Ansible Advanced Course

Ansible Modules

Additional Modules

In this lesson, we introduce several additional Ansible modules designed to extend your automation capabilities. In the upcoming labs, you will gain hands-on experience with these modules while exploring their various options. For detailed reference on each module, please check the respective module documentation.

Let's get started!


Package Module

To install packages on a target host, use the module that corresponds to the host's package manager. For instance, use the yum module for CentOS or Red Hat Enterprise Linux and the apt module for Ubuntu. Starting with Ansible 2.0, you can also use the unified package module which automatically selects the correct package manager based on the host. However, keep in mind that package names might differ between operating systems—for example, the web server package is known as "httpd" on CentOS but "apache2" on Ubuntu. In such scenarios, managing package names with variables or conditionals becomes crucial.

Note

Using the package module with a single package name (e.g., httpd) might not work across different operating systems. Consider advanced techniques such as variables and conditionals to handle such variations.

Below is an example playbook that demonstrates three approaches:

---
- name: Install web server packages on multiple platforms
  hosts: all
  tasks:
    - name: Install web server on CentOS
      yum:
        name: httpd
        state: installed

    - name: Install web server on Ubuntu
      apt:
        name: apache2
        state: installed

    - name: Install web server on any host using package module
      package:
        name: httpd
        state: installed

Service Module

The service module is used to manage system services. Whether you need to start, stop, or restart a service, or ensure it is enabled to start at boot time, this module has you covered.

---
- name: Ensure httpd service is running and enabled
  hosts: all
  tasks:
    - service:
        name: httpd
        state: started
        enabled: yes

Firewalld Module

For firewall configuration on CentOS or Red Hat systems, the firewalld module is the go-to tool. Configure rules based on port, protocol, service, or source address, and specify the appropriate zone. By default, Ansible applies changes immediately; however, if you need rules to persist after reboots, set the permanent option to yes. Keep in mind that with permanent enabled, rules will not take immediate effect unless the immediate option is also set to yes.

---
- name: Add firewalld rule to allow HTTP traffic on port 8080
  hosts: all
  tasks:
    - firewalld:
        port: 8080/tcp
        service: http
        source: 192.0.0.0/24
        zone: public
        state: enabled
        permanent: yes
        immediate: yes

LVM Modules

The LVM modules allow you to manage Logical Volume Management efficiently. Start by creating a volume group using the lvg module, then create logical volumes within the group using the lvol module. The example below creates a volume group named "vg1" on specified physical devices, followed by the creation of a logical volume "lvol1" with a size of 2GB.

---
- hosts: all
  tasks:
    - name: Create LVM Volume Group "vg1"
      lvg:
        vg: vg1
        pvs: /dev/sdb1,/dev/sdb2

    - name: Create Logical Volume "lvol1" with 2GB size
      lvol:
        vg: vg1
        lv: lvol1
        size: 2g

File System and File Modules

The filesystem and file management modules are essential for creating filesystems, mounting devices, and managing files or directories. Use the filesystem module to create filesystems on devices and the mount module for mounting. The file module comes in handy for creating files, directories, and symbolic links with specific permissions and ownership settings.

For example, the following playbook creates an application directory and an empty HTML file with defined ownership and permissions:

---
- hosts: all
  tasks:
    - name: Create application directory
      file:
        path: /opt/app/web
        state: directory

    - name: Create index.html file with proper ownership and mode
      file:
        path: /opt/app/web/index.html
        state: touch
        owner: app-owner
        group: app-owner
        mode: '0644'

Archive and Unarchive Modules

The archive module is useful for compressing files or directories. By default, it creates a GZ archive, though you can specify different formats using the format option. Conversely, the unarchive module decompresses files and can transfer archives from the Ansible controller to target systems. When working with files already existing on the remote host, set remote_src: yes.

---
- hosts: all
  tasks:
    - name: Compress the /opt/app/web folder
      archive:
        path: /opt/app/web
        dest: /tmp/web.gz
        format: gz

    - name: Uncompress the archive on the remote host
      unarchive:
        src: /tmp/web.gz
        dest: /opt/app/web
        remote_src: yes

Cron Module

The cron module automates the configuration of scheduled tasks (cron jobs) on managed nodes. With this module, you can specify details such as the job name, command, and exact schedule parameters like month, day, hour, minute, and even weekday.

Example: Specific Date and Time

Schedule a job to execute on February 19 at 08:10.

---
- hosts: all
  tasks:
    - name: Create a scheduled task for February 19 at 08:10
      cron:
        name: Run daily health report
        job: sh /opt/scripts/health.sh
        month: 2
        day: 19
        hour: 8
        minute: 10

Example: Using Wildcards

Run the task every day at 08:10 using wildcards for the month and day values.

---
- hosts: all
  tasks:
    - name: Create a scheduled daily task at 08:10
      cron:
        name: Run daily health report
        job: sh /opt/scripts/health.sh
        month: "*"
        day: "*"
        hour: 8
        minute: 10
        weekday: "*"

This schedule corresponds to the following cron syntax:

10 8 * * *

Example: Using Step Values

Configure a task to run every two minutes using step values in the minute field:

---
- hosts: all
  tasks:
    - name: Create a scheduled task to run every two minutes
      cron:
        name: Run daily health report
        job: sh /opt/scripts/health.sh
        month: "*"
        day: "*"
        hour: "*"
        minute: "*/2"
        weekday: "*"

Which is equivalent to the cron entry:

*/2 * * * *

User, Group, and Authorized Keys Modules

Managing user accounts and groups is made simple with the user and group modules. The user module allows you to set properties such as user ID, default group, login shell, and more. Additionally, the group module is used to create or manage user groups.

---
- hosts: all
  tasks:
    - name: Create a new user "maria"
      user:
        name: maria
        uid: 1001
        group: developers
        shell: /bin/bash

    - name: Create the "developers" group
      group:
        name: developers

To manage SSH keys for user accounts, use the authorized_keys module. This module distributes public SSH keys to specified user accounts on managed nodes.

---
- hosts: all
  tasks:
    - name: Configure SSH keys for user "maria"
      authorized_keys:
        user: maria
        state: present
        key: |
          ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABQC4WKn4K2G3iWg9HdCGo34gh+......root@97a1b9c3a

That concludes the overview of these additional Ansible modules. In upcoming labs, you'll have plenty of practical exercises to deepen your understanding and enhance your skills with these modules.

Happy automating!

Watch Video

Watch video content

Practice Lab

Practice lab

Previous
Frequently Asked Questions