ptoal/toallab-automation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP3

Browse Source
This commit is contained in:
Patrick Toal
2020-08-17 12:06:41 -04:00
parent 9fa09f26bd
commit 6eb48873e6
455 changed files with 45184 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/000_RedIntro-Modules.html Normal file
View File

@@ -0,0 +1,12 @@
<section data-state="title alt" id="RedIntro-Modules">
<h1>MODULES</h1>
<img src="<?=$workshop_image?>" style="background-color: transparent; border: none;" height="250">
<p>We leverage modules within our playbooks to do the heavy lifting.</p>
<aside class="notes">
<p>Ansible</p>
</aside>
</section>

39
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/100_What-Are-Modules.html Normal file
View File

@@ -0,0 +1,39 @@
<section id="ModuleList">
<h2>Modules</h2>
<p>Modules are bits of code transferred to the target system and executed to satisfy the task declaration.</p>
<div class="columns">
<div class="col">
<ul>
<li>apt/yum</li>
<li>copy</li>
<li>file</li>
<li>get_url</li>
<li>git</li>
<li>ping</li>
<li>debug</li>
</ul>
</div>
<div class="col">
<ul>
<li>service</li>
<li>synchronize</li>
<li>template</li>
<li>uri</li>
<li>user</li>
<li>wait_for</li>
<li>assert</li>
</ul>
</div>
<div class="col">
</div>
</div>
<aside class="notes">
<p>If playbooks are the instruction manual for setting up and managing your infrastructure, Ansible modules are the tools in your toolkit.</p>
<p>We've already discussed, Ansible modules. They are the &ldquo;batteries&rdquo; and the &ldquo;tools in a users toolkit.&rdquo;</p>
<p>While there are hundreds of modules at your disposal out-of-the-box these are the most common ones.</p>
<p>Playbook tasks and how they relate to modules will be covered ahead. Tasks are the application of a module to perform a specific unit of work.</p>
</aside>
</section>

1876
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/210_Modules_ansible-doc-CLI-SCROLL.html Normal file
View File

File diff suppressed because it is too large Load Diff

208
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/220_Modules_ansible-doc-CLI-Info.html Normal file
View File

