EzDevInfo.com

ansible interview questions

Top ansible frequently asked interview questions

How to get the host name of the current machine as defined in the Ansible hosts file?

I'm setting up an Ansible playbook to set up a couple servers. There are a couple of tasks that I only want to run if the current host is my local dev host, named "local" in my hosts file. How can I do this? I can't find it anywhere in the documentation.

I've tried this when statement, but it fails because ansible_hostname resolves to the host name generated when the machine is created, not the one you define in your hosts file.

- name: Install this only for local dev machine
  pip: name=pyramid
  when: ansible_hostname == "local"

Source: (StackOverflow)

How to create a directory using Ansible?

How to create a directory www at /srv on a debian based system using a Ansible playbook?


Source: (StackOverflow)

Advertisements

How do you stop Ansible from creating .retry files in the home directory?

When Ansible has problems running plays against a host, it will output the name of the host into a file in the user's home directory ending in '.retry'. These are often not used and just cause clutter, is there a way to turn them off or put them in a different directory?


Source: (StackOverflow)

Where to store Ansible host file on Mac OS X

I am trying to get started with Ansible to provision my Vagrantbox, but I can’t figure out how to deal with host files.

According to the documentation the should be storred in /etc/ansible/hosts, but I can’t find this on my system (Mac OS X). I also seen examples where the host.ini file situated in the document root adjacent to the vagrant file.

So my question is where would you store your hostfile for setting up a single vagrant box?


Source: (StackOverflow)

ansible: lineinfile for several lines?

The same way there is "lineinfile" to add one line in a file, is there a way to add several lines?

I do not want to use a template because you have to provide the whole file. I just want to add something to an existing file without necessarily knowing what the file already contains so a template is not an option.


Source: (StackOverflow)

How to move/rename a file using an Ansible task on a remote system

How is it possible to move/rename a file/directory using an Ansible module on a remote system? I don't want to use the command/shell tasks and I don't want to copy the file from the local system to the remote system.


Source: (StackOverflow)

Where can I get a list of Ansible pre-defined variables?

I see that Ansible provide some pre-defined variables that we can use in playbooks and template files. For example, the host ip address is ansible_eth0.ipv4.address. Googleing and searching the docs I cound't find a list of all available variables. Would someone list them for me?


Source: (StackOverflow)

Safely limiting Ansible playbooks to a single machine?

I'm using Ansible for some simple user management tasks with a small group of computers. Currently, I have my playbooks set to hosts: all and my hosts file is just a single group with all machines listed:

# file: hosts
[office]
imac-1.local
imac-2.local
imac-3.local

I've found myself frequently having to target a single machine. The ansible-playbook command can limit plays like this:

ansible-playbook --limit imac-2.local user.yml

But that seems kind of fragile, especially for a potentially destructive playbook. Leaving out the limit flag means the playbook would be run everywhere. Since these tools only get used occasionally, it seems worth taking steps to foolproof playback so we don't accidentally nuke something months from now.

Is there a best practice for limiting playbook runs to a single machine? Ideally the playbooks should be harmless if some important detail was left out.


Source: (StackOverflow)

How to create an empty file with Ansible?

What is the easiest way to create an empty file using Ansible? I know I can save an empty file into the files directory and then copy it to the remote host, but I find that somewhat unsatisfactory.

Another way is to touch a file on the remote host:

- name: create fake 'nologin' shell
  file: path=/etc/nologin state=touch owner=root group=sys mode=0555

But then the file gets touched every time it, showing up as a yellow line in the log, which is also unsatisfactory...

Is there any better solution to this simple problem?


Source: (StackOverflow)

How to switch a user per task or set of tasks?

A recurring theme that's in my ansible playbooks is that I often must execute a command with sudo privileges (sudo: yes) because I'd like to do it for a certain user. Ideally I'd much rather use sudo to switch to that user and execute the commands normally. Because then I won't have to do my usual post commands clean up such as chowning directories. Here's a snippet from one of my playbooks:

- name: checkout repo
  git: repo=https://github.com/some/repo.git version=master dest={{ dst }}
  sudo: yes
- name: change perms
  file: dest={{ dst }} state=directory mode=0755 owner=some_user
  sudo: yes

Ideally I could run commands or sets of commands as a different user even if it requires sudo to su to that user.


Source: (StackOverflow)

user vs sudo vs sudo_user in ansible playbooks

I have read the Ansible documentation but I am still a bit confused about the three following parameters in ansible playbooks: user, sudo, sudo_user.

I have tried the following playbooks with different combination of the parameters:

  1. user:deploy => Works

  2. user:deploy and sudo: True => Hangs on the git task

  3. user:deploy, sudo: True and sudo_user: deploy => Works

What does sudo_user actually do? When and why should I use each of these combinations?

