1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/rst/modules.rst

904 lines
54 KiB
ReStructuredText
Raw Normal View History

2012-03-08 19:36:47 +01:00
Ansible Modules
===============
2012-08-03 17:31:43 +02:00
Ansible ships with a number of modules (called the 'module library')
that can be executed directly on remote hosts or through :doc:`playbooks`.
Users can also write their own modules. These modules can control system
2012-08-03 17:31:43 +02:00
resources, like services, packages, or files (anything really), or
handle executing system commands.
2012-03-08 19:53:48 +01:00
Let's review how we execute three different modules from the command line::
ansible webservers -m service -a "name=httpd state=running"
ansible webservers -m ping
ansible webservers -m command -a "/sbin/reboot -t now"
2012-08-03 17:31:43 +02:00
Each module supports taking arguments. Nearly all modules take ``key=value``
arguments, space delimited. Some modules take no arguments, and the
command/shell modules simply take the string of the command you want to run.
2012-03-09 04:50:00 +01:00
From playbooks, Ansible modules are executed in a very similar way::
- name: reboot the servers
2012-08-03 17:31:43 +02:00
action: command /sbin/reboot -t now
All modules technically return JSON format data, though if you are using the
2012-03-09 20:39:29 +01:00
command line or playbooks, you don't really need to know much about
that. If you're writing your own module, you care, and this means you do
not have to write modules in any particular language -- you get to choose.
2012-03-08 19:36:47 +01:00
2012-08-01 05:19:41 +02:00
Modules are `idempotent`, meaning they will seek to avoid changes to the system unless a change needs to be made. When using Ansible
playbooks, these modules can trigger 'change events' in the form of notifying 'handlers'
to run additional tasks.
2012-03-08 19:36:47 +01:00
Let's see what's available in the Ansible module library, out of the box:
2012-03-08 19:36:47 +01:00
2012-04-06 17:41:18 +02:00
.. _apt:
2012-03-09 20:39:29 +01:00
apt
```
Manages apt-packages (such as for Debian/Ubuntu).
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | no | | A package name or package specifier with version, like `foo` or `foo=1.0` |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| state | no | present | 'absent', 'present', or 'latest'. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| update_cache | no | no | Run the equivalent of apt-get update before the operation. |
2012-08-03 17:31:43 +02:00
| | | | Can be run as part of the package installation or a seperate step |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-01 06:50:16 +02:00
| purge | no | no | Will forge purge of configuration files if state is set to 'absent'. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| default_release | no | | Corresponds to the -t option for apt and sets pin priorities |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| install_recommends | no | yes | Corresponds to the --no-install-recommends option for apt, default |
| | | | behavior works as apt's default behavior, 'no' does not install |
| | | | recommended packages. Suggested packages are never installed. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| force | no | no | If 'yes', force installs/removes. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
Example action from Ansible :doc:`playbooks`::
2012-04-19 15:57:30 +02:00
apt pkg=foo update-cache=yes
apt pkg=foo state=removed
apt pkg=foo state=installed
apt pkg=foo=1.00 state=installed
apt pkg=nginx state=latest default-release=squeeze-backports update-cache=yes
apt pkg=openjdk-6-jdk state=latest install-recommends=no
.. _assemble:
2012-07-04 23:44:39 +02:00
assemble
````````
(new in 0.5) Assembles a configuration file from fragments. Often a particular program will take a single configuration file
and does not support a conf.d style structure where it is easy to build up the configuration from multiple sources.
Assmeble will take a directory of files that have already been transferred to the system, and concatenate them
together to produce a destination file. Files are assembled in string sorting order. Puppet calls this idea
"fragments".
