Lesson 2.3: Running Adhoc Commands


  • Adhoc commands are like individual commands.
  • Ansible Commands are called Ansible Modules
  • -m : module
  • -a : argument

Syntax of Ad-hoc Command

anisble < hostgroup > -m < ansible module > -a '< arguements >'

Basic Example using ping module

[devops@serverA playbooks]$ ansible all -m ping 192.168.208.103 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" } 192.168.208.104 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" } 192.168.208.102 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" }

Finding the right module name

Syntax: ansible-doc -l | grep < name >

[devops@serverA playbooks]$ ansible-doc -l | grep user | grep builtin ansible.builtin.user

Taking help

Syntax: ansible-doc help < module_name >

[devops@serverA playbooks]$ ansible-doc help ansible.builtin.user

Creating a user using ansible

  • --become : Become as root / sudo previllages
  • -u [user_name] : Running as which user. The user defined will run the command in the managed hosts from the specified user. If you do not provide the username then, it will use the current user of the system of control host in managed host.
  • Color Indication
    • Red - Failed / Command Failed.
    • Yellow - Changed / Really the command executed.
    • Green - Success / Has already performed this action previously.
# For all listed Managed Hosts [devops@serverA playbooks]$ ansible all -m ansible.builtin.user -a "name=david" -u devops --become # For only a group [devops@serverA playbooks]$ ansible testservers -m ansible.builtin.user -a 'name=testuser' --become

Another Method

  • Without using --become
  • Without using -u
# Modify the ansible.cfg file [devops@serverA playbooks]$ vim ansible.cfg [devops@serverA playbooks]$ cat ansible.cfg [defaults] inventory=/home/devops/playbooks/inventory remote_user=devops [privilege_escalation] become=true [devops@serverA playbooks]$ ansible testservers -m ansible.builtin.user -a 'name=testuser'

Idempotent Property: The actions that are already performed in a server, will not be executed. Shows green color output, with success status.

Removing a user

[devops@serverA playbooks]$ ansible testservers -m ansible.builtin.user -a 'name=testuser'

Modifying a user in all

# Modifying the uid of the user david [devops@serverA playbooks]$ ansible all -m ansible.builtin.user -a 'name=david uid=3001'

