Commonly Used Ansible Modules

Commonly Used Ansible Modules

Table of Contents

  • Commonly Used Ansible Modules

    • 11.1 Usage of the setup module

    • 10.1 Options for the get_url module

    • 10.2 Usage of the get_url module

    • 9.1 Options for the fetch module

    • 9.2 Usage of the fetch module

    • 8.1 Options for the group module

    • 8.2 Usage of the group module

    • 7.1 Options for the user module

    • 7.2 Usage of the user module

    • 6.1 Options for the systemd module

    • 6.2 Usage of the systemd module

    • 5.1 Options for the service module

    • 5.2 Usage of the service module

    • 4.1 Options for the yum module

    • 4.2 Usage of the yum module

    • 3.1 Options for the yum_repository module

    • 3.2 Usage of the yum_repository module

    • 2.1 Options for the copy module

    • 2.2 Usage of the copy module

    • 1.1 Options for the file module

    • 1.2 Usage of the file module

    • 1.2.2 Create Directory

    • 1.2.3 Delete File/Directory

    • 1.2.1 Create File on Remote Host Using the file Module

    • 1. file module

    • 2. copy module

    • 3. yum_repository module

    • 4. yum module

    • 5. service module

    • 6. systemd module

    • 7. user module

    • 8. group module

    • 9. fetch module

    • 10. get_url module

    • 11. setup module

Commonly Used Ansible Modules

The following are commonly used modules, and there are many other modules that can be found in the documentation.

All module usages here are demonstrated using Ad-Hoc commands. The playbook method will be discussed later.

  • file module

  • copy module

  • yum_repository module

  • yum module

  • service module

  • systemd module

  • user module

  • group module

  • fetch module

  • get_url module

  • setup module

1. file module

1.1 Options for the file module

The file module is mainly used for file operations on remote hosts, with the following options:

  • path: Required, defines the path of the file/directory

  • state:

    • file: Check the file status, default option, will report an error if the file does not exist and will not create it

    • touch: If the file does not exist, it will create it; if it already exists, it will update the timestamp

    • absent: Delete the directory, file, or cancel the symbolic link

    • directory: Create the directory if it does not exist

    • link: Create a symbolic link

    • hard: Create a hard link

  • owner: Define the owner of the file/directory

  • group: Define the group of the file/directory

  • mode: Define the permissions of the file

  • src: The path of the source file to be linked, only applies when state=link

  • dest: The path to link to, only applies when state=link

1.2 Usage of the file module

1.2.1 Create File on Remote Host Using the file Module

[ansible@master ansible]$ ansible all -m file -a "path=/tmp/file1 state=touch owner=ansible group=root mode=666"




192.168.200.210 | CHANGED => {

"ansible_facts": {

"discovered_interpreter_python": "/usr/bin/python3"

},

"changed": true,

"dest": "/tmp/file1",

"gid": 0,

"group": "root",

"mode": "0666",

"owner": "ansible",

"size": 0,

"state": "file",

"uid": 1000

}

Using path to define the file’s path, state as touch creates/updates the timestamp, the file’s owner is ansible, the group is root, and the permissions are 666. Now let’s check on the remote host to see if it is as expected.

[ansible@master ansible]$ ansible all -m shell -a "ls -l /tmp/file1"

192.168.200.210 | CHANGED | rc=0 >>

-rw-rw-rw- 1 ansible root 0 Jun 20 13:38 /tmp/file1

As we can see, everything was created as we intended.

1.2.2 Create Directory

[ansible@master ansible]$ ansible all -m file -a "path=/tmp/dire1 state=directory"




192.168.200.210 | CHANGED => {

"ansible_facts": {

"discovered_interpreter_python": "/usr/bin/python3"

},

"changed": true,

"gid": 0,

"group": "root",

"mode": "0755",

"owner": "root",

"path": "/tmp/dire1",

"size": 40,

"state": "directory",

"uid": 0

}

This time we did not specify permissions, owner, or group; it created according to the defaults. The output shows that the group is root, the owner is root, and the permissions are 755.