@@ -0,0 +1,208 @@
<section id="ModuleDoc-CLI-InfoScroll">
<h2>Modules Documentation</h2>
<p>Returns a thorough description of the parameters in the module.</p>
<div class="terminal space shadow" onclick="scrollDiv_init('AnsibleDocsInfo','1'); this.onclick = null;" style="cursor: pointer;">
<div class="top">
<div class="title">
<a href="javascript:pauseDiv()" style="none; cursor: pointer;">Ansible Terminal</a>
</div>
</div>
<pre class="bodymw">
<font color="gray"><?=$terminal_prompt?></font> ansible-doc copy
<div id="AnsibleDocsInfo" style="overflow:auto;width:auto;height:700px">
> COPY (/usr/lib/python2.7/site-packages/ansible/modules/files/copy.py)
The `copy' module copies a file from the local or remote machine to a
location on the remote machine. Use the [fetch] module to copy files
from remote locations to the local box. If you need variable
interpolation in copied files, use the [template] module. For Windows
targets, use the [win_copy] module instead.
* note: This module has a corresponding action plugin.
OPTIONS (= is mandatory):
- attributes
Attributes the file or directory should have. To get supported flags
look at the man page for `chattr' on the target system. This string
should contain the attributes in the same order as the one displayed by
`lsattr'.
(Aliases: attr)[Default: (null)]
version_added: 2.3
- backup
Create a backup file including the timestamp information so you can get
the original file back if you somehow clobbered it incorrectly.
[Default: no]
type: bool
version_added: 0.7
- checksum
SHA1 checksum of the file being transferred. Used to validate that the
copy of the file was successful.
If this is not provided, ansible will use the local calculated checksum
of the src file.
[Default: (null)]
version_added: 2.5
- content
When used instead of `src', sets the contents of a file directly to the
specified value. For anything advanced or with formatting also look at
the template module.
[Default: (null)]
version_added: 1.1
- decrypt
This option controls the autodecryption of source files using vault.
[Default: Yes]
type: bool
version_added: 2.4
= dest
Remote absolute path where the file should be copied to. If `src' is a
directory, this must be a directory too. If `dest' is a nonexistent path
and if either `dest' ends with "/" or `src' is a directory, `dest' is
created. If `src' and `dest' are files, the parent directory of `dest'
isn't created: the task fails if it doesn't already exist.
- directory_mode
When doing a recursive copy set the mode for the directories. If this is
not set we will use the system defaults. The mode is only set on
directories which are newly created, and will not affect those that
already existed.
[Default: (null)]
version_added: 1.5
- follow
This flag indicates that filesystem links in the destination, if they
exist, should be followed.
[Default: no]
type: bool
version_added: 1.8
- force
the default is `yes', which will replace the remote file when contents
are different than the source. If `no', the file will only be
transferred if the destination does not exist.
(Aliases: thirsty)[Default: yes]
type: bool
version_added: 1.1
- group
Name of the group that should own the file/directory, as would be fed to
`chown'.
[Default: (null)]
- local_follow
This flag indicates that filesystem links in the source tree, if they
exist, should be followed.
[Default: yes]
type: bool
version_added: 2.4
- mode
Mode the file or directory should be. For those used to `/usr/bin/chmod'
remember that modes are actually octal numbers. You must either specify
the leading zero so that Ansible's YAML parser knows it is an octal
number (like `0644' or `01777') or quote it (like `'644'' or `'0644'' so
Ansible receives a string and can do its own conversion from string into
number. Giving Ansible a number without following one of these rules
will end up with a decimal number which will have unexpected results.
As of version 1.8, the mode may be specified as a symbolic mode (for
example, `u+rwx' or `u=rw,g=r,o=r'). As of version 2.3, the mode may
also be the special string `preserve'. `preserve' means that the file
will be given the same permissions as the source file.
[Default: (null)]
- owner
Name of the user that should own the file/directory, as would be fed to
`chown'.
[Default: (null)]
- remote_src
If `no', it will search for `src' at originating/master machine.
If `yes' it will go to the remote/target machine for the `src'. Default
is `no'.
Currently `remote_src' does not support recursive copying.
`remote_src' only works with `mode=preserve' as of version 2.6.
[Default: no]
type: bool
version_added: 2.0
- selevel
Level part of the SELinux file context. This is the MLS/MCS attribute,
sometimes known as the `range'. `_default' feature works as for
`seuser'.
[Default: s0]
- serole
Role part of SELinux file context, `_default' feature works as for
`seuser'.
[Default: (null)]
- setype
Type part of SELinux file context, `_default' feature works as for
`seuser'.
[Default: (null)]
- seuser
User part of SELinux file context. Will default to system policy, if
applicable. If set to `_default', it will use the `user' portion of the
policy if available.
[Default: (null)]
- src
Local path to a file to copy to the remote server; can be absolute or
relative. If path is a directory, it is copied recursively. In this
case, if path ends with "/", only inside contents of that directory are
copied to destination. Otherwise, if it does not end with "/", the
directory itself with all contents is copied. This behavior is similar
to Rsync.
[Default: (null)]
- unsafe_writes
Normally this module uses atomic operations to prevent data corruption
or inconsistent reads from the target files, sometimes systems are
configured or just broken in ways that prevent this. One example are
docker mounted files, they cannot be updated atomically and can only be
done in an unsafe manner.
This boolean option allows ansible to fall back to unsafe methods of
updating files for those cases in which you do not have any other
choice. Be aware that this is subject to race conditions and can lead to
data corruption.
[Default: no]
type: bool
version_added: 2.2
- validate
The validation command to run before copying into place. The path to the
file to validate is passed in via '%s' which must be present as in the
example below. The command is passed securely so shell features like
expansion and pipes won't work.
[Default: (null)]
NOTES:
* The [copy] module recursively copy facility does not scale to lots
(>hundreds) of files. For alternative, see [synchronize] module,
which is a wrapper around `rsync'.
* For Windows targets, use the [win_copy] module instead.
AUTHOR: Ansible Core Team, Michael DeHaan
METADATA:
status:
- stableinterface
supported_by: core
</div>
</pre>
</div>
<aside class="notes">
<p><b>TO Make This List SCROLL</b>, click anywhere on the terminal window</p>
<p><b>TO Make This List STOP</b>, click the "Ansible Terminal" text on top of the console</p>
</aside>
</section>

140
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/230_Modules_ansible-doc-CLI-examples.html Normal file
View File

