Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Writing Ansible Modules (DENOG11)

219 Aufrufe

Veröffentlicht am

Ansible is an established tool for server and network configuration. One reason for it's success is the simple architecture that encourages own customization and extension.

Here I want to present how own modules, i.e. single configuration actions on the target host, are implemented with Python or other languages.

Veröffentlicht in: Technologie
  • ⇒ www.WritePaper.info ⇐ is a good website if you’re looking to get your essay written for you. You can also request things like research papers or dissertations. It’s really convenient and helpful.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Hello! I can recommend a site that has helped me. It's called ⇒ www.HelpWriting.net ⇐ They helped me for writing my quality research paper.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier

Writing Ansible Modules (DENOG11)

  1. 1. Writing Ansible Modules Martin Schütte 11 November 2019
  2. 2. Assumptions You … • configure servers or network devices • have already seen Ansible config • can write shell scripts This talk … • is no Ansible how-to • has more slides online • is available on noti.st Martin Schütte | Ansible Modules | DENOG 11 2/34
  3. 3. Outline 1. Concepts Module Basics Orchestration with Host Delegation 2. Writing Modules Simple Example: ipify API Patterns & Misc. Hints Debugging Beyond Python 3. Conclusion Martin Schütte | Ansible Modules | DENOG 11 3/34
  4. 4. Concepts
  5. 5. Concepts Intro
  6. 6. Ansible – Concepts and Naming Ansible is a radically simple IT automation platform. • controller • target host • playbook • role • task • module Martin Schütte | Ansible Modules | DENOG 11 4/34
  7. 7. Example: Simple Playbook --- - hosts: webserver vars: apache_version: latest tasks: - name: ensure apache is at given version yum: name: httpd state: ”{{ apache_version }}” - hosts: dbserver roles: - ansible-role-postgresql Martin Schütte | Ansible Modules | DENOG 11 5/34
  8. 8. Concepts Module Basics
  9. 9. What is a Module? some code snippet to run on the (remote) host executable with input and output Martin Schütte | Ansible Modules | DENOG 11 6/34
  10. 10. Minimal Module #!/bin/sh echo '{”foo”: ”bar”}' exit 0 #!/usr/bin/python if __name__ == '__main__': print('{”foo”: ”bar”}') exit(0) Martin Schütte | Ansible Modules | DENOG 11 7/34
  11. 11. Action Plugins call Modules • plugins run on the controller • may prepare input for modules • may handle “special” connections (non SSH or WinRM) • defaults to normal to run module on target host Martin Schütte | Ansible Modules | DENOG 11 8/34
  12. 12. Concepts Orchestration with Host Delegation
  13. 13. normal SSH Target # in Playbook - hosts: webserver tasks: - name: webserver reload service: name: httpd state: reloaded Martin Schütte | Ansible Modules | DENOG 11 9/34
  14. 14. normal SSH Target, with delegate_to - hosts: webserver tasks: - name: webserver reload # ... - name: loadbalancer reload delegate_to: loadbalancer service: name: nginx state: reloaded Martin Schütte | Ansible Modules | DENOG 11 10/34
  15. 15. Network, Vendor Specific junos_command - hosts: router tasks: - name: get interfaces connection: local junos_command: command: show interface terse provider: host: router username: foo Martin Schütte | Ansible Modules | DENOG 11 11/34
  16. 16. Network, New Generic cli_command - hosts: router tasks: - name: get interfaces cli_command: command: show interface terse # uses Ansible inventory to read variables # ansible_network_os=junos, ansible_connection=network_cli, # ansible_user, ansible_password, ansible_ssh_common_args Martin Schütte | Ansible Modules | DENOG 11 12/34
  17. 17. Writing Modules
  18. 18. Writing Modules Don’t
  19. 19. Avoid Writing Own Code • get_url – Downloads files • uri – Interacts with webservices • wait_for – Waits for a condition before continuing • set_fact – Set host facts from a task - name: Wait for port 8000 to become open on the host wait_for: port: 8000 delay: 10 - name: wait for service to become available uri: url: 'https://{{ inventory_hostname }}:{{ svc_port }}/service' return_content: yes register: content until: content.status == 200 retries: 60 delay: 10 when: not ansible_check_mode Martin Schütte | Ansible Modules | DENOG 11 13/34
  20. 20. Writing Modules Simple Example: ipify API