1.2.3 Delete File/Directory

[ansible@master ansible]$ ansible all -m file -a "path=/tmp/dire1 state=absent"



192.168.200.210 | CHANGED => {

"ansible_facts": {

"discovered_interpreter_python": "/usr/bin/python3"

},

"changed": true,

"path": "/tmp/dire1",

"state": "absent"

}




[ansible@master ansible]$ ansible all -m file -a "path=/tmp/file1 state=absent"

192.168.200.210 | CHANGED => {

"ansible_facts": {

"discovered_interpreter_python": "/usr/bin/python3"

},

"changed": true,

"path": "/tmp/file1",

"state": "absent"

}

When deleting, it does not differentiate between directories and files; just provide the file path to delete.

2. copy module

As the name suggests, it is used to copy files to remote hosts.

2.1 Options for the copy module

  • src: The local file to be copied to the remote host

    • Note: If the destination is a directory, it will copy recursively. In this case, if the path ends with /, it will copy all files under the directory; if it does not end with /, it will copy the local directory as is, similar to rsync.

  • dest:Required, the path where the source file will be copied on the remote host

  • force: If the file exists on the target host but the content is different, if set to yes, it will force overwrite; if set to no, it will only copy if the target location does not already have the file, default is yes.

  • backup: Backup the original file before overwriting.

  • content: Used to replace src, can directly specify file content.

  • remote_src: Use this if the file to be copied is on the remote host and not on the Ansible control node.Note: This only changes src to the remote host; it does not copy files from the remote host to local, but rather copies a file from one remote host to another remote node.

2.2 Usage of the copy module

[ansible@master ansible]$ ansible all -m copy -a "src=./ansible.cfg dest=/tmp/ansible.cfg"

192.168.200.210 | CHANGED => {

"ansible_facts": {

"discovered_interpreter_python": "/usr/bin/python3"

},

"changed": true,

"checksum": "b4eeb9b83b919c3f57d7e92dbde263a35713dca4",

"dest": "/tmp/ansible.cfg",

"gid": 0,

"group": "root",

"md5sum": "156467e44d3da8b3a40b2ca409f86ae8",

"mode": "0644",

"owner": "root",

"size": 19974,

"src": "/root/.ansible/tmp/ansible-tmp-1718863118.8950412-44119-223733622484954/source",

"state": "file",

"uid": 0

}

Specify file content to the remote host.

[ansible@master ansible]$ ansible all -m copy -a "content='hello,world' dest=/tmp/hello"

[ansible@master ansible]$ ansible all -m shell -a "cat /tmp/hello"

192.168.200.210 | CHANGED | rc=0 >>

hello,world

3. yum_repository module

The yum_repository is used to specify the repo file for yum repositories.

3.1 Options for the yum_repository module

  • file: The name of the configuration file, do not include repo

  • name: The name of the yum repository

  • description: The description of the repository

  • baseurl: The address of the yum repository

  • enabled: Whether to enable this yum repository

  • gpgcheck: Whether to enable gpg checking

3.2 Usage of the yum_repository module

[ansible@master ansible]$ ansible all -m yum_repository -a "file=ansible name=AppStream baseurl=http://test.com enabled=1 gpgcheck=0 description='this is test repo file'"

192.168.200.210 | CHANGED => {

"changed": true,

"repo": "AppStream",

"state": "present"

}

Let’s check this file on the remote host.

[root@node1 tmp]# cd /etc/yum.repos.d/

[root@node1 yum.repos.d]# ls

ansible.repo  kubernetes.repo  openEuler.repo



[root@node1 yum.repos.d]# cat ansible.repo 

[AppStream]

baseurl = http://test.com

enabled = 1

gpgcheck = 0

name = this is test repo file

This module is relatively simple, with a single function.

