====== Ansible best practice ======

Reference:  xavki (youtube)
 
/etc/ansible/ansible.cfg
<code>
[defaults]
host_key_checking = False             # don't ask for accepting ssh keys
callback_whithelist = profile_task    # Print tasks duration
forks = 30                            # Parallel sessions
log_path = ./ansible_log.txt

[ssh_connection]
pipelining = True                     # Send python command to target directly to python interpreter, better for perf
ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s PreferredAuthentification=publickey
</code>

Collect only one time (during one hour) info (gather_cache) on target...os_version...
<code>
[defaults]
fact_caching = jsonfile
fact_caching_timeout = 3600
fact_caching_connection = /tmp/myfacts
</code>

Test you playbook
<cli prompt='#'>
# ansible-playbook -i inventories/production myplaybook.yml --check
</cli>
Or
<cli prompt='#'>
# ansible-playbook -i inventories/production myplaybook.yml --dry-run
</cli>

=== Using setup module ===

Collect directly gather facts
<cli prompt='#'>
# ansible-playbook -i inventory.yml all -m setup
</cli>

Filter on a specific setting
<cli prompt='#'>
# ansible-playbook -i inventory.yml all -m setup -a "filter=ansible_user*"
</cli>
===== Create a base folder structure =====

<cli prompt='$'>
[ansible@lnxa100 ~]$ ansible-galaxy init test-role-1
- Role test-role-1 was created successfully
[ansible@lnxa100 ~]$ ll
drwxrwxr-x  2 ansible ansible  39 Mar  6 13:17 facts
drwxrwxr-x 10 ansible ansible 154 Mar  6 14:21 test-role-1
[ansible@lnxa100 ~]$ cd test-role-1/
[ansible@lnxa100 test-role-1]$ ll
drwxrwxr-x 2 ansible ansible   22 Mar  6 14:21 defaults
drwxrwxr-x 2 ansible ansible    6 Mar  6 14:21 files
drwxrwxr-x 2 ansible ansible   22 Mar  6 14:21 handlers
drwxrwxr-x 2 ansible ansible   22 Mar  6 14:21 meta
-rw-rw-r-- 1 ansible ansible 1328 Mar  6 14:21 README.md
drwxrwxr-x 2 ansible ansible   22 Mar  6 14:21 tasks
drwxrwxr-x 2 ansible ansible    6 Mar  6 14:21 templates
drwxrwxr-x 2 ansible ansible   39 Mar  6 14:21 tests
drwxrwxr-x 2 ansible ansible   22 Mar  6 14:21 vars
</cli>

===== Inventory ====

You can export the variable or use the default
<cli prompt='#'>
export ANSIBLE_HOSTS=~/hosts
</cli>

Inventory type file can be json, text or yml
<cli prompt='#'>
# vi /etc/ansible/hosts
[servers]
server1 ansible_host=203.0.113.111
server2 ansible_host=203.0.113.112
server3 ansible_host=203.0.113.113

[all:vars]
ansible_python_interpreter=/usr/bin/python3
</cli>

List your inventory:
<cli prompt='#'>
# ansible-inventory --list -y
all:
  children:
    servers:
      hosts:
        server1:
          ansible_host: 203.0.113.111
          ansible_python_interpreter: /usr/bin/python3
        server2:
          ansible_host: 203.0.113.112
          ansible_python_interpreter: /usr/bin/python3
        server3:
          ansible_host: 203.0.113.113
          ansible_python_interpreter: /usr/bin/python3
    ungrouped: {}
</cli>

Another example
<cli prompt='#'>
# vi /etc/ansible/hosts
[servers]
server1 ansible_host=203.0.113.111
server2 ansible_host=203.0.113.112
server3 ansible_host=203.0.113.113

[all:vars]
ansible_python_interpreter=/usr/bin/python3

[linux:var]
ansible_connection=ssh
ansible_ssh_user=ansible
ansible_ssh_pass=secret_password
ansible_python_interpreter='/usr/bin/env python3'
ansible_become_method=sudo
</cli>

==== Send result by mail ====