Getting started with Ansible 16 (Series Finale) - Templates

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome back to my channel and welcome back to my ansible series this is video number 16 which is actually the final video in this series and don't worry i'm not going to stop covering ansible at this point i love ansible way too much to give up on it i definitely want to create more content i just feel like at this point i've taught you guys all the foundational knowledge that you need to use ansible so from here on out if there's any additional topics that i want to cover i could probably do so in a standalone video in this video in particular i am going to show you guys how to use templates templates allow us to basically have well a template that has variables in it that we can use to apply to multiple hosts and then we can independently change the variable on each host as we see fit it's going to make more sense in a moment but it's a great way to go ahead and provision servers that have services and config files that we need to manage so let's go ahead and dive back into ansible one last time and check out templates [Music] now off camera i've already gone ahead and updated and committed all of the changes we've done so far to the repository i figured that you guys didn't need to see me do that again for the hundredth time i think you understand that version control is very important when it comes to ansible or pretty much any devops topic for that matter let's go ahead and dive into templates so what i'm going to use as an example is the configuration file for the ssh service which i'm assuming you have set up because well ansible kind of requires that but we definitely want to go ahead and make sure that we can customize that file per server because ssh is the number one way that hackers break into servers so to have a template file that we can use to go ahead and automate our changes to the ssh service that would be pretty nice and it's not specific to ssh that's just what i'm going to use as an example now on any of your servers you should have this config file right here i'm just going to go ahead and open it in a text editor the etsy ssh sshd underscore config file and regardless of whether you are using centos w and ubuntu arch linux or whatever you are using this path at least on all the distributions i've ever seen is all the same here and it's basically telling me that i don't have permission to write to the file that's fine i didn't use sudo because i didn't intend to make any changes anyway but basically we have all kinds of options here that we can use to configure the ssh service these options are going to be different from one distribution to another yes this file is at the same path on each distribution but each distro basically has some different defaults for this file so what we want to do is go ahead and grab this file and actually store it in version control so i'll explain so what i'm going to do is go ahead and go into the roles directory and i want to add this to the base role because this is something that i want every server to get so i'll go in there and we have our directory structure and you know for this we only have the task directory anyway and we have our taskbook right there but actually what we want to do is create a new directory called templates and i'll go inside there so what we want to do is grab a starting ssh config file and this is a workstation that's what i'm using it for but it doesn't really matter ubuntu is ubuntu so ssh is packaged the exact same way no matter what so what i'm going to do is copy the ssh config file from this host right here and i'm going to copy it to this directory but i'm going to call it sshd config underscore ubuntu dot j2 so now we have the file right here and this is technically a template even though we haven't really done anything yet at least i'm going to convert it into a template i added the j2 extension to the file because that is the default extension for templates inansible it's a jinja2 format which is actually spelled like this and that format is not specific to ansible but ansible uses it heavily anyway what i'm also going to do is grab that same file from the centos system now i can just use scp for that to go ahead and grab it so i'll type the ip address here of the centos system in my case and then the same path and i'm going to save that as sshd underscore config underscore centos dot j2 type in the password of that server and it's telling me permission denied that's okay i can go ahead and temporarily change the permissions here so and then this should actually work this time and then i'll undo the change that i made so i'll just do other minus r i guess that's good enough for now it's just a test server anyway so now we have the configuration files for ssh for both centos as well as ubuntu saved locally but we need to convert these over to templates now there's no actual difference between a text file in a template file it's just an extension but what we can do is go ahead and open up one of these so i'll do that now i'll open up the centos version of the file now what we want to do is search for allow users now in nano you can just do control w this is what we're going to be adding we just want to make sure that it's not already here and it's not so we can go ahead and add it it doesn't really matter where i'll just go ahead and put it here but what i'm going to do instead is add a variable here because normally you could just do something like this with ssh if you want to only allow this user to access it then we can also add the ansible user as well we just have a space and then a username and however many usernames