4. yum module

Used to install packages using yum.

4.1 Options for the yum module

  • name: Specify the name of the package to install

  • state: Specify the action

    • present: Install

    • latest: Latest version

    • absent: Remove

4.2 Usage of the yum module

Remove nginx

[ansible@master ansible]$ ansible all -m yum -a "name=nginx state=absent"

192.168.200.210 | CHANGED => {

"ansible_facts": {

"pkg_mgr": "dnf"

},

"changed": true,

"msg": "",

"rc": 0,

"results": [

"Removed: nginx-1:1.21.5-6.oe2203sp3.x86_64",

"Removed: nginx-all-modules-1:1.21.5-6.oe2203sp3.noarch",

"Removed: nginx-mod-http-image-filter-1:1.21.5-6.oe2203sp3.x86_64",

"Removed: nginx-mod-http-perl-1:1.21.5-6.oe2203sp3.x86_64",

"Removed: nginx-mod-http-xslt-filter-1:1.21.5-6.oe2203sp3.x86_64",

"Removed: nginx-mod-mail-1:1.21.5-6.oe2203sp3.x86_64",

"Removed: nginx-mod-stream-1:1.21.5-6.oe2203sp3.x86_64"

]

}

Install httpd

[ansible@master ansible]$ ansible all -m yum -a "name=nginx state=present"

192.168.200.210 | CHANGED => {

"ansible_facts": {

"pkg_mgr": "dnf"

},

"changed": true,

"msg": "",

"rc": 0,

"results": [

"Installed: nginx-mod-http-xslt-filter-1:1.21.5-6.oe2203sp3.x86_64",

"Installed: nginx-mod-mail-1:1.21.5-6.oe2203sp3.x86_64",

"Installed: nginx-mod-stream-1:1.21.5-6.oe2203sp3.x86_64",

"Installed: nginx-1:1.21.5-6.oe2203sp3.x86_64",

"Installed: nginx-all-modules-1:1.21.5-6.oe2203sp3.noarch",

"Installed: nginx-mod-http-image-filter-1:1.21.5-6.oe2203sp3.x86_64",

"Installed: nginx-mod-http-perl-1:1.21.5-6.oe2203sp3.x86_64"

]

}

5. service module

This module can be completely replaced by systemd; the reason for this module’s existence is that early versions of CentOS used service xxx start to manage services.

5.1 Options for the service module

  • name: Required, the name of the service

  • state: The operation to perform on the current service

  • enabled: Whether to start on boot

5.2 Usage of the service module

[ansible@master ansible]$ ansible all -m service -a "name=nginx state=started enabled=yes"

192.168.200.210 | CHANGED => {

"changed": true,

"enabled": true,

"name": "nginx",

"state": "started",

"status": {



Output is too long to display completely

6. systemd module

6.1 Options for the systemd module

  • name: Specify the name of the service

  • state: Manage the service state

    • started

    • restarted

    • stopped

    • reloaded

  • daemon_reload: Reload the service when the service configuration file changes

  • enabled: Whether to start on boot

6.2 Usage of the systemd module

[ansible@master ansible]$ ansible all -m systemd -a "name=nginx state=stopped enabled=no"

192.168.200.210 | CHANGED => {

"changed": true,

"enabled": false,

"name": "nginx",

"state": "stopped",

7. user module

7.1 Options for the user module

  • name: Specify the username

  • state: Create or delete

  • uid: Specify the user uid

  • group: Specify the user group

  • groups: Specify additional groups for the user

  • comment: User description

  • create_home: Whether to create a home directory for them

  • home: The path of the home directory, needs to be used with create_home

  • shell: Specify the user’s shell environment

  • password: Specify the user’s password; this must be an encrypted password, as plain text passwords will not work for login.

