登录 / 注册 Account
Jump to section

What is an Ansible playbook?

复制 URL

An Ansible® playbook is a blueprint of automation tasks—which are complex IT actions executed with limited or no human involvement. Ansible playbooks are executed on a set, group, or classification of hosts, which together make up an Ansible inventory.

Ansible playbooks are essentially frameworks, which are prewritten code developers can use ad-hoc or as starting template. Ansible playbooks are regularly used to automate IT infrastructure (such as operating systems and Kubernetes platforms), networks, security systems, and developer personas (such as Git and Red Hat CodeReady Studio).

Ansible playbooks help IT staff program applications, services, server nodes, or other devices without the manual overhead of creating everything from scratch. And Ansible playbooks—as well as the conditions, variables, and tasks within them—can be saved, shared, or reused indefinitely.

Ansible modules execute tasks. One or more Ansible tasks can be combined to make a play. Two or more plays can be combined to create an Ansible playbook. Ansible playbooks are lists of tasks that automatically execute against hosts. Groups of hosts form your Ansible inventory.

Each module within an Ansible playbook performs a specific task. Each module contains metadata that determines when and where a task is executed, as well as which user executes it. There are thousands of other Ansible modules that perform all kinds of IT tasks, such as:

Cloud management

oci_vcn creates, deletes, or updates virtual cloud networks in Oracle Cloud Infrastructure environments. Similarly, vmware_cluster adds, removes, or updates VMware vSphere clusters.

User management

selogin maps Linux® operating system (OS) users to SELinux user, and gitlab_user creates, updates, or deletes GitLab users.

Networking

Dozens of modules handle application programming interfaces (APIs); Cisco IOS, NXOS, and IOS XR devices; as well as F5 BIG-IP services.

Security

Openssh_cert generates an OpenSSH host or user certificates, and ipa_config manages global FreeIPA configuration settings.

Configuration management

pip manages Python library dependencies while assemble consolidates configuration files from fragments.

Communication

mail can automatically send emails based on certain criteria, and snow_record creates, deletes, or updates a single record in ServiceNow.

Ansible is capable of communicating with many different device classifications, from cloud-based REST APIs, to Linux and Windows systems, networking hardware, and much more. This is a sample of 2 Ansible modules automatically updating 2 types of servers:

--- name: update web servers
  hosts: webservers
  remote_user: root

  tasks:
  - name: ensure apache is at the latest version
    yum:
      name: httpd
      state: latest
  - name: write the apache config file
    template:
      src: /srv/httpd.j2
      dest: /etc/httpd.conf

- name: update db servers
  hosts: databases
  remote_user: root

  tasks:
  - name: ensure postgresql is at the latest version
    yum:
      name: postgresql
      state: latest
  - name: ensure that postgresql is started
    service:
      name: postgresql
      state: started

The playbook contains 2 plays: 

  • The first checks whether or not web server software is up to date and runs the update if necessary
  • The second checks whether or not database server software is up to date and runs the update if necessary

There’s a lot more to do with automation.

Ansible uses the YAML syntax. Depending on whom you ask, YAML stands for yet another markup language or YAML ain’t markup language (a recursive acronym). There are also 2 different, but perfectly acceptable, YAML file extensions: .yaml or .yml.

There are 2 ways of using Ansible playbooks: From the command line interface (CLI) or using the Red Hat Ansible Automation Platform’s push-button deployments.

From the CLI

After installing the open source Ansible project or Red Hat Ansible Automation Platform (which is as straightforward as typing sudo yum install ansible in the Red Hat Enterprise Linux CLI), all you need to do is use the ansible-playbook command to run Ansible playbooks.

From within the platform

The Red Hat Ansible Automation Platform web-based user interface includes push-button Ansible playbook deployments that are used as part of larger jobs (or job templates). These deployments come with additional safeguards that are particularly helpful to users who are newer to IT automation—or those without as much experience working in the CLI.

Get started with Ansible

Red Hat Ansible Automation Platform

An agentless automation platform