Archive
Posts in Ansible
Updating a file with ansible if the current file is X days old
I'm a heavy user of the Logstash geoip features which utilize the GeoLite database. To keep up to date with the latest mappings I updated my logstash ansible role to check the current database and retrieve a new one if its older than a certain number of days. This was super easy to do with ansible. To get started I defined a couple of variables in group_vars: These variables define the location to put the geoip database, the URL to the latest database and how how often to update the file…
$ read more →Using Ansible to verify remote file checksums with get_url, lookup() and stat
Being an extremely security minded operations guy I take every precaution to verify that the files I download are legit. In this day and age of servers and data getting compromised this should be an operational standard. There are numerous ways to verify checksums. You can use openssl's various hashing options or a simple wrapper script similar to this…
$ read more →Retrieving a file name from a URL with ansible
Ansible has several extremely powerful modules for interacting with web resources. The get_url module allows you to retrieve resources, uri allows you to interact with web services and the templating and filtering capabilities provided by Jinja2 allow you to slice and dice the results in a variety of ways. One pattern that I find useful is applying the basename filter to the URL to grab a file name: After the filter is applied file_name will contain the last component in the "/" separated URL: I'll share some valid uses for this in a future blog post.
$ read more →Automating cron jobs with the ansible cron module
Over the past month I have been rewriting some cron scripts to enhance monitoring and observability. I've also been refactoring my ansible playbooks to handle deploying these scripts in a consistent fashion. Ansible ships with the cron module which makes this process a breeze. The cron module has all of the familiar cron attributes (hour, minute, second, program to run, etc.) and takes the following form: When I first played around with this module I noticed that each playbook run would result in a cron entry being added…
$ read more →Debugging ansible playbooks, plays and tasks
I am a long time ansible user and have wrangled it into automating just about everything I do. As my roles and playbooks have increased in quantity and size I've found it's essential to have a good grasp of the debugging capabilities built into ansible. These are useful for detecting syntax errors, finding ordering issues and most importantly for learning how ansible works under the covers. In this post I'm going to cover a number of methods to test playbooks and troubleshoot issues when they pop up…
$ read more →