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| src | yes | | An already existing directory full of source files |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dest | yes | | A file to create using the concatenation of all of the source files |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| OTHERS | | | All arguments that the file module takes may also be used |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-07-04 23:44:39 +02:00
Example action from Ansible :doc:`playbooks`::
assemble src=/etc/someapp/fragments dest=/etc/someapp/someapp.conf
.. _authorized_key:
2012-07-04 23:44:39 +02:00
authorized_key
``````````````
(new in 0.5). Adds or removes an authorized key for a user from a remote host.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| user | yes | | Name of the user who should have access to the remote host |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| key | yes | | the SSH public key, as a string |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | no | present | whether the given key should or should not be in the file |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-07-04 23:44:39 +02:00
Example action from Ansible :doc:`playbooks`::
authorized_key user=charlie key="ssh-dss ASDF1234L+8BTwaRYr/rycsBF1D8e5pTxEsXHQs4iq+mZdyWqlW++L6pMiam1A8yweP+rKtgjK2httVS6GigVsuWWfOd7/sdWippefq74nppVUELHPKkaIOjJNN1zUHFoL/YMwAAAEBALnAsQN10TNGsRDe5arBsW8cTOjqLyYBcIqgPYTZW8zENErFxt7ij3fW3Jh/sCpnmy8rkS7FyK8ULX0PEy/2yDx8/5rXgMIICbRH/XaBy9Ud5bRBFVkEDu/r+rXP33wFPHjWjwvHAtfci1NRBAudQI/98DbcGQw5HmE89CjgZRo5ktkC5yu/8agEPocVjdHyZr7PaHfxZGUDGKtGRL2QzRYukCmWo1cZbMBHcI5FzImvTHS9/8B3SATjXMPgbfBuEeBwuBK5EjL+CtHY5bWs9kmYjmeo0KfUMH8hY4MAXDoKhQ7DhBPIrcjS5jPtoGxIREZjba67r6/P2XKXaCZH6Fc= charlie@example.org 2011-01-17"
2012-04-06 17:41:18 +02:00
.. _command:
2012-07-04 23:44:39 +02:00
2012-03-08 19:36:47 +01:00
command
```````
2012-03-09 20:39:29 +01:00
The command module takes the command name followed by a list of
2012-08-03 17:31:43 +02:00
arguments, space delimited.
2012-08-01 05:19:41 +02:00
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| (free form) | N/A | N/A | the command module takes a free form command to run |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| creates | no | | a filename, when it already exists, this step will NOT be run |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| chdir | no | | cd into this directory before running the command (0.6 and later) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-08 19:36:47 +01:00
The given command will be executed on all selected nodes. It will not
2012-08-03 17:31:43 +02:00
be processed through the shell, so variables like "$HOME" and
operations like "<", ">", "|", and "&" will not work. As such, all
paths to commands must be fully qualified.
2012-03-09 04:50:00 +01:00
2012-08-01 05:19:41 +02:00
NOTE:: If you want to run a command through the shell (say you are using
2012-08-03 17:31:43 +02:00
'<', '>', '|', etc), you actually want the 'shell' module instead.
2012-08-01 05:19:41 +02:00
The 'command' module is much more secure as it's not affected by the user's environment.
2012-03-08 19:36:47 +01:00
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
command /sbin/shutdown -t now
2012-08-01 05:19:41 +02:00
creates and chdir can be specified after the command. For instance, if you only want to run a command if a certain file does not exist, you can do the following::
2012-04-06 17:41:18 +02:00
command /usr/bin/make_database.sh arg1 arg2 creates=/path/to/database
2012-08-01 05:19:41 +02:00
The `creates=` and `chdir` options will not be passed to the actual executable.
2012-04-06 17:41:18 +02:00
2012-03-09 20:39:29 +01:00
.. _copy:
2012-03-08 19:36:47 +01:00
copy
````
The copy module moves a file on the local box to remote locations. In addition to the options
listed below, the arguments available to the `file` module can also be passed to the copy
module.
