed.
ANSIBLE_INVENTORY_ENABLED inventory_enabled [inventory] Specifies the enabled inventory plugins. The default is [‘host_list’, ‘script’, ‘auto’, ‘yaml’, ‘ini’, ‘toml’].

For more detailed information on these configurations, consult the official Ansible documentation.

Inventory

Setting Up the Inventory File (INI)

[web]
192.168.1.2 ansible_ssh_user=ubuntu

[db]
192.168.1.3 ansible_ssh_user=root

Setting Up the Inventory File (YAML)

all:
  hosts:
    192.168.1.2:
      ansible_ssh_user: ubuntu
    192.168.1.3:
      ansible_ssh_user: root

Replace the IP addresses and ansible_ssh_user with your server details.

Ansible Host Variables

Variable Description
ansible_connection The type of connection to the host. The default is 'smart'. It supports SSH (smart, ssh, paramiko) and other types.
ansible_host The hostname or IP to connect to, if different from the alias.
ansible_port The connection port number. The default is 22 for SSH.
ansible_user The username for connecting to the host.
ansible_password The password for authentication (use vault for security).
ansible_ssh_private_key_file The private key file for SSH, useful for multiple keys.
ansible_ssh_common_args The common arguments appended to sftp, scp, ssh commands.
ansible_sftp_extra_args The extra arguments for the sftp command line.
ansible_scp_extra_args The extra arguments for the scp command line.
ansible_ssh_extra_args The extra arguments for the ssh command line.
ansible_ssh_pipelining Whether to use SSH pipelining, overrides ansible.cfg setting.
ansible_ssh_executable Overrides the default system ssh, added in version 2.2.
ansible_become Forces privilege escalation, equivalent to ansible_sudo or ansible_su.
ansible_become_method Sets the privilege escalation method.
ansible_become_user Sets the user for privilege escalation.
ansible_become_password Sets the privilege escalation password (use vault for security).
ansible_become_exe Sets the executable for the escalation method.
ansible_become_flags Flags for the selected escalation method, can be set in ansible.cfg.
ansible_shell_type The shell type of the target system. The default is Bourne (sh) compatible.
ansible_python_interpreter The Python interpreter path on the target host.
ansible_*_interpreter The generic interpreter setting, works like ansible_python_interpreter. New in version 2.1.
ansible_shell_executable The shell executable Ansible uses on the target, overrides ansible.cfg.

This table provides a summary of the host-specific variables in Ansible. For detailed information and examples, refer to the official Ansible documentation.

Testing Your Setup

To ensure that Ansible can communicate with your managed nodes, use the ping module:

ansible all -m ping -i inventory

Playbook Structure

---
- name: Playbook Name
  hosts: all
  become: yes
  become_user: root
  become_method: sudo
  vars:
    my_var: 123
  vars_files:
    - vars.yml
  tasks:
    - name: Task Name
      command: echo "Hello World!"

Playbook Keywords

Keyword Description
name The name of the playbook or task.
hosts The hosts or host groups to run the playbook on.
become Whether to run tasks with privilege escalation.
become_user The user to become when using privilege escalation.
become_method The method to use for privilege escalation (e.g., sudo).
remote_user The user to connect as on the remote host.
vars The variables to be used in the playbook.
vars_files The files containing variables to be used in the playbook.
tasks The list of tasks to be executed.
handlers The list of handlers to be executed upon notification.
pre_tasks The list of tasks to be executed before roles.
post_tasks The list of tasks to be executed after the main tasks.
roles The list of roles to be included and executed.
serial The number of hosts to process in each playbook run.
max_fail_percentage The maximum failure percentage allowed to continue the playbook.
any_errors_fatal Whether any error is enough to stop the playbook.
ignore_errors Whether to ignore errors on a task.
gather_facts Whether to gather facts at the beginning of the playbook.
no_log Whether to disable logging for a task.
force_handlers Whether to run handlers even if a task fails.
tags The tags associated with tasks or roles for selective running.
check_mode Whether to run the playbook in check mode (dry run).
diff Whether to show differences in tasks where supported.
connection The connection type to use (e.g., ssh, local, winrm).
timeout The connection timeout duration in seconds.
gather_subset The subset of facts to gather (Possible values: all, min, hardware, network, virtual, ohai, and facter).

