Skip to content

Common Task Reference

Managing Packages

The yum Ansible module uses the Yum Package Manager on the managed hosts to handle the package operations.

The following example is equivalent to yum install httpd

- name: Install httpd
  yum:
    name: httpd
    state: present

Run the ansible-doc yum command for additional parameters and playbook examples.

The package_facts Ansible module collects the installed package details on managed hosts.

Example:

    - name: Gather info on installed packages
      package_facts:
        manager: auto

    - name: List installed packages
      debug:
        var: ansible_facts.packages

The dnf module manages packages on operating systems such as Fedora using the DNF package manager.

    - name: Install httpd on RHEL
      yum:
        name: httpd
        state: present
      when: "ansible_distribution == 'RedHat'"

    - name: Install httpd on Fedora
      dnf:
        name: httpd
        state: present
      when: "ansible_distribution == 'Fedora'"

Subscription Management

The redhat_subscription Ansible module performs the registration and the subscription in one task.

Example:

- name: Register and subscribe the system
  redhat_subscription:
    username: yourusername
    password: yourpassword
    pool_ids: poolID
    state: present

Use the rhsm_repository module to enable Red Hat software repositories on a system.

- name: Enable Red Hat repositories
  rhsm_repository:
    name:
      - rhel-8-for-x86_64-baseos-rpms
      - rhel-8-for-x86_64-baseos-debug-rpms
    state: present

Yum Repo

To import a RPM GPG key and enable support for a repository on a managed host, Ansible provides the yum_repository module.

Example:

 - name: Deploy public key
      rpm_key:
        key: http://repo.example.com/yum/repository/RPM-GPG-KEY-example
        state: present

- name: Configure yum repo
  hosts: all
  tasks:
    - name: Ensure repo exists
      yum_repository:
        file: example 
        name: example
        description: Example 
        baseurl: http://repo.materials.example.com/yum/repository/
        enabled: yes
        gpgcheck: yes
        state: present

User Module

The user module lets you manage user accounts on a remote host.

Example:

- name: Add new user 
  user:
    name: joe
    shell: /bin/bash
    groups: developers
    append: yes
    generate_ssh_key: yes
    ssh_key_bits: 2048
    ssh_key_file: .ssh/id_my_rsa

Group Module

The group module allows you to manage (add, delete, modify) groups on the managed hosts.

Example:

- name: Verify that admin group exists
  group:
    name: admins
    state: present

Known Hosts Module

The known_hosts module lets you add or remove host keys from the known_hosts file on managed host.

Example:

- name: copy host keys to remote servers
  known_hosts:
    path: /etc/ssh/ssh_known_hosts
    name: user
    key: "{{ lookup('file', 'pubkeys/user') }}"

Authorized Key Module

The authorized_key module allows you to add or remove SSH authorized keys per user accounts.

Example:

- name: Set authorized key
  authorized_key:
    user: user
    state: present
    key: "{{ lookup('file', '/home/user/.ssh/id_rsa.pub') }}

The at Module

Quick one-time scheduling is done with the at module.

Example:

- name: remove user.
  at:
    command: userdel -r user
    count: 10
    units: minutes
    unique: yes

The cron Module

When setting a jobs scheduled task the cron module is used.

Example:

- cron:
  name: "Test"
  user: "root"
  minute: 45
  hour: 11
  job: "cat /dev/null > /var/log/error.log"

The systemd and service Modules

For managing services or reloading daemons, use the systemd and the service modules.

Examples:

- name: start httpd
  service:
    name: httpd
    state: started"

- name: reload web server
  systemd:
    name: httpd
    state: reload
    daemon-reload: yes

The Reboot Module

Example:

- name: "Reboot"
  reboot:
    reboot_timeout: 180

- name: force a quick reboot
  reboot:

The parted Module

The parted module supports the partition of block devices.

Example:

- name: New 10GB partition
  parted:
    device: /dev/sdb
    number: 1 
    state: present 
    part_end: 10GB

The lvg and lvol Modules

The lvg and lvol modules support the creation of logical volumes, including the configuration of physical volumes, and volume groups.

Examples:

- name: Creates a volume group
  lvg:
    vg: vg1
    pvs: /dev/vda1
    pesize: 32

- name: Create a logical volume of 2GB
  lvol:
    vg: vg1 
    lv: lv1 
    size: 2g

The filesystem Module

The filesystem module supports both creating and resizing a filesystem. This module supports filesystem resizing for ext2, ext3, ext4, ext4dev, f2fs, lvm, xfs, and vfat.

Example:

- name: Create an XFS filesystem
  filesystem:
    fstype: xfs
    dev: /dev/sdb1

The mount Module

The mount module supports the configuration of mount points on /etc/fstab.

Example:

- name: Mount device with ID
  mount:
    path: /logs 
    src: UUID=cef942cc-0bad-4814-8706-0a74d33ab137    fstype: ext4 
    state: present

Ansible Facts

Ansible uses facts to retrieve information to the control node about the configuration of the managed hosts.

Examples:

ansible webservers -m setup
ansible webservers -m setup -a 'filter=ansible_devices'
ansible webservers -m setup -a 'filter=ansible_device_links'
ansible webservers -m setup -a 'filter=ansible_mounts'

Networking with the Network System Role

RHEL8 includes a collection of system Ansible roles to configure RHEL-based systems. The rhel-system-roles package installs those system roles which, for example, support the configuration of time synchronization or networking.

List the currently installed system roles:

ansible-galaxy list

The network role is configured with two variables, network_provider and network_connections.

Example:

---
network_provider: nm
network_connections:
  - name: eth0
    persistent_state: present 
    type: ethernet 
    autoconnect: yes 
    mac: 00:00:6b:00:44:3e 
    ip:
      address:
        - 192.168.122.10/24
    zone: external

To use the network system role, you need to specify the role name:

  roles:
    - rhel-system-roles.network

Networking with Modules

The nmcli module supports the management of both network connections and devices.

Example:

- name: Configure NIC
  nmcli:
    conn_name: ens2-conn 
    ifname: ens2 
    type: ethernet 
    ip4: 192.168.122.20/24 
    gw4: 192.168.122.1 
    state: present

The hostname module sets the hostname:

- name: Change hostname
  hostname:
    name: server1

This task configures the eth0 in the external FirewallD zone.

- name: Moving eth0 to external
  firewalld:
    zone: external
    interface: eth0
    permanent: yes
    state: enabled

Ansible Facts

Ansible uses facts to retrieve information to the control node about the configuration of the managed hosts.

ansible webservers -m setup -a 'gather_subset=network filter=ansible_interfaces'
ansible webservers -m setup -a 'gather_subset=network filter=ansible_ens4'