- name: Copy file from the remote server hosts: all strategy: free become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - ansible.builtin.fetch: src: /var/mohsen/my_backups/storage/backup.db dest: /home/mohsen/Temp/db_backups/{{ inventory_hostname }}/ flat: yes -------------------------------------------------------------------------------------------- The {{ inventory_hostname }} already exists as a special variable in Ansible. It creates a folder per host and copies the file in them. In the destination whatever path you write, it will create them on your computer if do not exist. The flat, if yes, will copy the file in the folder, if no, it will create separate nested folders /per/file/path. --------------------------------------------------------------------------------------------

By default, Ansible runs in parallel against all the hosts in the pattern you set in the "hosts:" field of each play. If you want to manage only a few machines at a time, for example during a rolling update, you can define how many hosts Ansible should manage at a single time using the "serial" keyword: --- - name: test play hosts: webservers serial: 3 gather_facts: False ------------------------------------------------------------------------------------------------------------- You can also specify a percentage: serial: "30%" ------------------------------------------------------------------------------------------------------------- You can also specify batch sizes as a list. For example: --- - name: test play hosts: webservers serial: - 1 - 5 - 10 ------------------------------------------------------------------------------------------------------------- You can list multiple batch sizes as percentages: --- - name: test play hosts: webservers serial: - "10%" - "20%" - "100%" ------------------------------------------------------------------------------------------------------------- You can also mix and match the values: --- - name: test play hosts: webservers serial: - 1 - 5 - "20%" -------------------------------------------------------------------------------------------------------------

If you have the processing power available and want to use more forks, you can set the number in "ansible.cfg" file: [defaults] forks = 30 or pass it on the command line: ansible-playbook -f 30 my_playbook.yml.

By default, Ansible runs each task on all hosts affected by a play before starting the next task on any host, using 5 forks. The is the default behavior which is called linear strategy. strategy: free --------------------------------------------------------------------------------------------------- Ansible offers other strategies, including the "debug strategy" and the "free strategy", which allows each host to run until the end of the play as fast as it can. --------------------------------------------------------------------------------------------------- You can select a different strategy for each play or set your preferred strategy globally in "ansible.cfg". [defaults] strategy = free ---------------------------------------------------------------------------------------------------

How to run Ansible without specifying the inventory but the host directly: ansible-playbook -i mohsenhassani.com, run_shell_command.yml You need to append a comma , after the hostname.

- name: Run command hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen vars: directory: /tmp/*.csv tasks: - command: "/bin/sh -c 'ls {{ directory }}'" register: dir_out - debug: var={{ item }} with_items: dir_out.stdout_lines

- name: Create a directory if it does not exist hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - ansible.builtin.file: path: /tmp/csv state: directory mode: '0755'

- name: Remove a file hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - ansible.builtin.file: path: /opt/mohsen/my-reports.tar.gz state: absent

- name: Extract archive file hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - ansible.builtin.unarchive: src: /opt/mohsen/my-reports.tar.gz dest: /opt/mohsen remote_src: yes

- name: Copy file or directory to the remote server hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - ansible.builtin.copy: src: /home/mohsen/Temp/my-reports.tar.gz dest: /opt/mohsen owner: mohsen group: mohsen mode: '0744'

- name: Check whether the directory exists hosts: all become: true become_user: mohsen environment: HOME: /home/mohsen tasks: - name: Check whether the old reports directory exists stat: path: /home/mohsen/reports.bak register: stat_result - name: Display the condition debug: msg: "The folder reports.bak exists." when: stat_result.stat.exists

This feature allows you to ‘become’ another user, different from the user that logged into the machine (remote user), we call it "become". The become keyword uses existing privilege escalation tools like sudo, su, pfexec, doas, pbrun, dzdo, ksu, runas, machinectl and others. --------------------------------------------------------------------------------

https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html limit the hosts you target on a particular run: ansible-playbook site.yml --limit datacenter2 ------------------------------------------------------------------------------------ You can use --limit to read the list of hosts from a file by prefixing the file name with @: ansible-playbook site.yml --limit @retry_hosts.txt ------------------------------------------------------------------------------------

ansible webserver -m ansible.builtin.shell -a 'echo $PATH'