  21. 21. Documentation ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ['stableinterface'], 'supported_by': 'community'} DOCUMENTATION = r''' --- module: ipify_facts short_description: Retrieve the public IP of your internet gateway version_added: '2.0' options: api_url: ... ''' EXAMPLES = r''' # Gather IP facts from ipify.org - name: Get my public IP ipify_facts: # Gather IP facts from your own ipify service endpoint with a custom timeout - name: Get my public IP ipify_facts: api_url: http://api.example.com/ipify timeout: 20 ''' RETURN = ... Martin Schütte | Ansible Modules | DENOG 11 14/34
  22. 22. ansible-doc $ ansible-doc --snippet ipify_facts - name: Retrieve the public IP of your internet gateway ipify_facts: api_url: # URL of the ipify.org API service. timeout: # HTTP connection timeout in seconds. validate_certs: # When set to `NO', SSL certificates will not be validated. $ ansible-doc ipify_facts > IPIFY_FACTS (.../site-packages/ansible/modules/net_tools/ipify_facts.py) If behind NAT and need to know the public IP of your internet gateway. * This module is maintained by The Ansible Community OPTIONS (= is mandatory): - api_url URL of the ipify.org API service. `?format=json' will be appended per default. [Default: https://api.ipify.org/] type: str ... Martin Schütte | Ansible Modules | DENOG 11 15/34
  23. 23. ipify_facts.py def main(): global module module = AnsibleModule( argument_spec=dict( api_url=dict(type='str', default='https://api.ipify.org/'), timeout=dict(type='int', default=10), validate_certs=dict(type='bool', default=True), ), supports_check_mode=True, ) ipify_facts = IpifyFacts().run() ipify_facts_result = dict(changed=False, ansible_facts=ipify_facts) module.exit_json(**ipify_facts_result) if __name__ == '__main__': main() Martin Schütte | Ansible Modules | DENOG 11 16/34
  24. 24. ipify_facts.py class IpifyFacts(object): def __init__(self): self.api_url = module.params.get('api_url') self.timeout = module.params.get('timeout') def run(self): result = { 'ipify_public_ip': None } (response, info) = fetch_url(module=module, url=self.api_url + ”?format=json”, force=True, timeout=self.timeout) if not response: module.fail_json(msg=”No valid or no response ...”) data = json.loads(to_text(response.read())) result['ipify_public_ip'] = data.get('ip') return result Martin Schütte | Ansible Modules | DENOG 11 17/34
  25. 25. Usage in Tasks - name: get IP from alternative service endpoint ipify_facts: api_url: https://api6.ipify.org register: ip_public - name: debug output debug: msg: | fact: {{ ipify_public_ip }} reg: {{ ip_public.ansible_facts.ipify_public_ip }} TASK [my_role : debug output] ********************** ok: [server] => { ”msg”: ”fact: 2001:db8:1:2::42nreg: 2001:db8:1:2::42n” } Martin Schütte | Ansible Modules | DENOG 11 18/34
  26. 26. Writing Modules Patterns & Misc. Hints
  27. 27. my_module.py from ansible.module_utils.basic import AnsibleModule def main(): module = AnsibleModule( argument_spec=dict( # ... ) ) rc = do_something() result = { ”msg”: ”Hello World”, ”rc”: rc, ”failed”: False, ”changed”: False, } module.exit_json(**result) if __name__ == '__main__': main() Martin Schütte | Ansible Modules | DENOG 11 19/34
  28. 28. File Locations: library and module_utils my_role/ meta defaults tasks library my_module.py module_utils my_util_lib.py • role can use Ansible module my_module in tasks • import * from my_util_lib finds Python module in module_utils • for “larger” libraries use packages (pip/rpm/dpkg) Martin Schütte | Ansible Modules | DENOG 11 20/34
  29. 29. “standard library” AnsibleModule Useful common methods: • argument_spec for parameters • supports_check_mode • exit_json(), fail_json() • atomic_move(), run_command() • bytes_to_human(), human_to_bytes() Other module_utils: • api: function/decorator @rate_limit() • timeout: function/decorator @timeout(secs) Martin Schütte | Ansible Modules | DENOG 11 21/34
  30. 30. Pattern: Idempotency • Playbooks can run many times • As few changes as possible • Only perform required actions 1. Get spec parameters 2. Check actual state of system if = then: done, do nothing if ̸= then: action to change state Martin Schütte | Ansible Modules | DENOG 11 22/34
