# Simple Playbooks

**Playbooks** are files that specify **plays** which consist of one or more **tasks** to run on various hosts.

Playbooks are written as [YAML](http://yaml.org) files.

A simple playbook with one play:

In [1]:
cd ~/src/Classes/Ansible

/Users/rick446/src/Classes/Ansible


In [2]:
cat playbooks/basic.yaml

- name: First play
  hosts: all
  remote_user: root
  tasks:
  - name: Say my name
    command: whoami
    notify: "demo notify"
  - name: Get the system date and time
    command: date
    notify: "demo notify"
  - name: Ping just for fun
    ping: {}
  handlers:
  - name: demo notify
    command: 'echo Running the demo notify'


To run the playbook, we use the `ansible-playbook` command:

In [7]:
%%bash
ansible-playbook playbooks/basic.yaml


PLAY [First play] **************************************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-02.class.arborian.com]
ok: [arborian-01.class.arborian.com]

TASK [Say my name] *************************************************************
changed: [arborian-02.class.arborian.com]
changed: [arborian-01.class.arborian.com]

TASK [Get the system date and time] ********************************************
changed: [arborian-02.class.arborian.com]
changed: [arborian-01.class.arborian.com]

TASK [Ping just for fun] *******************************************************
ok: [arborian-02.class.arborian.com]
ok: [arborian-01.class.arborian.com]

RUNNING HANDLER [demo notify] **************************************************
changed: [arborian-02.class.arborian.com]
changed: [arborian-01.class.arborian.com]

PLAY RECAP *********************************************************************
arborian-01.class.arborian

You can also get the output of each task by running in *verbose* mode:

In [8]:
%%bash
ansible-playbook -v playbooks/basic.yaml

Using /Users/rick446/src/Classes/Ansible/ansible.cfg as config file

PLAY [First play] **************************************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-02.class.arborian.com]
ok: [arborian-01.class.arborian.com]

TASK [Say my name] *************************************************************
changed: [arborian-02.class.arborian.com] => {"changed": true, "cmd": ["whoami"], "delta": "0:00:00.003563", "end": "2017-10-11 20:42:15.127325", "failed": false, "rc": 0, "start": "2017-10-11 20:42:15.123762", "stderr": "", "stderr_lines": [], "stdout": "root", "stdout_lines": ["root"]}
changed: [arborian-01.class.arborian.com] => {"changed": true, "cmd": ["whoami"], "delta": "0:00:00.004047", "end": "2017-10-11 20:42:15.223374", "failed": false, "rc": 0, "start": "2017-10-11 20:42:15.219327", "stderr": "", "stderr_lines": [], "stdout": "root", "stdout_lines": ["root"]}

TASK [Get the system date and tim

# (Aside) Bootstrapping without Python

To bootstrap your hosts in a playbook, you can do the following:

In [9]:
cat playbooks/bootstrap.yaml

- hosts: all
  gather_facts: off
  become: on
  tasks:
  - name: Boostrap Ansible requirements
    raw: apt-get install -y python python-simplejson


In [20]:
%%bash
ansible-playbooks -v playbooks/bootstrap.yaml

bash: line 1: ansible-playbooks: command not found


# Playbook Variables

When running `ansible-playbook`, we can use *variables* to change the way the playbook operates. 

When variables are defined, we can use their value in the playbook using the [Jinja2](http://jinja.pocoo.org/docs/dev/templates/) variable substitution syntax:

`{{var_name}}`


This playbook uses a `username` variable:

```
- hosts: all
  remote_user: root
  vars:
    username: YOU-NEED-TO-OVERRIDE-THIS
  tasks:
  - name: create user
    user:
        name: '{{username}}'
        groups: sudo
        generate_ssh_key: yes
        shell: /bin/bash
```



If we don't override the `username` variable, then this playbook would create a user with the username `YOU-NEED-TO-OVERRIDE-THIS`. Fortunately, we can override the variable with the `-e username NEWUSERNAME` argument to `ansible-playbook`.

