A great way to gain understanding of Ansible (or any language for that matter) is seeing code examples. The Ansible documentation links below also have code examples.
Table of Contents
- References
- s3_playbook
- What it does
- Vars File
- Playbook
- Running the Playbook
- Using Roles
- Folder Structure
- provision_s3 role: main.yml files
- meta > main.yml file
- tasks > main.yml file
- vars > main.yml file
- Example Playbook Using the provision_s3 Role
- Running the Playbook
1. References
References to the NetApp ONTAP Ansible modules used in this post:
2. s3_playbook
2.1. What it does
Creates an S3 Bucket
2.2. Vars File
s3_vars.yml
netapp_hostname: cluster1.yourcompany.com
netapp_username: admin
vserver: svm1_cluster1
bucket_name: bucket1
statements:
- sid: 1
resources: bucket1
actions:
- GetObject
- ListBucket
effect: allow
principals: sm_s3_user
- sid: 2
resources: bucket1
actions:
- PutObject
- DeleteObject
effect: deny
principals: sm_s3_user
2.3. Playbook
s3_playbook.yml
---
- hosts: localhost
gather_facts: false
name: Provision S3 Storage
collections:
- netapp.ontap
module_defaults:
group/netapp.ontap.netapp_ontap:
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
vserver: "{{ vserver }}"
https: true
validate_certs: false
use_rest: auto
vars_prompt:
- name: "netapp_password"
prompt: "Enter the NetApp Admin Password"
private: true
confirm: true
vars_files:
- ./s3_vars.yml
tasks:
- name: Create S3 Bucket
na_ontap_s3_buckets:
state: present
name: "{{ bucket_name }}"
policy:
statements: "{{ statements }}"
2.4. Running the Playbook
ansible@ansible:~$ ansible-playbook s3_playbook.yml
3. Using Roles
For reuse-ability, using roles is the recommended way of doing things:
Ansible - Roles (tutorialspoint.com)
"Roles provide a framework for fully independent, or interdependent collections of variables, tasks, files, templates, and modules.
"In Ansible, the role is the primary mechanism for breaking a playbook into multiple files. This simplifies writing complex playbooks, and it makes them easier to reuse. The breaking of playbook allows you to logically break the playbook into reusable components."
3.1. Folder Structure
In the roles folder, we create our role folder (our role) called - provision_s3 - and 3 folders inside that folder - meta, tasks, vars. Each of the 3 sub-folders has a main.yml file.
3.2 provision_s3 role: main.yml files
3.2.1. meta > main.yml file
collections:
- netapp.ontap
3.2.2. tasks > main.yml file
---
- name: Create S3 Bucket
na_ontap_s3_buckets:
state: present
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
vserver: "{{ vserver }}"
https: true
validate_certs: false
use_rest: auto
name: "{{ bucket_name }}"
policy:
statements: "{{ statements }}"
3.2.3. vars > main.yml file
netapp_hostname: cluster1.yourcompany.com
netapp_username: admin
vserver: svm1_cluster1
3.3. Example Playbook Using the provision s3 Role
provision_s3.yml
- hosts: localhost
gather_facts: false
vars_prompt:
- name: "netapp_password"
prompt: "Enter the NetApp Admin Password"
private: true
confirm: true
roles:
- role: provision_s3
bucket_name: bucket2
statements:
- sid: 1
resources: bucket2
actions:
- GetObject
- ListBucket
effect: allow
principals: sm_s3_user
3.4. Running the Playbook
ansible@ansible:~$ ansible-playbook provision_s3.yml
Comments
Post a Comment