2012-03-08 19:36:47 +01:00
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| src | yes | | Local path to a file to copy to the remote server, can be absolute or |
| | | | relative. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| dest | yes | | Remote absolute path where the file should end up |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| OTHERS | | | All arguments the file module takes are also supported |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-08 19:36:47 +01:00
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
copy src=/srv/myfiles/foo.conf dest=/etc/foo.conf owner=foo group=foo mode=0644
2012-03-08 19:36:47 +01:00
2012-03-09 20:39:29 +01:00
.. _facter:
2012-03-08 19:36:47 +01:00
facter
``````
Runs the discovery program 'facter' on the remote system, returning
2012-08-03 17:31:43 +02:00
JSON data that can be useful for inventory purposes.
2012-03-08 19:36:47 +01:00
Requires that 'facter' and 'ruby-json' be installed on the remote end.
2012-03-09 20:39:29 +01:00
Playbooks do not actually use this module, they use the :ref:`setup`
module behind the scenes.
2012-08-03 17:31:43 +02:00
2012-08-01 05:19:41 +02:00
Example from /usr/bin/ansible::
ansible foo.example.org -m ohai
2012-03-08 19:36:47 +01:00
2012-07-28 16:24:47 +02:00
.. _fetch:
2012-04-13 04:29:49 +02:00
fetch
`````
This module works like 'copy', but in reverse. It is used for fetching files
from remote machines and storing them locally in a file tree, organized by hostname.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| src | yes | | The file on the remote system to fetch. This needs to be a file, not |
| | | | a directory. Recursive fetching may be supported in a later release. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dest | yes | | A directory to save the file into. For example, if the 'dest' directory |
| | | | is '/foo', a src file named '/tmp/bar' on host 'host.example.com', would |
| | | | be saved into '/foo/host.example.com/tmp/bar' |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-04-13 04:29:49 +02:00
2012-04-19 03:21:49 +02:00
Example::
fetch src=/var/log/messages dest=/home/logtree
2012-07-28 16:24:47 +02:00
.. _file:
2012-04-06 17:41:18 +02:00
file
````
Sets attributes of files, symlinks, and directories, or removes files/symlinks/directories. Many other modules
support the same options as the file module -- including 'copy', 'template', and 'assmeble'.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| dest | yes | | defines the file being managed, unless when used with state=link, and |
| | | | then sets the destination to create a symbolic link to using 'src' |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | | file | values are 'file', 'link', 'directory', or 'absent'. If directory, |
| | | | all immediate subdirectories will be created if they do not exist. If |
| | | | 'file', the file will NOT be created if it does not exist, see the 'copy' |
| | | | or 'template' module if you want that behavior. If 'link', the symbolic |
| | | | link will be created or changed. If absent, directories will be |
| | | | recursively deleted, and files or symlinks will be unlinked. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| mode | | | mode the file or directory shoudl be, such as 0644 as would be fed to |
| | | | chmod. English modes like 'g+x' are not yet supported |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| owner | | | name of the user that should own the file/directory, as would be fed to |
| | | | chown |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| group | | | name of the group that should own the file/directory, as would be fed to |
| | | | group |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| src | | | path of the file to link to (applies only to state=link) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| seuser | | | user part of SELinux file context. Will default to system policy, if |
2012-08-03 17:31:43 +02:00
| | | | applicable. If set to '_default', it will use the 'user' portion of the |
| | | | the policy if available |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| serole | | | role part of SELinux file context, '_default' feature works as above. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| setype | | | type part of SELinux file context, '_default' feature works as above |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| selevel | | s0 | level part of the SELinux file context. This is the MLS/MCS attribute, |
| | | | sometimes known as the 'range'. '_default' feature works as above |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| context | | | accepts only 'default' as a value. This will restore a file's selinux |
| | | | context in the policy. Does nothing if no default is available. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-22 06:01:02 +01:00
2012-04-02 02:03:13 +02:00
Example action from Ansible :doc:`playbooks`::
file path=/etc/foo.conf owner=foo group=foo mode=0644
file path=/some/path owner=foo group=foo state=directory
2012-04-05 02:30:41 +02:00
file path=/path/to/delete state=absent
2012-04-02 02:03:13 +02:00
file src=/file/to/link/to dest=/path/to/symlink owner=foo group=foo state=link
file path=/some/path state=directory setype=httpd_sys_content_t
file path=/some/path state=directory context=default
2012-04-13 04:30:43 +02:00
.. _get_url:
get_url
```````
Downloads files from http, https, or ftp to the remote server. The remote server must have direct
access to the remote resource.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| url | yes | | http, https, or ftp URL |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dest | yes | | absolute path of where to download the file to. If dest is a directory, |
| | | | the basename of the file on the remote server will be used. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| OTHERS | no | | all arguments accepted by the file module also work here |
+--------------------+----------+---------+----------------------------------------------------------------------------+
Example action from Ansible :doc:`playbooks`::
- name: Grab a bunch of jQuery stuff
action: get_url url=http://code.jquery.com/$item dest=${jquery_directory} mode=0444
with_items:
- jquery.min.js
- mobile/latest/jquery.mobile.min.js
- ui/jquery-ui-git.css
2012-04-06 17:41:18 +02:00
.. _git:
2012-03-08 19:36:47 +01:00
git
```
2012-03-09 04:50:00 +01:00
Deploys software (or files) from git checkouts.