For detailed information and examples, refer to the official Ansible documentation.

Common Modules

Running a Command

Ad-hoc:

ansible all -m command -a "uptime"

Playbook:

---
- name: Run a Command
  hosts: all
  tasks:
    - name: Run a Command
      command: uptime

Running a Shell Command

Ad-hoc:

ansible all -m shell -a "echo $TERM"

Playbook:

---
- name: Run a Shell Command
  hosts: all
  tasks:
    - name: Run a Shell Command
      shell: echo $TERM

Running a Raw Command

Ad-hoc:

ansible all -m raw -a "echo $TERM"

Playbook:

---
- name: Run a Raw Command
  hosts: all
  tasks:
    - name: Run a Raw Command
      raw: echo $TERM

Copying a File

Ad-hoc:

ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts"

Playbook:

---
- name: Copy a File
  hosts: all
  tasks:
    - name: Copy a File
      copy:
        src: /etc/hosts
        dest: /tmp/hosts

Installing a Package

Ad-hoc:

ansible all -m apt -a "name=nginx state=present"

Playbook:

---
- name: Install a Package
  hosts: all
  tasks:
    - name: Install a Package
      apt:
        name: nginx
        state: present

Restarting a Service

Ad-hoc:

ansible all -m service -a "name=nginx state=restarted"

Playbook:

---
- name: Restart a Service
  hosts: all
  tasks:
    - name: Restart a Service
      service:
        name: nginx
        state: restarted

Copying a File with Permissions

Ad-hoc:

ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts owner=root group=root mode=0644"

Playbook:

---
- name: Copy a File with Permissions
  hosts: all
  tasks:
    - name: Copy a File with Permissions
      copy:
        src: /etc/hosts
        dest: /tmp/hosts
        owner: root
        group: root
        mode: 0644

Copying a File with Permissions and Context

Ad-hoc:

ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts owner=root group=root mode=0644 seuser=system_u serole=object_r"

Playbook:

---
- name: Copy a File with Permissions and Context
  hosts: all
  tasks:
    - name: Copy a File with Permissions and Context
      copy:
        src: /etc/hosts
        dest: /tmp/hosts
        owner: root
        group: root
        mode: 0644
        seuser: system_u
        serole: object_r

Playbooks

Running a Playbook

ansible-playbook playbook.yml

Running a Playbook with Inventory

ansible-playbook playbook.yml -i inventory

Running a Playbook with Inventory and Limit

ansible-playbook playbook.yml -i inventory --limit "web"

Running a Playbook with Limit

ansible-playbook playbook.yml --limit "web"

Running a Playbook with Tags

ansible-playbook playbook.yml --tags "install,configure"

Running a Playbook with Skip Tags

ansible-playbook playbook.yml --skip-tags "configure"

Running a Playbook with Extra Variables

ansible-playbook playbook.yml --extra-vars "my_var=123"

Running a Playbook with a Vault Password File

ansible-playbook playbook.yml --vault-password-file ~/.vault_pass.txt

Running a Playbook with Ask Vault Password

ansible-playbook playbook.yml --ask-vault-pass

Running a Playbook with Ask Sudo Password

ansible-playbook playbook.yml --ask-become-pass

Running a Playbook with Ask Pass

ansible-playbook playbook.yml --ask-pass

Running a Playbook in Check Mode

ansible-playbook playbook.yml --check

Running a Playbook in Diff Mode

ansible-playbook playbook.yml --diff

Running a Playbook in Verbose Mode

ansible-playbook playbook.yml -v

Running a Playbook in Extra Verbose Mode

ansible-playbook playbook.yml -vv

Running a Playbook in Extra Extra Verbose Mode

ansible-playbook playbook.yml -vvv

Running a Playbook in Extra Extra Extra Verbose Mode

ansible-playbook playbook.yml -vvvv

Running a Playbook in Extra Extra Extra Extra Verbose Mode

ansible-playbook playbook.yml -vvvvv

Running a Playbook with Forks

ansible-playbook playbook.yml --forks 50

Running a Playbook with Timeout

ansible-playbook playbook.yml --timeout 30

Jinja2

Using Jinja2

---
- name: Using Jinja2
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Using Jinja2
      debug:
        msg: "{{ my_var }}"