- hosts: all
  user: deploy
  sudo: True
  sudo_user: deploy

  tasks:
      - name: Ensure code directory
        file: dest=/home/deploy/code state=directory

      - name: Deploy app
        git: repo=git@bitbucket.org:YAmikep/djangotutorial.git dest=/home/deploy/code

Thanks


Source: (StackOverflow)

What's the difference between defaults and vars in an Ansible role?

When creating a new Ansible role, the template creates both a vars and a defaults directory with an empty main.yml file. When defining my role, I can place variable definitions in either of these, and they will be available in my tasks.

What's the difference between putting the definitions into defaults and vars? What should go into defaults, and what should to into vars? Does it make sense to use both for the same data?

I know that there's a difference in precedence/priority between the two, but I would like to understand what should go where.

Let's say that my role would create a list of directories on the target system. I would like to provide a list of default directories to be created, but would like to allow the user to override them when using the role.

Here's what this would look like:

---
- directories:
  - foo
  - bar
  - baz

I could place this either into the defaults/main.yml or in the vars/main.yml, from an execution perspective, it wouldn't make any difference - but where should it go?


Source: (StackOverflow)

Ansible idempotent MySQL installation Playbook

I want to setup a MySQL server on AWS, using Ansible for the configuration management. I am using the default AMI from Amazon (ami-3275ee5b), which uses yum for package management.

When the Playbook below is executed, all goes well. But when I run it for a second time, the task Configure the root credentials fails, because the old password of MySQL doesn't match anymore, since it has been updated the last time I ran this Playbook.

This makes the Playbook non-idempotent, which I don't like. I want to be able to run the Playbook as many times as I want.

- hosts: staging_mysql
  user: ec2-user
  sudo: yes

  tasks:
    - name: Install MySQL
      action: yum name=$item
      with_items:
        - MySQL-python
        - mysql
        - mysql-server

    - name: Start the MySQL service
      action: service name=mysqld state=started

    - name: Configure the root credentials
      action: command mysqladmin -u root -p $mysql_root_password

What would be the best way to solve this, which means make the Playbook idempotent? Thanks in advance!


Source: (StackOverflow)

SSH Agent Forwarding with Ansible

I’m using Ansible 1.5.3 and Git with ssh agent forwarding (https://help.github.com/articles/using-ssh-agent-forwarding). I can log into the server that I am managing with Ansible and test that my connection to git is correctly configured:

ubuntu@test:~$ ssh -T git@github.com
Hi gituser! You've successfully authenticated, but GitHub does not provide shell access.

I can also clone and update one of my repos using this account so my git configuration looks good and uses ssh forwarding when I log into my server directly via ssh.

The problem: When I attempt the same test shown above using the Ansible command module. It fails with “Permission denied”. Part of the Ansible output (with verbose logging) looks like this:

failed: [xxx.xxxxx.com] => {"changed": true, "cmd": ["ssh", "-T", "git@github.com"], "delta": "0:00:00.585481", "end": "2014-06-09 14:11:37.410907", "rc": 255, "start": "2014-06-09 14:11:36.825426"}
stderr: Permission denied (publickey).

Here is the simple playbook that runs this command:

- hosts: webservers
  sudo: yes
  remote_user: ubuntu

  tasks:

  - name: Test that git ssh connection is working.
    command: ssh -T git@github.com

The question: why does everything work correctly when I manually log in via ssh and run the command but fail when the same command is run as the same user via Ansible?

I will post the answer shortly if no one else beats me to it. Although I am using git to demonstrate the problem, it could occur with any module that depends on ssh agent forwarding. It is not specific to Ansible but I suspect many will first encounter the problem in this scenario.


Source: (StackOverflow)

How to copy files between two nodes using ansible

I need to copy file form machine A to machine B whereas my control machine from where i run all my ansible tasks is machine C(local machine)

I have tried the following:

  1. use scp command in shell module of ansible
hosts: machine2
user: user2
tasks:
  - name: Copy file from machine1 to machine2 
    shell: scp user1@machine1:/path-of-file/file1 /home/user2/file1

This approach just goes on and on never ends.

  1. use fetch & copy modules
hosts: machine1
user: user1
tasks:
  - name: copy file from machine1 to local
    fetch: src=/path-of-file/file1 dest=/path-of-file/file1

hosts: machine2
user: user2
tasks:
  - name: copy file from local to machine2
    copy: src=/path-of-file/file1 dest=/path-of-file/file1

This approach throws me an error as follows:

error while accessing the file /Users//.ansible/cp/ansible-ssh-machine2-22-, error was: [Errno 102] Operation not supported on socket: u'/Users//.ansible/cp/ansible-ssh-machine2-22-'

Any suggestions would be helpful.


Source: (StackOverflow)