  31. 31. Check Mode/“Dry Run” • Return information but never apply changes • Optional, but recommended for modules Example in hostname module: def update_permanent_hostname(self): name = self.module.params['name'] permanent_name = self.get_permanent_hostname() if permanent_name != name: if not self.module.check_mode: self.set_permanent_hostname(name) self.changed = True Martin Schütte | Ansible Modules | DENOG 11 23/34
  32. 32. Diff Return Value Example from hostname: if changed: kw['diff'] = {'after': 'hostname = ' + name + 'n', 'before': 'hostname = ' + name_before + 'n'} Example output, sample module: TASK [set hostname] ***************************************** --- before +++ after @@ -1 +1 @@ -hostname = workstation.example.org +hostname = controller.example.org changed: [workstation] => {”ansible_facts”: {...}, ”changed”: true, ”name”: ”controller.example.org”} Martin Schütte | Ansible Modules | DENOG 11 24/34
  33. 33. Set Facts In a playbook: - do_something: # ... register: result_var - set_fact: foo: ”{{ result_var.results | list }}” In a module (from hostname): kw = dict(changed=changed, name=name, ansible_facts=dict(ansible_hostname=name.split('.')[0], ansible_nodename=name, ansible_fqdn=socket.getfqdn(), ansible_domain='.'.join( socket.getfqdn().split('.')[1:]))) module.exit_json(**kw) Martin Schütte | Ansible Modules | DENOG 11 25/34
  34. 34. Pattern: Check Dependencies try: import psycopg2 import psycopg2.extras except ImportError: HAS_PSYCOPG2 = False else: HAS_PSYCOPG2 = True def main(): module = AnsibleModule() # ... if not HAS_PSYCOPG2: module.fail_json( msg=”the python psycopg2 module is required”) Martin Schütte | Ansible Modules | DENOG 11 26/34
  35. 35. Writing Modules Debugging
  36. 36. Debugging Tools and Tips Dev environment: • Vagrant • keep_remote_files = True • ansible -vvv Module tools: • “print to output” • AnsibleModule.log() • q Martin Schütte | Ansible Modules | DENOG 11 27/34
  37. 37. Debugging – printf • Ansible reads stdin and stdout, expects JSON ⇒ cannot use print() to debug • Use output values instead # ... debug_msg = ”some_func({}) returned {}”.format(bar, foo) # ... module.exit_json(result=foo, debug_msg=debug_msg) ok: [server] => { ”changed”: false, ”debug_msg”: ”some_func(bar) returned foo”, ... } Martin Schütte | Ansible Modules | DENOG 11 28/34
  38. 38. Debugging – AnsibleModule log() • AnsibleModule includes method log() with variants debug() and warn() • Writes to journald or Syslog module.log(”Hello World”) # tail /var/log/messages Feb 9 15:02:59 server ansible-my_module: Invoked with param=... Feb 9 15:02:59 server ansible-my_module: Hello World Martin Schütte | Ansible Modules | DENOG 11 29/34
  39. 39. Debugging – q • PyPI q or zestyping/q  • Always writes to /tmp/q • function decorators try: import q except ImportError: def q(x): return x @q def my_func(params): q(special_var) # ... $ tail /tmp/q 0.0s my_func('VERSION') 0.0s my_func: 'special_value' 0.0s -> {'failed': False, 'msg': '...'} Martin Schütte | Ansible Modules | DENOG 11 30/34
  40. 40. Writing Modules Beyond Python
  41. 41. Ansible Modules in Other Languages • Python: the default choice, best tools and support. Also required for network modules/plugins on controller. • PowerShell: officially supported for modules on Windows • Scripting Languages: work fine for modules, but lack AnsibleModule standard library • Binary Executables: possible but not practical. – Instead install with OS package, then use command or a thin wrapper module. Martin Schütte | Ansible Modules | DENOG 11 31/34
  42. 42. Conclusion
  43. 43. Conclusion • It is easy to write Python modules for Linux-like targets. • Network devices are hard (connections, OS, CLI variation). Community, Red Hat, and vendors are working on better abstractions. • Ansible project moves fast (release 2.9 ̸= 2.3 ̸= 1.8). • Check Module Maintenance Levels. • Core: Ansible Engineering Team • Network: Ansible Network Team • Certified: Ansible Partners • Community Martin Schütte | Ansible Modules | DENOG 11 32/34
  44. 44. Links • Ansible Docs on “Modules: Conventions, tips, and pitfalls” • ansible/ansible  • Ansible: Up & Running, 2nd ed by Lorin Hochstein & René Moser (covers Ansible 2.3) • Ansible Docs on “Ansible for Network Automation” • Network Working Group, ansible/community  Martin Schütte | Ansible Modules | DENOG 11 33/34
  45. 45. The End Thank You! — Questions? Martin Schütte @m_schuett  info@martin-schuette.de  slideshare.net/mschuett/  noti.st/mschuett/ Martin Schütte | Ansible Modules | DENOG 11 34/34

×