Loops in Ansible Playbook
To demonstrate the 'loop' in Ansible, let's take tasks from a playbook I used in another training to configure a Kubernetes cluster.
---
- name : Install the required packages, set the Selinux to permissive , disable the swap etc
hosts: all
become : True
tasks :
- name: Ensure SELinux is set to permissive mode in the configuration file
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=permissive
- name: Put SELinux in permissive mode.
ansible.posix.selinux:
policy: targeted
state: permissive
- name: Configure required modules
shell : modprobe overlay ; modprobe br_netfilterLet's break down the playbook and then enhance the last task to utilize an Ansible loop.
Setting SELinux to Permissive Mode:
The first two tasks focus on SELinux configuration.
In the
lineinfiletask, we ensure that theSELINUXline in the/etc/selinux/configfile is set topermissive.The
ansible.posix.selinuxtask puts SELinux in permissive mode for the targeted policy.
Configuring Required Modules:
The third task executes a shell command to load two kernel modules:
overlayandbr_netfilter.These modules are essential for containerization and network filtering.
Enhancing the Last Task with an Ansible Loop:
Instead of using a shell command directly, let's modify the last task to use an Ansible loop.
We'll use the
loopkeyword to iterate over a list of module names and load them.Here's the updated task:
- name: Configure required modules using Ansible loop
shell: "modprobe {{ item }}"
loop:
- overlay
- br_netfilterIn this new task:
The
shellmodule runs themodprobecommand for each item in the loop.The
itemvariable represents the current module name (e.g.,overlay,br_netfilter).
Now your playbook will dynamically load the specified modules using the Ansible loop!
One other section of the playbook that can be optimized with 'loop' is given below.
- name: Configure sysctl parameter
lineinfile:
create: yes
path: /etc/sysctl.d/99-kubernetes-cri.conf
line: net.bridge.bridge-nf-call-iptables = 1
- name: Configure sysctl parameter
lineinfile:
path: /etc/sysctl.d/99-kubernetes-cri.conf
line: net.ipv4.ip_forward = 1
- name: Configure sysctl parameter
lineinfile:
path: /etc/sysctl.d/99-kubernetes-cri.conf
line: net.bridge.bridge-nf-call-ip6tables = 1
- name: Update the change in the configuration
shell: sysctl --system
We'll consolidate this into a single task that iterates over the required parameters.
- name: Configure sysctl parameters using Ansible loop
lineinfile:
create: yes
path: /etc/sysctl.d/99-kubernetes-cri.conf
line: "{{ item }}"
loop:
- "net.bridge.bridge-nf-call-iptables = 1"
- "net.ipv4.ip_forward = 1"
- "net.bridge.bridge-nf-call-ip6tables = 1"
- name: Update the changes in the configuration
shell: sysctl --systemIn this updated task:
The
lineinfilemodule will add each parameter line to the specified file.The
loopiterates over the list of parameters, ensuring cleaner and more concise code.
Here is another instance of 'loop' in the same playbook, which should be self-explanatory. Like this, the playbooks can be simplified and enhanced with appropriate loops.
- name: Add kubernetes repository
yum_repository:
name: Kubernetes
description: Kubernetes
baseurl: 'https://pkgs.k8s.io/core:/stable:/v1.28/rpm/'
#baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled: True
gpgcheck: False
gpgcakey : 'https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key'
#gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
#exclude: kubelet kubeadm kubectl cri-tools kubernetes-cni
# Kubelet will not start if the system has swap enabled, so let us disable the swap.
- name: Remove swapfile from /etc/fstab
mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- none
- name: Disable swap
command: swapoff -a
when: ansible_swaptotal_mb > 0
- name: Install a list of packages for kubernetes
yum:
name:
- kubelet
- kubeadm
- kubectl
- containerd
state: presentReference
Last updated