We can also prompt the user running Ansible for values of various variables using `vars_prompt`:

```
  vars_prompt:
    - name: username
      prompt: What is your username?
```

In [16]:
%%bash
ansible-playbook playbooks/setup-user.yaml -e username=someone  # does not prompt since we supply the username


PLAY [web] *********************************************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-02.class.arborian.com]
ok: [arborian-01.class.arborian.com]

TASK [Let the sudo group use sudo without a password] **************************
ok: [arborian-02.class.arborian.com]
ok: [arborian-01.class.arborian.com]

TASK [create user] *************************************************************
ok: [arborian-01.class.arborian.com]
ok: [arborian-02.class.arborian.com]

TASK [Authorize the newly-created ssh key] *************************************
ok: [arborian-01.class.arborian.com]
ok: [arborian-02.class.arborian.com]

TASK [Retrieve newly-created ssh (private) key] ********************************
fatal: [arborian-01.class.arborian.com]: FAILED! => {"changed": false, "checksum": "701217ee6e759e8a7b2b038e9bd5e47a1a34a30d", "dest": "/Users/rick446/src/Classes/Ansible/someone_id_rsa", "failed": true, "file": 

# Lab: Update Ansible to update your user on the remote server

- `git pull` to update your checkout of the `ansible-class` repository
- Use the playbook in `playbooks/setup-user.yaml` to update your user account on the class server (`ansible-playbook playbooks/setup-user.yaml -e username=YOUR-USER-NAME`)
- Update the `ansible.cfg` file to reflect your username and your newly-retrieved ssh key file
- Verify that you can run things as your own user by doing a `ansible all -m ping`

# Facts: Information discovered from remote systems

We can get a lot of information to be used in playbooks from *Facts* collected by Ansible. To get a feel for what's available, you can use the `setup` module:

In [17]:
%%bash
ansible localhost -m setup

localhost | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.43.12"
        ],
        "ansible_all_ipv6_addresses": [
            "fe80::2815:7cff:fe63:cf6c%awdl0",
            "fe80::9822:2add:c15d:ecd3%utun0",
            "fe80::75fe:a194:e8a3:4cfa%utun1"
        ],
        "ansible_apparmor": {
            "status": "disabled"
        },
        "ansible_architecture": "x86_64",
        "ansible_awdl0": {
            "device": "awdl0",
            "flags": [
                "UP",
                "BROADCAST",
                "RUNNING",
                "PROMISC",
                "SIMPLEX",
                "MULTICAST"
            ],
            "ipv4": [],
            "ipv6": [
                {
                    "address": "fe80::2815:7cff:fe63:cf6c%awdl0",
                    "prefix": "64",
                    "scope": "0x8"
                }
            ],
            "macaddress": "2a:15:7c:63:cf:6c",
            "media": "Unknown

In [25]:
%%bash
ansible web -m setup -a 'filter=ansible_interfaces'

arborian-01.class.arborian.com | SUCCESS => {
    "ansible_facts": {
        "ansible_interfaces": [
            "lo",
            "eth0"
        ]
    },
    "changed": false,
    "failed": false
}
arborian-02.class.arborian.com | SUCCESS => {
    "ansible_facts": {
        "ansible_interfaces": [
            "lo",
            "eth0"
        ]
    },
    "changed": false,
    "failed": false
}


Once we have these facts, we can use them in subsequent tasks (`setup` is always run at the beginning of the play).

In [26]:
cat playbooks/dump-facts.yaml

- hosts: web
  tasks:
  - name: Create a file using some facts
    template: src=templates/dump-facts.j2 dest=~/dump-facts.txt


In [27]:
cat templates/dump-facts.j2

ansible_cmdline:
{% for k, v in ansible_cmdline.items() %}
    {{ k }}: {{ v }}
{% endfor %}


ansible_default_ipv4:
{% for k, v in ansible_default_ipv4.items() %}
    {{ k }}: {{ v }}
{% endfor %}

In [28]:
%%bash
ansible-playbook playbooks/dump-facts.yaml

Process is interrupted.


# Building bigger playbooks

Ansible encourages reuse by letting you `import_tasks` into a playbook. You can also set variables when you do so, as in `make-roster.yaml`:

In [29]:
cat playbooks/books/make-roster.yaml

- hosts: arborian-01.class.arborian.com
  become: true
  tasks:
    - name: Ensure file exists
      file: path=~/roster.txt state=touch
    - name: Include rick
      include: tasks/roster-user.yaml name="Rick Copeland" email="rick@arborian.com" regexp=rick


In [30]:
cat tasks/roster-user.yaml

- name: Add user to roster
  lineinfile: line="{{name}} {{email}}" dest=~/roster.txt regexp={{regexp}}