2012-03-08 19:36:47 +01:00
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| repo | yes | | git, ssh, or http protocol address of the git repo |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dest | yes | | absolute path of where the repo should be checked out to |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| version | no | HEAD | what version to check out -- either the git SHA, the literal string |
| | | | 'HEAD', branch name, or a tag name. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| remote | no | origin | name of the remote branch |
+--------------------+----------+---------+----------------------------------------------------------------------------+
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
git repo=git://foosball.example.org/path/to/repo.git dest=/srv/checkout version=release-0.22
2012-04-06 17:41:18 +02:00
.. _group:
2012-03-08 19:36:47 +01:00
group
`````
Adds or removes groups.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | name of the group |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| gid | | | optional git to set for the group |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | | present | 'absent' or 'present' |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| system | | no | if 'yes', indicates that the group being created is a system group. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-05-10 07:26:40 +02:00
To control members of the group, see the users resource.
Example action from Ansible :doc:`playbooks`::
group name=somegroup state=present
.. _mount:
mount
`````
The mount module controls active and configured mount points (fstab).
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | path to the mountpoint, ex: /mnt/foo |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| src | yes | | device to be mounted |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| fstype | yes | | fstype |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| opts | no | | mount options (see fstab docs) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dump | no | | dump (see fstab docs) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| passno | no | | passno (see fstab docs) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | yes | | 'present', 'absent', 'mounted', or 'unmounted'. If mounted/unmounted, |
| | | | the device will be actively mounted or unmounted as well as just |
| | | | configured in fstab. 'absent', and 'present' only deal with fstab. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
.. _mysql_db:
mysql_db
````````
Add or remove MySQL databases from a remote host.
2012-08-03 17:31:43 +02:00
Requires the MySQLdb Python package on the remote host. For Ubuntu, this is as easy as
apt-get install python-mysqldb.
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+===========+=============================================================================+
| name | yes | | name of the database to add or remove |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| login_user | no | | user name used to authenticate with |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| login_password | no | | password used to authenticate with |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| login_host | no | localhost | host running the database |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| state | no | present | 'absent' or 'present' |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| collation | no | | collation mode |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
| encoding | no | | encoding mode |
+--------------------+----------+-----------+-----------------------------------------------------------------------------+
Both 'login_password' and 'login_username' are required when you are passing credentials.
If none are present, the module will attempt to read the credentials from ~/.my.cnf, and
finally fall back to using the MySQL default login of 'root' with no password.
Example action from Ansible :doc:`playbooks`::
- name: Create database
2012-08-03 17:31:43 +02:00
action: mysql_db db=bobdata state=present
mysql_user
``````````
Adds or removes a user from a MySQL database.
2012-08-03 17:31:43 +02:00
Requires the MySQLdb Python package on the remote host. For Ubuntu, this is as easy as
apt-get install python-mysqldb.