@@ -0,0 +1,140 @@
<section id="ModuleDoc-CLI-ExampleScroll">
<h2>Modules Documentation</h2>
<p>Also displays usable copy / paste examples of working functional tasks with this module.</p>
<div class="terminal space shadow" onclick="scrollDiv_init('AnsibleDocsExamples','40'); this.onclick = null;" style="cursor: pointer;">
<div class="top">
<div class="title">
<a href="javascript:pauseDiv()" style="none; cursor: pointer;">Ansible Terminal</a>
</div>
</div>
<pre class="bodymw">
<font color="gray"><?=$terminal_prompt?></font> ansible-doc copy
<div id="AnsibleDocsExamples" style="overflow:auto;width:auto;height:700px">
<font color="#FF00FF">EXAMPLES:</font>
<mark>- name: example copying file with owner and permissions </mark>
copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: 0644
<mark>- name: The same example as above, but using a symbolic mode equivalent to 0644 </mark>
copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: u=rw,g=r,o=r
<mark>- name: Another symbolic mode example, adding some permissions and removing others </mark>
copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: u+rw,g-wx,o-rwx
<mark>- name: Copy a new "ntp.conf file into place, backing up the original if it differs from the... </mark>
copy:
src: /mine/ntp.conf
dest: /etc/ntp.conf
owner: root
group: root
mode: 0644
backup: yes
<mark>- name: Copy a new "sudoers" file into place, after passing validation with visudo </mark>
copy:
src: /mine/sudoers
dest: /etc/sudoers
validate: /usr/sbin/visudo -cf %s
<mark>- name: Copy a "sudoers" file on the remote machine for editing </mark>
copy:
src: /etc/sudoers
dest: /etc/sudoers.edit
remote_src: yes
validate: /usr/sbin/visudo -cf %s
<mark>- name: Copy using the 'content' for inline data </mark>
copy:
content: '# This file was moved to /etc/other.conf'
dest: /etc/mine.conf'
<font color="#FF00FF">RETURN VALUES:</font>
dest:
description: destination file/path
returned: success
type: string
sample: /path/to/file.txt
src:
description: source file used for the copy on the target machine
returned: changed
type: string
sample: /home/httpd/.ansible/tmp/ansible-tmp-1423796390.97-147729857856000/source
md5sum:
description: md5 checksum of the file after running copy
returned: when supported
type: string
sample: 2a5aeecc61dc98c4d780b14b330e3282
checksum:
description: sha1 checksum of the file after running copy
returned: success
type: string
sample: 6e642bb8dd5c2e027bf21dd923337cbb4214f827
backup_file:
description: name of backup file created
returned: changed and if backup=yes
type: string
sample: /path/to/file.txt.2015-02-12@22:09~
gid:
description: group id of the file, after execution
returned: success
type: int
sample: 100
group:
description: group of the file, after execution
returned: success
type: string
sample: httpd
owner:
description: owner of the file, after execution
returned: success
type: string
sample: httpd
uid:
description: owner id of the file, after execution
returned: success
type: int
sample: 100
mode:
description: permissions of the target, after execution
returned: success
type: string
sample: 0644
size:
description: size of the target, after execution
returned: success
type: int
sample: 1220
state:
description: state of the target, after execution
returned: success
type: string
sample: file
</div>
</pre>
</div>
<aside class="notes">
<p><b>TO Make This List SCROLL</b>, click anywhere on the terminal window</p>
<p><b>TO Make This List STOP</b>, click the "Ansible Terminal" text on top of the console</p>
</aside>
</section>

76
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/240_Modules_ansible-doc-CLI-snippets.html Normal file
View File

@@ -0,0 +1,76 @@
<section id="ModuleDoc-CLI-DashSScroll">
<h2>Modules Documentation</h2>
<p>Starting with the snippet view, you can create your task from pre-formatted scratch.</p>
<div class="terminal space shadow" onclick="scrollDiv_init('AnsibleDocsDashS','20'); this.onclick = null;" style="cursor: pointer;">
<div class="top">
<div class="title">
<a href="javascript:pauseDiv()" style="none; cursor: pointer;">Ansible Terminal</a>
</div>
</div>
<pre class="bodysw">
<font color="gray"><?=$terminal_prompt?></font> ansible-doc copy -s
<div id="AnsibleDocsDashS" style="overflow:auto;width:auto;height:700px">
- name: Copies files to remote locations
copy:
attributes: # Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target system. This string
should contain the attributes in the same order as the one displayed by `lsattr'.
backup: # Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
checksum: # SHA1 checksum of the file being transferred. Used to validate that the copy of the file was successful. If this is not provided, ansible
will use the local calculated checksum of the src file.
content: # When used instead of `src', sets the contents of a file directly to the specified value. For anything advanced or with formatting also
look at the template module.
decrypt: # This option controls the autodecryption of source files using vault.
dest: # (required) Remote absolute path where the file should be copied to. If `src' is a directory, this must be a directory too. If `dest' is a
nonexistent path and if either `dest' ends with "/" or `src' is a directory, `dest' is created. If `src'
and `dest' are files, the parent directory of `dest' isn't created: the task fails if it doesn't already
exist.
directory_mode: # When doing a recursive copy set the mode for the directories. If this is not set we will use the system defaults. The mode is only set on
directories which are newly created, and will not affect those that already existed.
follow: # This flag indicates that filesystem links in the destination, if they exist, should be followed.
force: # the default is `yes', which will replace the remote file when contents are different than the source. If `no', the file will only be
transferred if the destination does not exist.
group: # Name of the group that should own the file/directory, as would be fed to `chown'.
local_follow: # This flag indicates that filesystem links in the source tree, if they exist, should be followed.
mode: # Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers. You must either
specify the leading zero so that Ansible's YAML parser knows it is an octal number (like `0644' or
`01777') or quote it (like `'644'' or `'0644'' so Ansible receives a string and can do its own conversion
from string into number. Giving Ansible a number without following one of these rules will end up with a
decimal number which will have unexpected results. As of version 1.8, the mode may be specified as a
symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r'). As of version 2.3, the mode may also be the
special string `preserve'. `preserve' means that the file will be given the same permissions as the
source file.
owner: # Name of the user that should own the file/directory, as would be fed to `chown'.
remote_src: # If `no', it will search for `src' at originating/master machine. If `yes' it will go to the remote/target machine for the `src'. Default
is `no'. Currently `remote_src' does not support recursive copying. `remote_src' only works with
`mode=preserve' as of version 2.6.
selevel: # Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature works as for
`seuser'.
serole: # Role part of SELinux file context, `_default' feature works as for `seuser'.
setype: # Type part of SELinux file context, `_default' feature works as for `seuser'.
seuser: # User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the `user' portion of
the policy if available.
src: # Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is copied recursively. In this
case, if path ends with "/", only inside contents of that directory are copied to destination. Otherwise,
if it does not end with "/", the directory itself with all contents is copied. This behavior is similar to
Rsync.
unsafe_writes: # Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are
configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be
updated atomically and can only be done in an unsafe manner. This boolean option allows ansible to fall
back to unsafe methods of updating files for those cases in which you do not have any other choice. Be
aware that this is subject to race conditions and can lead to data corruption.
validate: # The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as
in the example below. The command is passed securely so shell features like expansion and pipes won't
work.
</div>
</pre>
</div>
<aside class="notes">
<p><b>TO Make This List SCROLL</b>, click anywhere on the terminal window</p>
<p><b>TO Make This List STOP</b>, click the "Ansible Terminal" text on top of the console</p>
</aside>
</section>

