This tutorial will walk you through the workflow of using Ansible in a professional setting. There have been some major changes in how Ansible is used since the release of Ansible Galaxy, a registry for Ansible modules.
Ansible Galaxy is a registry that holds Roles and Collections that can be downloaded for use. Galaxy downloads into items to ~/.ansible directory that is automatically created. In this tutorial we will be focusing on how to use roles as they are the most commonly reused component in Ansible. This means that you will need to make a playbook as well.
To begin lets go over the various ways in which you can install roles locally.
# Manually
ansible-galaxy install <ansible galaxy namespace>.<ansible-role-name>
# With requirements file
ansible-galaxy install -r requirements.yml
This is what a requirements.txt looks like.
# Minimal
- src: dev-sec.os-hardening
# With release version
- src: dev-sec.ssh-hardening
version: 7.0.0
# With commit hash
- src: dev-sec.ssh-hardening
version: 63ddfd89481c4d846d3ffd7e66d99252f0efd36f
Once you install the role locally, you can then use it in a playbook as below.
- hosts: all
roles:
- dev-sec.os-hardening
- dev-sec.ssh-hardening
- insight_infra.icon_prep
vars:
foo: bar