+--------------------+----------+------------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+============+============================================================================+
| name | yes | | name of the user (role) to add or remove |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| password | no | | set the user's password |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-07 03:03:20 +02:00
| host | no | localhost | the 'host' part of the MySQL username |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| login_user | no | | user name used to authenticate with |
+--------------------+----------+------------+----------------------------------------------------------------------------+
| login_password | no | | password used to authenticate with |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| login_host | no | localhost | host running MySQL. |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| priv | no | | MySQL privileges string in the format: db.table:priv1,priv2 |
+--------------------+----------+------------+----------------------------------------------------------------------------+
| state | no | present | 'absent' or 'present' |
+--------------------+----------+------------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
Both 'login_password' and 'login_username' are required when you are passing credentials.
If none are present, the module will attempt to read the credentials from ~/.my.cnf, and
finally fall back to using the MySQL default login of 'root' with no password.
Example privileges string format:
mydb.*:INSERT,UPDATE/anotherdb.*:SELECT/yetanotherdb.*:ALL
Example action from Ansible :doc:`playbooks`::
- name: Create database user
2012-08-03 17:31:43 +02:00
action: mysql_user name=bob passwd=12345 priv=*.*:ALL state=present
2012-08-03 17:31:43 +02:00
- name: Ensure no user named 'sally' exists, also passing in the auth credentials.
action: mysql_user login_user=root login_password=123456 name=sally state=absent
2012-04-06 17:41:18 +02:00
.. _ohai:
2012-03-08 19:36:47 +01:00
ohai
````
2012-03-09 20:39:29 +01:00
Similar to the :ref:`facter` module, this returns JSON inventory data.
Ohai data is a bit more verbose and nested than facter.
2012-03-08 19:36:47 +01:00
Requires that 'ohai' be installed on the remote end.
2012-03-09 20:39:29 +01:00
Playbooks should not call the ohai module, playbooks call the
:ref:`setup` module behind the scenes instead.
2012-03-08 19:36:47 +01:00
2012-08-01 05:19:41 +02:00
Example::
ansible foo.example.org -m ohai
2012-04-06 17:41:18 +02:00
.. _ping:
2012-03-08 19:36:47 +01:00
ping
````
2012-08-01 05:19:41 +02:00
A trivial test module, this module always returns 'pong' on
successful contact. It does not make sense in playbooks, but is useful
from /usr/bin/ansible::
2012-03-08 19:36:47 +01:00
2012-08-01 05:19:41 +02:00
ansible webservers -m ping
.. postgresql_db:
postgresql_db
`````````````
Add or remove PostgreSQL databases from a remote host.
The default authentication assumes that you are either logging in as or
sudo'ing to the postgres account on the host.
This module uses psycopg2, a Python PostgreSQL database adapter. You must
ensure that psycopg2 is installed on the host before using this module. If
the remote host is the PostgreSQL server (which is the default case), then
PostgreSQL must also be installed on the remote host. For Ubuntu-based systems,
install the postgresql, libpq-dev, and python-psycopg2 packages on the remote
host before using this module.
+--------------------+----------+----------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+==========+============================================================================+
| name | yes | | name of the database to add or remove |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_user | no | postgres | user (role) used to authenticate with PostgreSQL |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_password | no | | password used to authenticate with PostgreSQL |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_host | no | | host running PostgreSQL. Default (blank) implies localhost |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| state | | present | 'absent' or 'present' |
+--------------------+----------+----------+----------------------------------------------------------------------------+
Example action from Ansible :doc:`playbooks`::
postgresql_db db=acme
.. postgresql_user:
postgresql_user
```````````````
Add or remove PostgreSQL users (roles) from a remote host, and grant the users
access to an existing database.
The default authentication assumes that you are either logging in as or
sudo'ing to the postgres account on the host.
This module uses psycopg2, a Python PostgreSQL database adapter. You must
ensure that psycopg2 is installed on the host before using this module. If
the remote host is the PostgreSQL server (which is the default case), then
PostgreSQL must also be installed on the remote host. For Ubuntu-based systems,
install the postgresql, libpq-dev, and python-psycopg2 packages on the remote
host before using this module.
