Differences

This shows you the differences between two versions of the page.

--- ansible:ansible_os_deployment [2025/04/22 22:12]
manu [Create filesystems]
+++ ansible:ansible_os_deployment [2025/06/02 17:51] (current)
manu [Create filesystems]
@@ Line 1: / Line 1: @@
 ====== Ansible base OS customization ======
-Pre task for AIX to set
+===== Conditional role =====
+Assume 3 roles:
+  * aix_setup
+  * ppc64le_setup
+  * x86_64_setup
+  site.yml
+  roles/
+  ├── aix_setup/
+  ├── ppc64le_setup/
+  └── x86_64_setup/
+<cli prompt='#'>
+# ansible-galaxy init roles/aix_setup
+# ansible-galaxy init roles/ppc64le_setup
+# ansible-galaxy init roles/x86_64_setup
+</cli>
+  roles/
+  ├── aix_setup/
+  │   ├── defaults/
+  │   │   └── main.yml
+  │   ├── files/
+  │   ├── handlers/
+  │   │   └── main.yml
+  │   ├── meta/
+  │   │   └── main.yml
+  │   ├── tasks/
+  │   │   └── main.yml
+  │   ├── templates/
+  │   ├── tests/
+  │   │   ├── inventory
+  │   │   └── test.yml
+  │   └── vars/
+  │       └── main.yml
+Example main.yml
+<cli prompt='#'>
+# cat roles/ppc64le_setup/tasks/main.yml
+---
+- name: Print ppc64le architecture and OS
+  debug:
+    msg: "Running setup role on {{ inventory_hostname }}, OS: {{ ansible_system }}, Arch: {{ ansible_architecture }}"
+</cli>
+<cli prompt='#'>
+# cat conditional_roles.yml
+---
+- name: Run role based on system architecture and OS
+  hosts: all
+  become: yes
+  gather_facts: yes
+  pre_tasks:
+    - name: Get AIX version if applicable
+      ansible.builtin.shell: oslevel
+      when: ansible_system == "AIX"
+      register: aix_version
+      changed_when: false
+  roles:
+    - role: aix_setup
+      when:
+        - ansible_system == "AIX"
+        - "'7.2' in aix_version.stdout or '7.3' in aix_version.stdout"
+    - role: ppc64le_setup
+      when:
+        - ansible_architecture == "ppc64le"
+        - ansible_system != "AIX"
+    - role: x86_64_setup
+      when:
+        - ansible_architecture == "x86_64"
+        - ansible_system != "AIX"
+</cli>
+Also useful facts:
+=== AIX ===
+  "ansible_os_family": "AIX",
+  "ansible_distribution": "AIX",
+  "ansible_distribution_major_version": "7",
+  "ansible_distribution_release": "2",
+  "ansible_distribution_version": "7.2",
+  "ansible_architecture": "chrp",
+  "ansible_system": "AIX"
+=== Linux ===
+  "ansible_os_family": "RedHat",
+  "ansible_distribution": "openSUSE Leap",
+  "ansible_distribution_file_variety": "SUSE",
+  "ansible_distribution_major_version": "15",
+  "ansible_distribution_release": "1",
+  "ansible_distribution_version": "15.1",
+  "ansible_architecture": "x86_64",
+  "ansible_system": "Linux"
+or "ansible_architecture": "ppc64le",
+===== Pre task for AIX to set ansible_python_interpreter =====
 <cli prompt='#'>
 # cat pretask.yml
@@ Line 51: / Line 152: @@
     "mount_point": "/data",
     "size": "2G"
+    "type": "jfs2"
   },
   {
@@ Line 57: / Line 159: @@
     "mount_point": "/app",
     "size": "5G"
+    "type": "jfs2"
   }
 ]
@@ Line 75: / Line 178: @@
     - name: Create logical volume
       ansible.builtin.shell: |
-        mklv -t jfs2 -y {{ item.lvname }} {{ item.vgname }} {{ item.size }}
+        mklv -t {{ item.type }} -y {{ item.lvname }} {{ item.vgname }} {{ item.size }}
       args:
         creates: "/dev/{{ item.lvname }}"
@@ Line 82: / Line 185: @@
     - name: Create file system
       ansible.builtin.shell: |
-        crfs -v jfs2 -d {{ item.lvname }} -m {{ item.mount_point }} -A yes
+        crfs -v {{ item.type }} -d {{ item.lvname }} -m {{ item.mount_point }} -A yes
       args:
         creates: "{{ item.mount_point }}"
@@ Line 150: / Line 253: @@
 </cli>
+//Note//
+  AIX lsfs returns sizes in 512-byte blocks. So 4194304 blocks = 2G. You may need a helper function to normalize that if you want more accuracy.
+  You could replace size parsing with something like:
+  lsfs /data | awk 'NR>1 {printf "%.0fG\n", $3*512/1024/1024/1024}'
+===== Playbook2 =====
+<cli prompt='$'>
+[ansible@lnx001 playbooks]$ cat main.yml
+---
+- name: Master playbook
+  hosts: all
+  gather_facts: true
+  become: yes
+  roles:
+    - role: aix_system_config
+      when:
+        - ansible_system == "AIX"
+    - role: lnx_system_config
+      when:
+        - ansible_system == "Linux"
+[ansible@lnx001 playbooks]$ cat roles/lnx_system_config/tasks/main.yml
+---
+- name: Include SSH configuration tasks
+  include_tasks: ssh_config.yml
+[ansible@lnx001 playbooks]$ cat roles/lnx_system_config/vars/main.yml
+---
+_etc_ssh_sshd_config: /etc/ssh/sshd_config
+[ansible@lnx001 playbooks]$ cat roles/lnx_system_config/files/sshd_config.json
+[
+  {
+    "name": "Port",
+    "line": "Port 22",
+    "action": "replace"
+  },
+  {
+    "name": "ListenAddress",
+    "line": "ListenAddress 0.0.0.0",
+    "action": "replace"
+  },
+  {
+    "name": "ListenAddress",
+    "line": "ListenAddress ::",
+    "action": "remove"
+  },
+  {
+    "name": "UseDNS",
+    "line": "UseDNS no",
+    "action": "replace"
+  },
+  {
+    "name": "SyslogFacility",
+    "line": "SyslogFacility AUTH",
+    "action": "replace"
+  },
+  {
+    "name": "LogLevel",
+    "line": "LogLevel INFO",
+    "action": "replace"
+  },
+  {
+    "name": "PermitRootLogin",
+    "line": "PermitRootLogin yes",
+    "action": "replace"
+  },
+  {
+    "name": "PasswordAuthentication",
+    "line": "PasswordAuthentication yes",
+    "action": "replace"
+  },
+  {
+    "name": "UsePAM",
+    "line": "UsePAM yes",
+    "action": "replace"
+  },
+  {
+    "name": "PidFile",
+    "line": "PidFile /var/run/sshd.pid",
+    "action": "replace"
+  },
+  {
+    "name": "Subsystem",
+    "line": "Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTH -l INFO",
+    "action": "replace"
+  },
+  {
+    "name": "KexAlgorithms",
+    "line": "KexAlgorithms -*sha1*",
+    "action": "insertafter",
+    "after": "GSSAPIEnablek5users"
+  },
+  {
+    "name": "MACs",
+    "line": "MACs -*umac-64*,*sha1*,umac-128-etm@openssh.com",
+    "action": "insertafter",
+    "after": "GSSAPIEnablek5users"
+  }
+]
+</cli>

wiki

User Tools

Site Tools

Differences

Page Tools