9
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/250_ModulesDocWebSite.html Normal file
View File

@@ -0,0 +1,9 @@
<section id="ModuleDocWebsite" data-background-image="images/modules-doc-screenshots.png">
<div style="position:absolute; right: 50px; top: -330px;">
<h1>Modules Documentation</h1>
</div>
</section>

18
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/260_Modules_Run_Commands.html Normal file
View File

@@ -0,0 +1,18 @@
<section id="CommandOptions">
<h2>Modules: Run Commands</h2>
<p>If Ansible doesn't have a module that suits your needs there are the “run command” modules:</p><br>
<ul>
<li><b>command</b>: Takes the command and executes it on the host. The most secure and predictable.</li>
<li><b>shell</b>: Executes through a shell like <code>/bin/sh</code> so you can use pipes etc. Be careful.</li>
<li><b>raw</b>: Executes a command without going through the Ansible module subsystem.</li><br>
</ul>
<p><br><b>NOTE:</b> Unlike standard modules, run commands have no concept of desired state and should only be used as a last resort.</p>
<aside class="notes">
<p>&quot;Run commands&quot; are what we collectively call these modules that enable users to do command-line operations in different ways. Theyre a great catch all mechanism for getting things done, but they should be used sparingly and as a last resort. The reasons are many and varied.</p>
<p>The overuse of run commands is common amongst those just becoming familiar with Ansible for automating their work. They use <code>shell</code> to fire off a bash command they already know without stopping to look at the Ansible docs. That works well enough initially, but it undermines the value of automating with Ansible and sets things up for problems down the road. <b>As a best practice, always check the hundreds of Ansible shipping modules for what you need and use those first and run commands as a last resort.</b></p>
<p><b>NOTE:</b> <code>shell</code> allows for IO redirection such as pipes. This is why It&apos;s best practice to use <code>command</code> unless they need to pipe something. It also best practice to <strong>never</strong> pass user input or variables thru a run command.</p>
</aside>
</section>

25
roles/lightbulb-ansiblered-deck/files/deck-ansible/html_slides/040_Ansible_Modules/_200_Modules_ansible-doc-CLI-LIST.html Normal file
View File

@@ -0,0 +1,25 @@
<section id="ModuleDoc-CLI-List">
<h2>Modules Documentation</h2>
<p>Returns a list of literally every module available on the system</p>
<div class="terminal space shadow">
<div class="top">
<div class="title">Ansible Terminal</div>
</div>
<pre class="bodymw">
<font color="silver"># List out all modules installed -- returns MANY lines</font>
<font color="gray"><?=$terminal_prompt?></font> ansible-doc -l
copy Copies files to remote...
stat Retrieve file or file ...
synchronize A wrapper around rsync...
template Templates a file out t...
vmware_guest Manages virtual machin...
yum Manages packages with ...
<font color="#FF00FF">Many, many lines have been truncated. This is a very small sample
of the incredibly long list of modules.</font>
</pre>
</div>
</section>