+--------------------+----------+----------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+==========+============================================================================+
| name | yes | | name of the user (role) to add or remove |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| password | yes | | set the user's password |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| db | yes | | name of an existing database to grant user access to |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_user | no | postgres | user (role) used to authenticate with PostgreSQL |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_password | no | | password used to authenticate with PostgreSQL |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| login_host | no | | host running PostgreSQL. Default (blank) implies localhost |
+--------------------+----------+----------+----------------------------------------------------------------------------+
| state | | present | 'absent' or 'present' |
+--------------------+----------+----------+----------------------------------------------------------------------------+
Example action from Ansible :doc:`playbooks`::
postgresql_user db=acme user=django password=ceec4eif7ya
.. _raw:
2012-03-08 19:36:47 +01:00
2012-05-10 07:20:31 +02:00
raw
```
Executes a low-down and dirty SSH command, not going through the module subsystem.
This is useful and should only be done in two cases. The first case is installing
python-simplejson on older (python 2.4 and before) hosts that need it as a dependency
2012-08-03 17:31:43 +02:00
to run modules, since nearly all core modules require it. Another is speaking to any
2012-05-10 07:20:31 +02:00
devices such as routers that do not have any Python installed. In any other case,
using the 'shell' or 'command' module is much more appropriate.
2012-08-03 17:31:43 +02:00
Arguments given to 'raw' are run directly through the configured remote shell and
only output is returned. There is no error detection or change handler support
2012-05-10 07:20:31 +02:00
for this module.
Example from `/usr/bin/ansible` to bootstrap a legacy python 2.4 host::
2012-05-10 07:20:31 +02:00
ansible newhost.example.com raw -a "yum install python-simplejson"
.. _service:
2012-03-08 19:36:47 +01:00
service
```````
Controls services on remote machines.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | name of the service |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | no | started | 'started', 'stopped', 'reloaded', or 'restarted'. Started/stopped are |
| | | | idempotent actions that will not run commands unless neccessary. |
| | | | 'restarted' will always bounce the service, 'reloaded' will always reload. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| enabled | no | | Whether the service should start on boot. Either 'yes' or 'no'. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-08 19:36:47 +01:00
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
service name=httpd state=started
service name=httpd state=stopped
service name=httpd state=restarted
2012-05-19 23:30:06 +02:00
service name=httpd state=reloaded
2012-03-22 06:01:02 +01:00
2012-03-09 20:39:29 +01:00
.. _setup:
2012-03-08 19:36:47 +01:00
setup
`````
This module is automatically called by playbooks to gather useful variables about remote hosts that can be used
in playbooks. It can also be executed directly by /usr/bin/ansible to check what variables are available
to a host.
2012-03-09 20:39:29 +01:00
Ansible provides many 'facts' about the system, automatically.
2012-04-26 04:40:11 +02:00
Some of the variables that are supplied are listed below. These in particular
are from a VMWare Fusion 4 VM running CentOS 6.2::
"ansible_architecture": "x86_64",
"ansible_distribution": "CentOS",
"ansible_distribution_release": "Final",
"ansible_distribution_version": "6.2",
"ansible_eth0": {
"ipv4": {
"address": "REDACTED",
"netmask": "255.255.255.0"
},
"ipv6": [
{
"address": "REDACTED",
"prefix": "64",
"scope": "link"
}
],
"macaddress": "REDACTED"
},
"ansible_form_factor": "Other",
"ansible_fqdn": "localhost.localdomain",
"ansible_hostname": "localhost",
"ansible_interfaces": [
"lo",
"eth0"
],
"ansible_kernel": "2.6.32-220.2.1.el6.x86_64",
"ansible_lo": {
"ipv4": {
"address": "127.0.0.1",
"netmask": "255.0.0.0"
},
"ipv6": [
{
"address": "::1",
"prefix": "128",
"scope": "host"
}
],
"ansible_machine": "x86_64",
"ansible_memfree_mb": 89,
"ansible_memtotal_mb": 993,
"ansible_processor": [
"Intel(R) Core(TM) i7-2677M CPU @ 1.80GHz"
],
"ansible_processor_cores": "NA",
"ansible_processor_count": 1,
"ansible_product_name": "VMware Virtual Platform",
"ansible_product_serial": "REDACTED",
"ansible_product_uuid": "REDACTED",
"ansible_product_version": "None",
"ansible_python_version": "2.6.6",
"ansible_product_version": "None",
"ansible_python_version": "2.6.6",
"ansible_ssh_host_key_dsa_public": REDACTED",
"ansible_ssh_host_key_rsa_public": "REDACTED",
"ansible_swapfree_mb": 1822,
"ansible_swaptotal_mb": 2015,
"ansible_system": "Linux",
"ansible_system_vendor": "VMware, Inc.",
"ansible_virtualization_role": "None",
"ansible_virtualization_type": "None",
More ansible facts will be added with successive releases.