Using Jinja2 with Filters

---
- name: Using Jinja2 with Filters
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Using Jinja2 with Filters
      debug:
        msg: "{{ my_var | string }}"

Jinja2 Template

---
- name: Jinja2 Template
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Jinja2 Template
      template:
        src: template.j2
        dest: /tmp/template.txt

Jinja2 Template with Variables

---
- name: Jinja2 Template with Variables
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Jinja2 Template with Variables
      template:
        src: template.j2
        dest: /tmp/template.txt

The "template.j2" file:

Hello World! This is my_var: {{ my_var }}

Templates with Loops

---
- name: Templates with Loops
  hosts: localhost
  vars:
    my_list:
      - 123
      - 456
      - 789
  tasks:
    - name: Templates with Loops
      template:
        src: template.j2
        dest: /tmp/template.txt

The "template.j2" file:

{% for item in my_list %}
{{ item }}
{% endfor %}

Templates with Conditionals

---
- name: Templates with Conditionals
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Templates with Conditionals
      template:
        src: template.j2
        dest: /tmp/template.txt

The "template.j2" file:

{% if my_var == 123 %}
Hello World!
{% endif %}

Templates with Filters

---
- name: Templates with Filters
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Templates with Filters
      template:
        src: template.j2
        dest: /tmp/template.txt

The "template.j2" file:

Hello, World! This is my_var: {{ my_var | string }}

Host Patterns

Pattern Description
all All hosts in the inventory.
* Same as all.
group1 All hosts in the group group1.
group1:group2 All hosts in the groups group1 and group2.
group1:&group2 All hosts in both group1 and group2.
group1:!group2 All hosts in group1 that are not in group2.
group1:&group2:!group3 All hosts in both group1 and group2 that are not in group3.
group1:group2:&group3 All hosts in both group1 and group2 that are also in group3.
group1:group2:!group3:&group4 All hosts in both group1 and group2 that are not in group3 and are also in group4.

Debugging

Syntax Check a Playbook

ansible-playbook playbook.yml --syntax-check

Check if Hosts Are Reachable

ansible all -m ping

Check if Hosts Are Reachable with SSH

ansible all -m ping -c ssh

Check if Hosts Are Reachable with WinRM

ansible all -m ping -c winrm

Check if Hosts Are Reachable Locally

ansible all -m ping -c local

Verbose Mode

ansible all -m ping -v
ansible all -m ping -vv
ansible all -m ping -vvv
ansible all -m ping -vvvv
ansible all -m ping -vvvvv

Debug Mode

ANSIBLE_DEBUG=1 ansible all -m ping

Capture Output

---
- name: Capture Output
  hosts: all
  tasks:
    - name: Capture Output
      command: echo "Hello World!"
      register: output
    - debug:
        var: output

Capture Output and Show Only Specific Fields

---
- name: Capture Output and Show Only Specific Fields
  hosts: all
  tasks:
    - name: Capture Output and Show Only Specific Fields
      command: echo "Hello World!"
      register: output
    - debug:
        var: output.stdout

Capture Output and Show Only Specific Fields with Jinja2

---
- name: Capture Output and Show Only Specific Fields with Jinja2
  hosts: all
  tasks:
    - name: Capture Output and Show Only Specific Fields with Jinja2
      command: echo "Hello World!"
      register: output
    - debug:
        msg: "{{ output.stdout }}"

Gathering Facts

Gathering Facts for All Hosts

ansible all -m setup

Gathering Facts for a Specific Host

ansible all -m setup -a "filter=ansible_eth*"

Gathering Facts for a Specific Host and Saving to a File

ansible all -m setup -a "filter=ansible_eth*" --tree /tmp/facts

Variables

Setting a Variable

---
- name: Setting a Variable
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: Setting a Variable
      debug:
        var: my_var
    - name: Setting a Variable (debug)
      debug:
        msg: "{{ my_var }}"