  • remove: Whether to delete the home directory when deleting the user, equivalent to userdel -r

7.2 Usage of the user module

[ansible@master ansible]$ ansible all -m user -a "name=natasha uid=1234 groups=root shell=/sbin/nologin password=123"

[WARNING]: The input password appears not to have been hashed. The 'password'

argument must be encrypted for this module to work properly.

192.168.200.210 | CHANGED => {

"changed": true,

"comment": "",

"create_home": true,

"group": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",

"groups": "root",

"home": "/home/natasha",

"name": "natasha",

"password": "NOT_LOGGING_PASSWORD",

"shell": "/sbin/nologin",

"state": "present",

"system": false,

"uid": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"

}

Note, I specified the password here, and it is in plain text; it will give a warning that the provided password is not a hashed value, meaning it has not been encrypted, and this password cannot be used. Using 123 will not allow you to log in as this user. Of course, the specified shell is /sbin/nologin, so even if you specify a shell, you still cannot log in.

We can use openssl to generate an encrypted password.

[ansible@master ansible]$ openssl passwd -6

Password:

Verifying - Password:

$6$b4Ug/ub0EPkyRE5x$oN.c5c2ah.Ej.Eo8s3F0q1E5t1/MHCFanZZivkJ8S2ZzE8fR2I2e7uYL5HgZ5CLwo1MGMhnHd2mmFxkN49Kq20

Place the output in the password field.

Deleting the user

[ansible@master ansible]$ ansible all -m user -a "name=natasha state=absent remove=yes"

192.168.200.210 | CHANGED => {

"changed": true,

"force": false,

"name": "natasha",

"remove": true,

"state": "absent"

}

8. group module

The group module is used to create user groups.

8.1 Options for the group module

  • gid: Specify the group’s gid

  • name: Specify the group name

  • state: Create or delete the group, options:

    • present

    • absent

8.2 Usage of the group module

[ansible@master ansible]$ ansible all -m group -a "name=test gid=2024 state=present"

192.168.200.210 | CHANGED => {

"changed": true,

"gid": 2024,

"name": "test",

"state": "present",

"system": false

}



# Delete group

[ansible@master ansible]$ ansible all -m group -a "name=test gid=2024 state=absent"

192.168.200.210 | CHANGED => {

"changed": true,

"name": "test",

"state": "absent"

}

9. fetch module

This module is the opposite of the copy module; copy transfers files to remote hosts, while this one collects remote files to local.

9.1 Options for the fetch module

  • src: The file path on the remote host, can only be a file, not a directory

  • dest: The path where the file will be collected locally

  • flat: Default is no, indicating that the file directory structure will be displayed under the control node in the form of the remote host name; yes indicates that the directory structure will not use the host name, and the dest must end with /.

9.2 Usage of the fetch module

# Collect the previously created hello file to local

[ansible@master ansible]$ ansible all -m fetch -a "src=/tmp/hello dest=./ "

192.168.200.210 | CHANGED => {

"changed": true,

"checksum": "74f4f4eb1947b9ca08e5e68d04d081808777f9a0",

"dest": "/home/ansible/ansible/192.168.200.210/tmp/hello",

"md5sum": "3cb95cfbe1035bce8c448fcaf80fe7d9",

"remote_checksum": "74f4f4eb1947b9ca08e5e68d04d081808777f9a0",

"remote_md5sum": null

}

[ansible@master ansible]$ ls

ansible.cfg   roles   user.yaml 192.168.200.210   inventory     set

Here, there will be a directory named after the remote host, and the contents inside are the files we collected.

[ansible@master ansible]$ cat 192.168.200.210/tmp/hello

hello,world

[ansible@master ansible]$ rm -rf 192.168.200.210/

[ansible@master ansible]$ ansible all -m fetch -a "src=/tmp/hello dest=./ flat=yes"

192.168.200.210 | CHANGED => {

"changed": true,

"checksum": "74f4f4eb1947b9ca08e5e68d04d081808777f9a0",

"dest": "/home/ansible/ansible/hello",

"md5sum": "3cb95cfbe1035bce8c448fcaf80fe7d9",

"remote_checksum": "74f4f4eb1947b9ca08e5e68d04d081808777f9a0",

"remote_md5sum": null

}

[ansible@master ansible]$ ls

ansible.cfg   hello   inventory   roles   set   user.yaml

If set to yes, it will directly display the file name.