2012-03-09 20:39:29 +01:00
If facter or ohai are installed, variables from these programs will
also be snapshotted into the JSON file for usage in templating. These
variables are prefixed with ``facter_`` and ``ohai_`` so it's easy to
2012-08-03 17:31:43 +02:00
tell their source.
2012-04-26 04:40:11 +02:00
All variables are bubbled up to the caller. Using the ansible facts and choosing
2012-04-19 05:02:28 +02:00
to not install facter and ohai means you can avoid ruby-dependencies
on your remote systems.
2012-03-08 19:36:47 +01:00
2012-04-13 00:20:52 +02:00
Example action from `/usr/bin/ansible`::
2012-03-22 06:01:02 +01:00
ansible testserver -m setup
2012-03-22 06:01:02 +01:00
2012-03-08 19:36:47 +01:00
.. _shell:
shell
`````
The shell module takes the command name followed by a list of
arguments, space delimited. It is almost exactly like the command module
but runs the command through the user's configured shell on the remote node.
2012-08-01 05:19:41 +02:00
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| (free form) | N/A | N/A | the command module takes a free form command to run |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| creates | no | | a filename, when it already exists, this step will NOT be run |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| chdir | no | | cd into this directory before running the command (0.6 and later) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
The given command will be executed on all selected nodes.
2012-08-03 17:31:43 +02:00
NOTE:: If you want to execute a command securely and predicably, it may
be better to use the 'command' module instead. Best practices
when writing playbooks will follow the trend of using 'command'
unless 'shell' is explicitly required. When running ad-hoc commands,
use your best judgement.
2012-03-22 06:01:02 +01:00
Example action from a playbook::
shell somescript.sh >> somelog.txt
2012-03-09 20:39:29 +01:00
.. _template:
2012-03-08 19:36:47 +01:00
template
````````
2012-08-03 17:31:43 +02:00
Templates a file out to a remote server.
