90 lines
3.2 KiB
ReStructuredText
90 lines
3.2 KiB
ReStructuredText
Using Lookups
|
|
=============
|
|
|
|
Lookup plugins allow access of data in Ansible from outside sources. This can include the filesystem
|
|
but also external datastores. These values are then made available using the standard templating system
|
|
in Ansible.
|
|
|
|
.. note:: This is considered an advanced feature, and many users will probably not rely on these features.
|
|
|
|
Intro to Lookups: Getting File Contents
|
|
```````````````````````````````````````
|
|
|
|
The file lookup is the most basic lookup type.
|
|
|
|
Contents can be read off the filesystem as follows::
|
|
|
|
- hosts: all
|
|
vars:
|
|
contents: "{{ lookup('file', '/etc/foo.txt') }}"
|
|
tasks:
|
|
- debug: msg="the value of foo.txt is {{ contents }}"
|
|
|
|
The Password Lookup
|
|
```````````````````
|
|
|
|
``password`` generates a random plaintext password and store it in
|
|
a file at a given filepath. Support for crypted save modes (as with vars_prompt) is pending. If the
|
|
file exists previously, it will retrieve its contents, behaving just like with_file. Usage of variables like "{{ inventory_hostname }}" in the filepath can be used to set
|
|
up random passwords per host (what simplifies password management in 'host_vars' variables).
|
|
|
|
Generated passwords contain a random mix of upper and lowercase ASCII letters, the
|
|
numbers 0-9 and punctuation (". , : - _"). The default length of a generated password is 30 characters.
|
|
This length can be changed by passing an extra parameter::
|
|
|
|
---
|
|
- hosts: all
|
|
|
|
tasks:
|
|
|
|
# create a mysql user with a random password:
|
|
- mysql_user: name={{ client }}
|
|
password="{{ lookup('password', 'credentials/' + client + '/' + tier + '/' + role + '/mysqlpassword length=15') }}"
|
|
priv={{ client }}_{{ tier }}_{{ role }}.*:ALL
|
|
|
|
(...)
|
|
|
|
|
|
More Lookups
|
|
````````````
|
|
|
|
.. note:: This feature is very infrequently used in Ansible. You may wish to skip this section.
|
|
|
|
.. versionadded:: 0.8
|
|
|
|
Various *lookup plugins* allow additional ways to iterate over data. In `playbooks_loops` you will learn
|
|
how to use them to walk over collections of numerous types. However, they can also be used to pull in data
|
|
from remote sources, such as shell commands or even key value stores. This section will cover lookup
|
|
plugins in this capacity.
|
|
|
|
Here are some examples::
|
|
|
|
---
|
|
- hosts: all
|
|
|
|
tasks:
|
|
|
|
- debug: msg="{{ lookup('env','HOME') }} is an environment variable"
|
|
|
|
- debug: msg="{{ item }} is a line from the result of this command"
|
|
with_lines:
|
|
- cat /etc/motd
|
|
|
|
- debug: msg="{{ lookup('pipe','date') }} is the raw result of running this command"
|
|
|
|
- debug: msg="{{ lookup('redis_kv', 'redis://localhost:6379,somekey') }} is value in Redis for somekey"
|
|
|
|
- debug: msg="{{ lookup('dnstxt', 'example.com') }} is a DNS TXT record for example.com"
|
|
|
|
- debug: msg="{{ lookup('template', './some_template.j2') }} is a value from evaluation of this template"
|
|
|
|
As an alternative you can also assign lookup plugins to variables or use them
|
|
elsewhere. This macros are evaluated each time they are used in a task (or
|
|
template)::
|
|
|
|
vars:
|
|
motd_value: "{{ lookup('file', '/etc/motd') }}"
|
|
|
|
tasks:
|
|
- debug: msg="motd value is {{ motd_value }}"
|
|
|