# Ad-Hoc Commands

# Ansible Configuration

In [2]:
cd ~/src/Classes/Ansible

/Users/rick446/src/Classes/Ansible


In [4]:
cat ansible.cfg

[defaults]
inventory = ./inventory
remote_user = root
private_key_file = ./training-ssh-key



In [5]:
cat inventory

[web]
arborian-01.class.arborian.com
arborian-02.class.arborian.com

[db]
arborian-03.class.arborian.com
arborian-04.class.arborian.com

[app]
arborian-05.class.arborian.com
arborian-06.class.arborian.com


# Commands Modules

- command
- expect
- raw
- script
- shell
- telnet

We've already seen the `command` (default) module:

In [6]:
%%bash
ansible web -m command -a 'hostname'

arborian-02.class.arborian.com | SUCCESS | rc=0 >>
arborian-02
arborian-01.class.arborian.com | SUCCESS | rc=0 >>
arborian-01


The `raw` module can be used to 'bootstrap' Ansible:

In [9]:
%%bash
# -- become is technically unnecessary here because we set the default user to be 'root'
ansible all --become -m raw -a "apt install -y python python-simplejson"

arborian-03.class.arborian.com | SUCCESS | rc=0 >>
Reading package lists... 0%Reading package lists... 100%Reading package lists... Done
Building dependency tree... 0%Building dependency tree... 0%Building dependency tree... 50%Building dependency tree... 50%Building dependency tree       
Reading state information... 0%Reading state information... 3%Reading state information... Done
python is already the newest version (2.7.11-1).
python-simplejson is already the newest version (3.8.1-1ubuntu2).
The following package was automatically installed and is no longer required:
  grub-pc-bin
Use 'apt autoremove' to remove it.
0 upgraded, 0 newly installed, 0 to remove and 24 not upgraded.
Shared connection to arborian-03.class.arborian.com closed.

arborian-04.class.arborian.com | SUCCESS | rc=0 >>
Reading package lists... 0%Reading package lists... 100%Reading package lists... Done
Building dependency tree... 0%Building dependency tree... 0%Buildi

We can use the `shell` module to execute commands in a particular shell:

In [13]:
%%bash
ansible localhost -m shell -a 'echo $(hostname) $USER'

localhost | SUCCESS | rc=0 >>
faramir.local rick446


In [18]:
%%bash
ansible localhost -m shell -a 'executable=/bin/sh "echo $(hostname) $USER"'

localhost | FAILED | rc=127 >>
/bin/sh: echo faramir.local rick446: command not foundnon-zero return code


# Misc. Modules

## Ping

Check to see if the host is up and the Ansible system is working there

In [19]:
%%bash
ansible all -m ping 

arborian-02.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}
arborian-01.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}
arborian-03.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}
arborian-05.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}
arborian-06.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}
arborian-04.class.arborian.com | SUCCESS => {
    "changed": false,
    "failed": false,
    "ping": "pong"
}


# Setup

Gather facts about the host

In [21]:
%%bash
ansible localhost -m setup

localhost | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "172.18.80.125"
        ],
        "ansible_all_ipv6_addresses": [
            "fe80::2815:7cff:fe63:cf6c%awdl0",
            "fe80::9822:2add:c15d:ecd3%utun0",
            "fe80::75fe:a194:e8a3:4cfa%utun1"
        ],
        "ansible_apparmor": {
            "status": "disabled"
        },
        "ansible_architecture": "x86_64",
        "ansible_awdl0": {
            "device": "awdl0",
            "flags": [
                "UP",
                "BROADCAST",
                "RUNNING",
                "PROMISC",
                "SIMPLEX",
                "MULTICAST"
            ],
            "ipv4": [],
            "ipv6": [
                {
                    "address": "fe80::2815:7cff:fe63:cf6c%awdl0",
                    "prefix": "64",
                    "scope": "0x8"
                }
            ],
            "macaddress": "2a:15:7c:63:cf:6c",
            "media": "Unknown