10. get_url module

This function downloads files from the internet, similar to the wget command.

10.1 Options for the get_url module

  • url: The URL to download

  • url_password / url_username: Mainly used for cases requiring username and password authentication

  • dest: Where to save it locally

  • mode: Specify permissions

  • owner: Specify the owner

  • group: Specify the group

10.2 Usage of the get_url module

[ansible@master ansible]$ ansible all -m get_url -a "url=https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo dest=/tmp"

192.168.200.210 | CHANGED => {

"changed": true,

"checksum_dest": null,

"checksum_src": "42cd41801c59a7d62b8d936249817bb29c66c9aa",

"dest": "/tmp/Centos-vault-8.5.2111.repo",

"elapsed": 0,

"gid": 0,

"group": "root",

"md5sum": "3861ff439b02834d39b225045a5b0f97",

"msg": "OK (2495 bytes)",

"owner": "root",

"size": 2495,

"src": "/root/.ansible/tmp/ansible-tmp-1718867579.1066597-109801-88317862966284/tmp65039pbq",

"state": "file",

"status_code": 200,

"uid": 0,

"url": "https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo"

}

Downloaded the CentOS 8 yum source to the /tmp directory.

11. setup module

This module is used to collect information from remote hosts, generally does not require specifying parameters.

11.1 Usage of the setup module

This module has a special usage; it collects information from remote hosts for us to view, facilitating the writing of generic playbooks for different scenarios later.

[ansible@master ansible]$ ansible all -m setup  > host_info.yaml

[ansible@master ansible]$ vim host_info.yaml

92.168.200.210 | SUCCESS => {

"ansible_facts": {

"ansible_all_ipv4_addresses": [

"192.168.200.210",

"172.17.0.1",

"10.245.149.0"

],

"ansible_all_ipv6_addresses": [

"fe80::20c:29ff:fe2c:d98",

"fe80::ecee:eeff:feee:eeee"

],

"ansible_apparmor": {

"status": "disabled"

},

"ansible_architecture": "x86_64",

"ansible_bios_date": "11/12/2020",

"ansible_bios_version": "6.00",

Source: https://www.cnblogs.com/fsdstudy/p/18258735

Related posts

  1. Mastering Ansible: Building an Automation Operations Platform from Scratch, Achieving 8x Efficiency
  2. Ansible User Guide: A Powerful Tool for Automated Operations
  3. Common Ansible Modules for Operations Automation Learning
  4. Automate Operations with Python and Ansible!
  5. Ansible: The Swiss Army Knife for Automation
  6. Ansible: The Best Automation Tool in Python
  7. Java Automation Operations: Ansible Deployment and Management
  8. Python Automation Operations: Achieve Batch Management with Ansible
  9. Free Learning of RHCE: Deploying Ansible
  10. Control OCI VM Resources with Ansible
  11. Discussing the Principle of Idempotence in Ansible
  12. Ansible Beginner’s Practical Guide: Achieve Server Configuration Automation in 3 Steps and Say Goodbye to Repetitive Manual Operations
  13. Ansible + Python = The Pinnacle of Operations Automation: Easily Manage Hundreds of Servers!
  14. Combining Ansible and Python for Automated Server Management
  15. Ansible Automation Deployment: Core Features and Use Cases
  16. Ansible Beginner’s Guide: From Tedious Operations to One-Click Deployment, Say Goodbye to Late-Night Operations Nightmares
  17. Ansible Configuration File: From Basics to Advanced
  18. Ansible Installation: From Beginner to Abandonment (Part 2)
  19. Basic Usage of Ansible Playbook

Leave a Comment