2012-03-08 19:36:47 +01:00
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| src | yes | | Path of a Jinja2 formatted template on the local server. This can be |
| | | | a relative or absolute path. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| dest | yes | | Location to render the template on the remote server |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| OTHERS | | | This module also supports all of the arguments to the file module |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-08 19:36:47 +01:00
2012-03-22 06:01:02 +01:00
Example action from a playbook::
template src=/srv/mytemplates/foo.j2 dest=/etc/foo.conf owner=foo group=foo mode=0644
.. _user:
user
````
Creates user accounts, manipulates existing user accounts, and removes user accounts.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | name of the user to create, remove, or edit |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| comment | | | optionally sets the description of the user |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| uid | | | optionally sets the uid of the user |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| group | | | optionally sets the user's primary group (takes a group name) |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| groups | | | puts the user in this comma-delimited list of groups |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| append | | no | if 'yes', will only add groups, not set them to just the list in 'groups' |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| shell | | | optionally set the user's shell |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| createhome | | yes | unless 'no', a home directory will be made for the user |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| home | | | sets where the user's homedir should be, if not the default |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| password | | | optionally set the user's password to this crypted value. See the user's |
| | | | example in the github examples directory for what this looks like in a |
| | | | playbook |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | | present | when 'absent', removes the user. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| system | | no | only when initially creating, setting this to 'yes' makes the user a |
| | | | system account. This setting cannot be changed on existing users. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| force | | no | when used with state=absent, behavior is as with userdel --force |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| remove | | no | when used with state=remove, behavior is as with userdel --remove |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-22 06:01:02 +01:00
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
user name=mdehaan comment=awesome passwd=awWxVV.JvmdHw createhome=yes
user name=mdehaan groups=wheel,skynet
user name=mdehaan state=absent force=yes
2012-03-22 06:01:02 +01:00
2012-04-06 17:41:18 +02:00
.. _virt:
virt
````
Manages virtual machines supported by libvirt. Requires that libvirt be installed
on the managed machine.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | name of the guest VM being managed |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| state | | | 'running', 'shutdown', 'destroyed', or 'undefined'. Note that there may |
| | | | be some lag for state requests like 'shutdown' since these refer only to |
| | | | VM states. After starting a guest, it may not be immediately accessible. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| command | | | in addition to state management, various non-idempotent commands are |
| | | | available. See examples below. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-04-06 17:41:18 +02:00
Example action from Ansible :doc:`playbooks`::
virt guest=alpha state=running
virt guest=alpha state=shutdown
virt guest=alpha state=destroyed
virt guest=alpha state=undefined
Example guest management commands from /usr/bin/ansible::
ansible host -m virt -a "guest=foo command=status"
ansible host -m virt -a "guest=foo command=pause"
ansible host -m virt -a "guest=foo command=unpause"
ansible host -m virt -a "guest=foo command=get_xml"
ansible host -m virt -a "guest=foo command=autostart"
Example host (hypervisor) management commands from /usr/bin/ansible::
2012-04-13 04:31:43 +02:00
ansible host -m virt -a "command=freemem"
ansible host -m virt -a "command=list_vms"
ansible host -m virt -a "command=info"
ansible host -m virt -a "command=nodeinfo"
ansible host -m virt -a "command=virttype"
2012-04-06 17:41:18 +02:00
2012-03-10 01:04:40 +01:00
.. _yum:
yum
```
Will install, upgrade, remove, and list packages with the yum package manager.
+--------------------+----------+---------+----------------------------------------------------------------------------+
| parameter | required | default | comments |
+====================+==========+=========+============================================================================+
| name | yes | | package name, or package specifier with version, like 'name-1.0' |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-08-03 17:31:43 +02:00
| state | | present | 'present', 'latest', or 'absent'. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
| list | | | various non-idempotent commands for usage with /usr/bin/ansible and not |
| | | | playbooks. See examples below. |
+--------------------+----------+---------+----------------------------------------------------------------------------+
2012-03-08 19:36:47 +01:00
Example action from Ansible :doc:`playbooks`::
2012-03-22 06:01:02 +01:00
2012-07-30 18:14:50 +02:00
yum name=httpd state=latest
yum name=httpd state=removed
yum name=httpd state=installed
2012-03-22 06:01:02 +01:00
2012-03-09 04:50:00 +01:00
Writing your own modules
````````````````````````
2012-03-08 19:36:47 +01:00
See :doc:`moduledev`.
.. seealso::
:doc:`examples`
2012-04-13 00:20:52 +02:00
Examples of using modules in /usr/bin/ansible
:doc:`playbooks`
2012-04-13 00:20:52 +02:00
Examples of using modules with /usr/bin/ansible-playbook
:doc:`moduledev`
How to write your own modules
:doc:`api`
Examples of using modules with the Python API
2012-04-13 00:20:52 +02:00
`Mailing List <http://groups.google.com/group/ansible-project>`_
Questions? Help? Ideas? Stop by the list on Google Groups
`irc.freenode.net <http://irc.freenode.net>`_
#ansible IRC chat channel