# `copy`, `file`

Manipulate files on the host

In [25]:
%%bash
ansible web -m copy -a "src=ansible.cfg dest=/root/ansible.cfg"
ansible web -m file -a "dest=/root/ansible.cfg mode=0600 owner=nobody"

arborian-02.class.arborian.com | SUCCESS => {
    "changed": false,
    "checksum": "9672939689774c8ce591eb21094a00ae285b59c1",
    "failed": false,
    "gid": 0,
    "group": "root",
    "mode": "0644",
    "owner": "root",
    "path": "/root/ansible.cfg",
    "size": 93,
    "state": "file",
    "uid": 0
}
arborian-01.class.arborian.com | SUCCESS => {
    "changed": false,
    "checksum": "9672939689774c8ce591eb21094a00ae285b59c1",
    "failed": false,
    "gid": 0,
    "group": "root",
    "mode": "0644",
    "owner": "root",
    "path": "/root/ansible.cfg",
    "size": 93,
    "state": "file",
    "uid": 0
}
arborian-02.class.arborian.com | SUCCESS => {
    "changed": true,
    "failed": false,
    "gid": 0,
    "group": "root",
    "mode": "0600",
    "owner": "nobody",
    "path": "/root/ansible.cfg",
    "size": 93,
    "state": "file",
    "uid": 65534
}
arborian-01.class.arborian.com | SUCCESS => {
    "changed": true,
    "failed": false,
    "gid": 0,
    "group": "root",
  

# Packaging Modules: Control installed packages

http://docs.ansible.com/ansible/latest/list_of_packaging_modules.html

In [None]:
%%bash
ansible web -m apt -a 'name=nginx state=latest'

In [None]:
%%bash
ansible localhost -m homebrew -a 'name=python3 state=latest update_homebrew=yes'

`user` to create users
`authorized_key` to add ssh keys

In [29]:
%%bash
ansible web -m user -a 'name=rick'
ansible web -m authorized_key -a 'user=rick state=present key=https://raw.githubusercontent.com/Arborian/ansible-class/master/training-ssh-key.pub'

arborian-02.class.arborian.com | SUCCESS => {
    "append": false,
    "changed": false,
    "comment": "",
    "failed": false,
    "group": 1000,
    "home": "/home/rick",
    "move_home": false,
    "name": "rick",
    "shell": "",
    "state": "present",
    "uid": 1000
}
arborian-01.class.arborian.com | SUCCESS => {
    "append": false,
    "changed": false,
    "comment": "",
    "failed": false,
    "group": 1000,
    "home": "/home/rick",
    "move_home": false,
    "name": "rick",
    "shell": "",
    "state": "present",
    "uid": 1000
}
arborian-01.class.arborian.com | SUCCESS => {
    "changed": true,
    "comment": null,
    "exclusive": false,
    "failed": false,
    "key": "https://raw.githubusercontent.com/Arborian/ansible-class/master/training-ssh-key.pub",
    "key_options": null,
    "keyfile": "/home/rick/.ssh/authorized_keys",
    "manage_dir": true,
    "path": null,
    "state": "present",
    "unique": false,
    "user": "rick",
    "validate_certs": true
}
arb

`git` for deploying from source control

In [30]:
%%bash
ansible web -m git -u rick -a 'repo=https://github.com/Arborian/ansible-class.git dest=/home/rick/ansible-class'

arborian-01.class.arborian.com | SUCCESS => {
    "after": "ee2e973a35df551fdf622b41d2942de810a6bcfe",
    "before": null,
    "changed": true,
    "failed": false
}
arborian-02.class.arborian.com | SUCCESS => {
    "after": "ee2e973a35df551fdf622b41d2942de810a6bcfe",
    "before": null,
    "changed": true,
    "failed": false
}


# Lab: Ad-hoc Commands

Using Ansible one-off commands:

- Create a user for yourself on the `web` hosts
- Make sure you can use the training key to ssh into the hosts as your user without a password
- Check out the class repository into your user's account