Setting a Variable with Multiple Lines

---
- name: Setting a Variable with Multiple Lines
  hosts: localhost
  vars:
    my_var: >
      Hello
      World!
  tasks:
    - name: Setting a Variable with Multiple Lines
      debug:
        var: my_var
    - name: Setting a Variable with Multiple Lines (debug)
      debug:
        msg: "{{ my_var }}"

Setting a Variable with Multiple Lines and Indentation

---
- name: Setting a Variable with Multiple Lines and Indentation
  hosts: localhost
  vars:
    my_var: |
      Hello
      World!
        This is indented.
  tasks:
    - name: Setting a Variable with Multiple Lines and Indentation
      debug:
        var: my_var
    - name: Setting a Variable with Multiple Lines and Indentation (debug)
      debug:
        msg: "{{ my_var }}"

Conditionals

When

---
- name: When
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: When
      debug:
        msg: "Hello World!"
      when: my_var == 123

When with Multiple Conditions

---
- name: When with Multiple Conditions
  hosts: localhost
  vars:
    my_var: 123
  tasks:
    - name: When with Multiple Conditions
      debug:
        msg: "Hello World!"
      when:
        - my_var == 123
        - my_var != 456

Loops

Looping Over a List

---
- name: Looping Over a List
  hosts: localhost
  vars:
    my_list:
      - 123
      - 456
      - 789
  tasks:
    - name: Looping Over a List
      debug:
        msg: "{{ item }}"
      loop: "{{ my_list }}"

Looping Over a Dictionary

---
- name: Looping Over a Dictionary
  hosts: localhost
  vars:
    my_dict:
      key1: 123
      key2: 456
      key3: 789
  tasks:
    - name: Looping Over a Dictionary
      debug:
        msg: "{{ item.key }}: {{ item.value }}"
      loop: "{{ my_dict | dict2items }}"

Looping Over a Dictionary Using "with_dict"

---
- name: Looping Over a Dictionary with Nested Items
  hosts: localhost
  vars:
    my_dict:
      key1:
        - 123
        - 456
        - 789
      key2:
        - 123
        - 456
        - 789
      key3:
        - 123
        - 456
        - 789
  tasks:
    - name: Looping Over a Dictionary with Nested Items
      debug:
        msg: "Key: {{ item.key }}, Values: {{ item.value }}"
      with_dict: "{{ my_dict }}"

Looping Over a List with "with_items"

---
- name: Looping Over a List with with_items
  hosts: localhost
  vars:
    my_list:
      - 123
      - 456
      - 789
  tasks:
    - name: Looping Over a List with with_items
      debug:
        msg: "{{ item }}"
      with_items: "{{ my_list }}"

Handlers

Using Handlers

---
- name: Using Handlers
  hosts: localhost
  tasks:
    - name: Using Handlers
      debug:
        msg: "Hello World!"
      notify: My Handler
  handlers:
    - name: My Handler
      debug:
        msg: "This is my handler."

Using Handlers with Multiple Tasks

---
- name: Using Handlers with Multiple Tasks
  hosts: localhost
  tasks:
    - name: Using Handlers with Multiple Tasks
      debug:
        msg: "Hello World!"
      notify: My Handler
    - name: Using Handlers with Multiple Tasks
      debug:
        msg: "Hello World!"
      notify: My Handler
  handlers:
    - name: My Handler
      debug:
        msg: "This is my handler."

Using Handlers with Multiple Tasks and Different Handlers

---
- name: Using Handlers with Multiple Tasks and Different Handlers
  hosts: localhost
  tasks:
    - name: Using Handlers with Multiple Tasks and Different Handlers
      debug:
        msg: "Hello World!"
      notify: My Handler 1
    - name: Using Handlers with Multiple Tasks and Different Handlers
      debug:
        msg: "Hello World!"
      notify: My Handler 2
  handlers:
    - name: My Handler 1
      debug:
        msg: "This is my handler 1."
    - name: My Handler 2
      debug:
        msg: "This is my handler 2."