In [34]:
%%bash
ansible-playbook playbooks/make-roster.yaml


PLAY [arborian-01.class.arborian.com] ******************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-01.class.arborian.com]

TASK [Ensure file exists] ******************************************************
changed: [arborian-01.class.arborian.com]

TASK [Add user to roster] ******************************************************
changed: [arborian-01.class.arborian.com]

PLAY RECAP *********************************************************************
arborian-01.class.arborian.com : ok=3    changed=2    unreachable=0    failed=0   



We can also use variables and loops when doing our includes via the `with_items` key, as in make-roster2.yaml, but in this case we must use `include_tasks`:

In [37]:
cat playbooks/make-roster2.yaml

- hosts: arborian-01.class.arborian.com
  become: true
  vars:
    users:
        - name: Rick Copeland
          email: rick@arborian.com
          regexp: rick
  tasks:
    - name: Ensure file exists
      file: path=~/roster.txt state=touch
    - name: Perform some dynamic includes
      include_tasks: "tasks/roster-user.yaml name={{item.name}} email={{item.email}} regexp={{item.regexp}}"
      with_items: '{{users}}'


In [39]:
%%bash
ansible-playbook playbooks/make-roster2.yaml


PLAY [arborian-01.class.arborian.com] ******************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-01.class.arborian.com]

TASK [Ensure file exists] ******************************************************
fatal: [arborian-01.class.arborian.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: mux_client_request_session: read from master failed: Broken pipe\r\nConnection timed out during banner exchange\r\n", "unreachable": true}
	to retry, use: --limit @/Users/rick446/src/Classes/Ansible/playbooks/make-roster2.retry

PLAY RECAP *********************************************************************
arborian-01.class.arborian.com : ok=1    changed=0    unreachable=1    failed=0   



Finally, there's an alternate syntax we can use for the arguments to `include_tasks`:

In [40]:
cat playbooks/make-roster3.yaml

- hosts: arborian-01.class.arborian.com
  become: true
  vars:
    users:
        - name: Rick Copeland
          email: rick@arborian.com
          regexp: rick
  tasks:
    - name: Ensure file exists
      file: path=~/roster.txt state=touch
    - name: Perform some dynamic includes
      include_tasks: ../tasks/roster-user.yaml
      vars:
        name: "{{item.name}}"
        email: "{{item.email}}"
        regexp: "{{item.regexp}}"
      with_items: '{{users}}'


In [41]:
%%bash
ansible-playbook playbooks/make-roster3.yaml


PLAY [arborian-01.class.arborian.com] ******************************************

TASK [Gathering Facts] *********************************************************
ok: [arborian-01.class.arborian.com]

TASK [Ensure file exists] ******************************************************
changed: [arborian-01.class.arborian.com]

TASK [Perform some dynamic includes] *******************************************
included: /Users/rick446/src/Classes/Ansible/tasks/roster-user.yaml for arborian-01.class.arborian.com

TASK [Add user to roster] ******************************************************
ok: [arborian-01.class.arborian.com]

PLAY RECAP *********************************************************************
arborian-01.class.arborian.com : ok=4    changed=1    unreachable=0    failed=0   



# Lab: Add yourself to the roster

Using the `make-roster.yaml` files as templates, create a class roster in your home directory on arborian-01.class.arborian.com

# Some reference information

# Anatomy of a Play

A play has several different keys which may be present:

- `hosts` - list the hosts on which this play should run
- `tasks` - list of tasks to run
- `handlers` - list of handlers to run *if notified by a task*
- `gather_facts` - allows you to disable running `setup` on each host at the beginning of a play
- `become` - if True, become root during the play
- `remote_user` - override the default remote_user
- `vars` - variables which can be used later via Jinja
- `vars_prompt` - variables whose values can be interactively prompted for


# Task Modifiers

- `when` - only execute the task when the condition is true
- `with_items` - repeat the task with each of the items listed
- `with_nested` - nested loops of tasks
- `with_dict` - iterate over items in a hash (`item.key` and `item.value` are available each iteration)
- `with_...` - many other ways to repeat tasks (see http://docs.ansible.com/ansible/latest/playbooks_loops.html for a full list)
- `with_fileglob` - iterate over a globbed list of files
- `with_filetree` - iterate over all files in a tree
- `register` - the result of this task gets put in a variable to be used in a later task