we want but let's go ahead and make this a variable and then what i'm going to do is go ahead and save this file and then i'm going to do the same thing for the ubuntu version again i'm going to double check that allow users isn't already here it's not so let's go ahead and add it just like that same as the other one and now what we need to do is go back a few directories here to the beginning and we need to go ahead and edit the host variable files these right here and what i'm going to do is go ahead and basically edit all of them i'm going to use some vim tricks to basically automate this or at least make this a little bit easier you could use whatever text editor you want it really doesn't matter at this point so i'm just going to use vim and open up each of these files and now the file that we have is the file for the ubuntu server ending in dot 132 so what i'm going to do is add the new variables that we will be needing you already saw ssh users and then i'm going to add my user and then simone our ansible user and then ssh underscore template underscore file which is actually new in this case that's going to be sshd config baboon 2.j2 so i added those two variables here and what i'm going to do is just use visual select mode in vim it doesn't matter how you do this or you can add them manually to each file if you want to i'm just too lazy to do that i'll write the change go to the next file paste it here write the change go to the next file thing again save the file go to the next one and now we're on the centos version right here and we're going to change this right here to centos and then save it now before we run this i do need to go ahead and add the workstation to the host variables we don't have a host variables file for that one yet so i'll go ahead and take care of that because basically this playbook is going to run against all of the servers and it's going to fail as soon as it hits the workstation here so let's go ahead and get that added so we're in the host bars file and what i'm going to do is copy one of the ubuntu host vars files to the ip address of my workstation here otherwise this will fail so that was pretty easy we were able to go ahead and get that added now what we're going to do is go into our roles directory and then base and here's the directories that we have again we're going to go into tasks and we're going to edit the main playbook right here we only have this one play so we're going to go ahead and add another one right here i gave it this name we're just basically generating the sshd config from a template tags i'll just add ssh for that for now then template we'll do source and we just basically set it equal to that variable the destination is going to be the same on each the owner will be root group will also be root the mode will be 0 6 44 we're going to create a handler for this as well and we're going to call it that i'll close this file and i saved it now we'll go back one level we don't have a handlers directory yet let's go ahead and take care of that inside here we will create main.yml and the play will have a name that's the same as the one we called restart sshd service service name is the same regardless of which distro it is whether it's ubuntu debian are sent to us doesn't matter so the name will be sshd and the state will be restarted now assuming i didn't make any clumsy mistakes it should work just fine and we should see the change on each of the servers let's see what happens and we can go ahead and look through the output here and we see the output so generate sshd config file from template it did change on the workstation which caused it to restart the ssh service now if we go to any of the servers and edit that same config file we can see that we have allow users right here so that means that this template was a success we can basically change the template file to have this config file changed on all of our servers which is the value that templates give us basically they give us a starting point and then we can use variables to differentiate them from one host to another so let's go ahead and go back to our workstation and we have some changes here and all of these changes have to do with adding templates so let's go ahead and just add everything right here there we go so we have a simple commit message right there and we're going to go ahead and push those changes up to github and there we go and well that's it i bet you can see already the benefit of templates when it comes to ansible it's a very powerful thing to be able to do to templatize your config files for your servers and that concludes the ansible series i hope this was helpful for you guys i had a lot of fun with this series and i'm going to tackle some other subjects but i'm going to come back to ansible and do some standalone videos in the future ansible pool being one that i definitely want to cover so what did you think about this series let me know in the comments below and i will see you in the next video thanks so much for checking this out you

Info

Channel: LearnLinuxTV

Views: 8,111

Rating: undefined out of 5

Keywords: Tutorial, Learn Linux, ansible, ansible tutorial, templates, ansible templates, devops, ansible tutorial for beginners, infrastructure as code, devops tools, ansible playbook, devops tutorial, getting started with ansible, ansible automation, ansible for beginners, ansible playbook tutorial, ansible 101, ansible training, learn ansible, ansible training for beginners, ansible training videos, redhat, linux, linux tutorial, ansible roles, ansible overview, devops training

Id: s8F_YWGHeDM

Channel Id: undefined

Length: 14min 32sec (872 seconds)

Published: Tue Sep 08 2020