Conditional Execution

Using "ignore_errors" to Continue Execution Even After Failures

---
- name: Using ignore_errors to Continue Execution Even After Failures
  hosts: localhost
  tasks:
    - name: Using ignore_errors to Continue Execution Even After Failures
      command: /bin/false
      ignore_errors: yes
    - name: Using ignore_errors to Continue Execution Even After Failures
      debug:
        msg: "Hello World!"

Using "changed_when" to Control When a Task Is Considered Changed

---
- name: Using changed_when to Control When a Task Is Considered Changed
  hosts: localhost
  tasks:
    - name: Using changed_when to Control When a Task Is Considered Changed
      command: /bin/false
      register: output
      changed_when: output.rc != 2
    - name: Using changed_when to Control When a Task Is Considered Changed
      debug:
        msg: "Hello World!"

Using "failed_when" to Control When a Task Is Considered Failed

---
- name: Example playbook with failed_when
  hosts: localhost
  tasks:
    - name: Example playbook with failed_when (will fail)
      command: /bin/false
      register: output
      # The normal exit code for /bin/false is 1             
      failed_when: output.rc == 2
    - name: Example playbook with failed_when
      debug:
        msg: "Hello World!"

Failing a Playbook with "fail"

---
- name: Failing a Playbook with fail
  hosts: localhost
  tasks:
    - name: Failing a Playbook with fail
      fail:
        msg: "This task will always fail."

Vault

Editing an Encrypted File

ansible-vault edit file.yml

Updating Encryption Password

ansible-vault rekey file.yml

Viewing an Encrypted File

ansible-vault view file.yml

Encrypting a File

ansible-vault encrypt file.yml

Encrypting a File with a Password File

ansible-vault encrypt file.yml --vault-password-file ~/.vault_pass.txt

Decrypting a File

ansible-vault decrypt file.yml

Encrypting a String

ansible-vault encrypt_string "Hello World!" --name "my_var"

Encrypting a String with a Password File

ansible-vault encrypt_string "Hello World!" --name "my_var" --vault-password-file ~/.vault_pass.txt

Asynchronous Tasks

Running a Task Asynchronously

---
- name: Running a Task Asynchronously
  hosts: localhost
  tasks:
    - name: Running a Task Asynchronously
      command: /bin/bash -c "for i in `seq 1 5`; do echo $i; sleep 1; done"
      async: 60
      poll: 0

Checking the Status of Asynchronous Tasks

---
- name: Rolling Update with Timeout
  hosts: localhost
  tasks:
    - name: Start the application update (async)
      command: /bin/bash -c "for i in `seq 1 5`; do echo $i; sleep 1; done"
      async: 60
      poll: 0 
      register: update_result

    - name: Wait for the update to complete
      async_status:
        jid: "{{ update_result.ansible_job_id }}"
      register: job_result
      until: job_result.finished
      retries: 60  # Check the status every 10 seconds (60 times)

    - name: Check if the update was successful
      debug:
        msg: "Update successful"
      when: job_result.finished

Roles

Creating a Role

ansible-galaxy init my_role

Using a Role

---
- name: Using a Role
  hosts: localhost
  roles:
    - my_role

Using a Role with Variables

---
- name: Using a Role with Variables
  hosts: localhost
  roles:
    - role: my_role
      vars:
        my_var: 123

Using a Role with Multiple Variables

---
- name: Using a Role with Multiple Variables
  hosts: localhost
  roles:
    - role: my_role
      vars:
        my_var1: 123
        my_var2: 456

Using a Role with Tags

---
- name: Using a Role with Tags
  hosts: localhost
  roles:
    - role: my_role
      tags:
        - install
        - configure

