Power Of Ansible and its modules

Table of contents

Reading Time: 3 minutes

In this post, I will be discussing Ansible Modules. Modules are discrete units of code that can be used from the command line or in a playbook task. Ansible has a large number of ready to use modules for system management. User can also add their own custom modules, as they are written in python so one must have good command in python to write their own custom modules.

Ansible is multipurpose:

Configuration Management.
Deployment.
Provisioning.
Continuous Delivery.
Security & Compliance.
Orchestration.

Ansible Architecture:

Ansible Modules:

Modules can be directly executed on remote hosts or via Playbooks. Ansible users can also write their own modules, these modules can control system resources like services , packages or files etc.
Ansible modules are also called as task plugins. When using playbook these modules can trigger ‘change events’ in the form of notifying ‘handlers’ to run additional tasks. We can access the documentation of each module using following command:
ansible-doc yum

List of few New Modules introduced in 2.7 :

1. reboot : reboot a machine.
parameters:
connect_timeout,
reboot_timeout,
test_command,
msg etc

- name: Reboot a slow machine that might have lots of updates to apply
  reboot:
    reboot_timeout: 3600

2. cli_command: run a cli-command on cli-based network devices.
parameters:
answer,
check_all,
command,
prompt,
sendonly.

- name: run show version on remote devices
  cli_command:
    command: show version
      - name: run command expecting user confirmation

3. cli_config: push text based configuration to network devices over network_cli.
parameters:
backup,
commit,
config,
diff_match,
replace,
rollback etc

- name: configurable backup path
  cli_config:
    config: "{{ lookup('template', 'basic/config.j2') }}"
    backup: yes
    backup_options:
      filename: backup.cfg
      dir_path: /home/user

4. netconf_config: netconf device configuration
parameters:
commit,
confirm,
content,
delete,
format,
lock,
port,
validate etc

- name: set ntp server in the device
  netconf_config:
    content: |
        <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
            <system xmlns="urn:ietf:params:xml:ns:yang:ietf-system">
                <ntp>
                    <enabled>true</enabled>
                    <server>
                        <name>ntp1</name>
                        <udp><address>127.0.0.1</address></udp>
                    </server>
                </ntp>
            </system>
        </config>

List of new attributes introduced in 2.7 :

apply

New argument apply is added that will allow for included tasks to inherit explicitly provided attributes.

---
- hosts: localhost
  gather_facts: false
  tasks:
    - include_role:
        name: include_role
        apply:
          tags:
            - foo
      tags:
        - always

    - include_tasks:
        file: include_me.yml
        apply:
          tags:
            - foo
      tags:
        - always

Ansible Best Practice Tips:

Ansible Best Practice talks about the way how to use Ansible in an Efficient manner
Given below is list of best practice tips we should follow while using Ansible.

Name your Plays and Tasks: Adding name to your task is a good practice and it better communicates the intent to users when running a play.
Use Proper Directory Layout: Top level of the directory would contain files and directories. Inventory files in top level must be group or environment specific. ( staging or production).
Top level playbook must be separated by roles: Roles must be part of top level playbook which defines our entire infrastructure easy to understand and readable by anyone.
Task and handler organization for a Role: We should have handler organisation if a task of a role fails or notify something than we must have a handler.yml file for it.
Use Ansible galaxy to find and share roles: Ansible galaxy is a hub for finding , reusing and sharing Ansible content with the rest of the ansible community. You download, install, create and manage roles with the ansible galaxy CLI. use commands like:
ansible-galaxy init <role_name> ansible-galaxy install ( install published roles) ansible-galaxy import ( to import roles)
Use Prefixes and Human meaningful names with Variables: Ansible Variable scope and namespace is generally limited so it is a recommendation to make it easier to understand and debug also prefix variables with the source or target of the data it represents.
Clean up your debugging messages: Playbook goes into production and some unwitting ops manager runs a play and sees your debugging messages on the screen. It’s best practice to clean up those debug statements. In version 2.1 ansible debug module supports verbosity.