--become-user Run operations as this user (default=root) ------------------------------------------------------------ --list-hosts Outputs a list of matching hosts; does not execute anything else ------------------------------------------------------------ --list-tasks List all tasks that would be executed ------------------------------------------------------------ --private-key, --key-file Use this file to authenticate the connection ------------------------------------------------------------ --start-at-task <START_AT_TASK> Start the playbook at the task matching this name ------------------------------------------------------------ --step One-step-at-a-time: confirm each task before running ------------------------------------------------------------ --syntax-check Perform a syntax check on the playbook, but do not execute it ------------------------------------------------------------ -C, --check Don’t make any changes; instead, try to predict some of the changes that may occur ------------------------------------------------------------ -D, --diff When changing (small) files and templates, show the differences in those files; works great with –check ------------------------------------------------------------ -K, --ask-become-pass Ask for privilege escalation password ------------------------------------------------------------ -S, --su Run operations with su (deprecated, use become) ------------------------------------------------------------ -b, --become Run operations with become (does not imply password prompting) ------------------------------------------------------------ -e, --extra-vars Set additional variables as key=value or YAML/JSON, if filename prepend with @ ------------------------------------------------------------ -f <FORKS>, --forks <FORKS> Specify number of parallel processes to use (default=5) ------------------------------------------------------------ -i, --inventory, --inventory-file Specify inventory host path (default=[[u’/etc/ansible/hosts’]]) or comma separated host list. –inventory-file is deprecated ------------------------------------------------------------ -k, --ask-pass Ask for connection password ------------------------------------------------------------ -u <REMOTE_USER>, --user <REMOTE_USER> Connect as this user (default=None) ------------------------------------------------------------ -v, --verbose Verbose mode (-vvv for more, -vvvv to enable connection debugging) ------------------------------------------------------------

Every ansible task when run can save its results into a variable. To do this you have to specify which variable to save the results in, using "register" parameter. Once you save the value to a variable you can use it later in any of the subsequent tasks. So for example if you want to get the standard output of a specific task you can write the following: ansible-playbook ansible/postgres.yml -e delete_old_backups=true --- - hosts: localhost tasks: - name: Delete old database backups command: echo '{{ delete_old_backups }}' register: out - debug: var: out.stdout_lines ----------------------------------------------------------------- You can also use -v when running ansible-playbook. -----------------------------------------------------------------

- name: Delete old database backups command: echo {{ delete_old_backups }} when: delete_old_backups|bool

ansible test_servers -m ping ----------------------------------------------------- ansible-playbook playbook.yml ansible-playbook playbook.yml --check ----------------------------------------------------- ansible-playbook site.yaml -i hostinv -e firstvar=false -e second_var=value2 ansible-playbook release.yml -e "version=1.23.45 other_variable=foo" -----------------------------------------------------

The inventory file can be in one of many formats, depending on the inventory plugins you have. The most common formats are INI and YAML. A basic INI /etc/ansible/hosts might look like this: mail.example.com [webservers] foo.example.com bar.example.com [dbservers] one.example.com two.example.com three.example.com -------------------------------------------------------- [postgres_servers] mohsenhassani.com ansible_user=root pythonist.ir ansible_user=mohsen exam.myedu.ir:2020 -------------------------------------------------------- [webservers] www[01:50].example.com [databases] db-[a:f].example.com [targets] localhost ansible_connection=local other1.example.com ansible_connection=ssh ansible_user=mpdehaan other2.example.com ansible_connection=ssh ansible_user=mdehaan -------------------------------------------------------- Host Variables: [atlanta] host1 http_port=80 maxRequestsPerChild=808 host2 http_port=303 maxRequestsPerChild=909 -------------------------------------------------------- Group Variables: [atlanta] host1 host2 [atlanta:vars] ntp_server=ntp.atlanta.example.com proxy=proxy.atlanta.example.com -------------------------------------------------------- Groups of Groups, and Group Variables: It is also possible to make groups of groups using the :children suffix. Just like above, you can apply variables using :vars: [atlanta] host1 host2 [raleigh] host2 host3 [southeast:children] atlanta raleigh [southeast:vars] some_server=foo.southeast.example.com halon_system_timeout=30 self_destruct_countdown=60 escape_pods=2 [usa:children] southeast northeast southwest northwest --------------------------------------------------------

python3 -m pip install --user ansible