Ansible Galaxy

Searching for Roles

ansible-galaxy search nginx

Installing a Role

ansible-galaxy install nginx

Installing a Role with a Specific Version

ansible-galaxy install elastic.elasticsearch,7.15.0

Ansible Collections

Installing a Collection

ansible-galaxy collection install community.general

Installing a Collection with a Specific Version

ansible-galaxy collection install community.general:8.1.0

Installing a Collection from a File

ansible-galaxy collection install community.general-8.1.0.tar.gz

Installing a Collection from a Directory

ansible-galaxy collection install community.general-8.1.0/

Resources About Ansible

Official Ansible Documentation

Ansible Blogs and Articles

Ansible Community and Forums

Ansible GitHub Repository

Ansible Videos

Ansible Tools

  • ansible/awx: AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for the Red Hat Ansible Automation Platform.
  • ansible-semaphore/semaphore: A modern UI for Ansible.
  • ansible/molecule: Molecule aids in the development and testing of Ansible content: collections, playbooks, and roles.
  • dev-sec/ansible-collection-hardening: This Ansible collection provides battle-tested hardening for Linux, SSH, nginx, MySQL.
  • ansible/ansible-lint: ansible-lint checks playbooks for practices and behavior that could potentially be improved and can fix some of the most common ones for you.
  • fboender/ansible-cmdb: Generate a host overview from ansible fact gathering output.
  • willthames/ansible-inventory-grapher: ansible-inventory-grapher creates a dot file suitable for use by graphviz.
  • ansible/ansible-lint: ansible-lint checks playbooks for practices and behavior that could potentially be improved and can fix some of the most common ones for you.
  • groupon/ansible-silo: Ansible in a self-contained environment via Docker.
  • pearofducks/ansible-vim: A vim plugin for syntax highlighting Ansible's common filetypes.
  • nickjj/ansigenome: A tool to help you gather information and manage your Ansible roles.
  • ansible-community/ara: ARA Records Ansible and makes it easier to understand and troubleshoot.
  • mitogen-hq/mitogen: Distributed self-replicating programs in Python (Mitogen for Ansible is a completely redesigned UNIX connection layer and module runtime for Ansible.)
  • Phansible: Phansible - generate Vagrant + Ansible dev environments for PHP.
  • cidrblock/td4a: Template designer for automation.
  • adammck/terraform-inventory: Terraform State → Ansible Dynamic Inventory.
  • ansible-community/ansible-bender: This tool bends containers using Ansible playbooks and turns them into container images.
  • pixiu-io/kubez-ansible: To provide quick deployment tools for Kubernetes clusters and cloud-native applications by Ansible.
  • apenella/go-ansible: Go-ansible is a Go package that enables the execution of ansible-playbook or ansible commands directly from Golang applications.
  • ansible/ansible-runner: A tool and Python library that helps when interfacing with Ansible directly or as part of another system, whether that be through a container image interface, as a standalone tool, or as a Python module that can be imported.

IDE Extensions

VSCode

  • Ansible extension by Red Hat - This extension provides comprehensive Ansible language support, including syntax highlighting, auto-completion, and integrated linting.
  • YAML Support - This extension offers enhanced YAML language support with features like schema validation, auto-completion, and hover documentation.
  • ansible-vault - This extension facilitates the encryption and decryption of Ansible Vault files directly within VSCode, streamlining the process of managing sensitive data.

PyCharm

  • Ansible support - This plugin provides support for Ansible directly in PyCharm with features such as playbook run configurations, syntax highlighting, and completion for Ansible keywords.

Sublime

  • Ansible - This package enhances Sublime Text with Ansible syntax highlighting, code snippets, and completions for a better development experience.
  • GitGutter - This package shows information about files in a git repository, including changes and line modifications directly in the editor.
  • SideBarEnhancements - This package provides enhancements to the operations on the Sidebar of Files and Folders, improving file management in Sublime Text.
  • Sublime Linter - This package is a code-linting framework for Sublime Text 3, helping to identify syntax errors and stylistic issues.
  • Pretty YAML - This package prettifies YAML for Sublime Text 2 and 3, making YAML files easier to read and edit.
  • Yamllint - This package is a Sublime wrapper around yamllint, integrating YAML linting into Sublime Text.

Vim

  • Ansible-vim - This is a Vim plugin for syntax highlighting Ansible's common file types.

Newsletters

Metadata

18
Stars
3
Forks
Watchers

Owner

verified publisher icon eon01

Metadata

A cheat sheet for Ansible, the automation tool.

Back