Deploying web page on Apache Web Server Using Ansible Ad-Hoc Commands

# Modified inventory file, with added webservers [devops@serverA playbooks]$ cat inventory [devservers] 192.168.208.102 [testservers] 192.168.208.103 [webservers] 192.168.208.104 [test:children] testservers [dev:children] devservers [web:children] webservers # Listing Hosts of Webservers [devops@serverA playbooks]$ ansible webservers --list-hosts hosts (1): 192.168.208.104 # Finding Out the Module for YUM in ansible [devops@serverA playbooks]$ ansible-doc -l | grep yum ansible.builtin.yum Manages packages with the... ansible.builtin.yum_repository Add or r... community.general.yum_versionlock Locks / unlocks a installed package(s) from being updated ... # View the examples of the ansible.builtin.yum module [devops@serverA playbooks]$ ansible-doc help ansible.builtin.yum # Install yum using ad-hoc command [devops@serverA playbooks]$ ansible webservers -m ansible.builtin.yum -a "name=httpd state=latest" 192.168.208.104 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": true, "msg": "", "rc": 0, "results": [ "Installed: httpd-tools-2.4.62-1.el9.aarch64", "Installed: centos-logos-httpd-90.8-1.el9.noarch", "Installed: apr-util-openssl-1.6.1-23.el9.aarch64", "Installed: mod_lua-2.4.62-1.el9.aarch64", "Installed: httpd-2.4.62-1.el9.aarch64", "Installed: httpd-core-2.4.62-1.el9.aarch64", "Installed: apr-1.7.0-12.el9.aarch64", "Installed: httpd-filesystem-2.4.62-1.el9.noarch", "Installed: mod_http2-2.0.26-2.el9.aarch64", "Installed: apr-util-1.6.1-23.el9.aarch64", "Installed: apr-util-bdb-1.6.1-23.el9.aarch64" ] } # Testing in the original Server ~ For Reference [devops@serverD ~]# rpm -q httpd package httpd is not installed [devops@serverD ~]$ rpm -q httpd httpd-2.4.62-1.el9.aarch64 # Start and Enable httpd service [devops@serverA playbooks]$ ansible webservers -m ansible.builtin.service -a 'name=httpd state=started' [devops@serverA playbooks]$ ansible webservers -m ansible.builtin.service -a 'name=httpd enabled=yes' # Testing in the original Server ~ For Reference # Before [devops@serverD ~]$ systemctl status httpd httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; preset: disabled) Active: inactive (dead) # After [devops@serverD ~]$ systemctl status httpd httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled) Active: active (running) since Fri 2024-10-25 09:55:09 +0545; 2min 9s ago # Adding firewall http [devops@serverA playbooks]$ ansible-doc -l | grep firewall [devops@serverA playbooks]$ ansible-doc help ansible.posix.firewalld # Testing in the Original Server ~ For Reference FIREWALLD [devops@serverD ~]$ sudo firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens160 sources: services: cockpit dhcpv6-client http ssh ports: protocols: forward: yes masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: # SCP index file [devops@serverA playbooks]$ cat index.html <h1>This is Ansible Deployed Website ! </h1> [devops@serverA playbooks]$ ansible webservers -m ansible.builtin.copy -a 'src=index.html dest=/var/www/html/ ' 192.168.208.104 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": true, "checksum": "5880f8b97b4dfd17ed95095308b88558010835ef", "dest": "/var/www/html/index.html", "gid": 0, "group": "root", "md5sum": "21d306eb3cb6580eee7b103b92971959", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:httpd_sys_content_t:s0", "size": 45, "src": "/home/devops/.ansible/tmp/ansible-tmp-1729830584.104643-22457-58708790527688/source", "state": "file", "uid": 0 } # Test in the Original Server ~ For Reference SCP # Before [devops@serverD html]$ pwd /var/www/html [devops@serverD html]$ ls [devops@serverD html]$ # After [devops@serverD html]$ ls index.html [devops@serverD html]$ cat index.html <h1>This is Ansible Deployed Website ! </h1>

Using Playbook

ansible.cfg index.html inventory webdeploy.yaml [devops@serverA playbooks]$ cat webdeploy.yaml - name: Playbook to deploy webpage using apache web server hosts: webservers tasks: - name: Install the latest version of Apache ansible.builtin.yum: name: httpd state: latest - name: Start service httpd, if not started ansible.builtin.service: name: httpd state: started enabled: yes - name: permit http traffic in the firewall ansible.posix.firewalld: service: http permanent: true state: enabled immediate: yes - name: copy index.html file ansible.builtin.copy: src: index.html dest: /var/www/html/index.html # Checking if syntax is correct [devops@serverA playbooks]$ ansible-playbook --syntax-check webdeploy.yaml playbook: webdeploy.yaml [devops@serverA playbooks]$ ansible-playbook webdeploy.yaml

Rrmoving

[devops@serverA playbooks]$ cat removewebdeploy.yaml - name: Playbook to remove deployed web page hosts: webservers tasks: - name: Un-Install the latest version of Apache ansible.builtin.yum: name: httpd state: absent - name: Stop service httpd, if not started ansible.builtin.service: name: httpd state: stopped enabled: no - name: Remove http traffic in the firewall ansible.posix.firewalld: service: http permanent: true state: disabled immediate: yes - name: remove index.html file ansible.builtin.file: path: /var/www/html/index.html state: absent [devops@serverA playbooks]$ ansible-playbook --syntax-check removewebdeploy.yaml playbook: removewebdeploy.yaml

Creating and Running an Ansible Ad-Hoc Command for Software Installation

As a system administrator, you need to install software on managed hosts using Ansible ad-hoc commands. This task involves creating a shell script (yum-repo.sh) that executes an Ansible ad-hoc command to set up YUM repositories on each managed node. Specifically, you must configure two repositories: BaseOS and AppStream.

[devops@ansible-server ansible]$ cat yum-repos.sh ansible all -m yum_repository -a 'file=external_repos name=BaseOS description="BaseOS Repo" baseurl=http://192.168.208.100/softwares/BaseOS gpgcheck=yes gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial enabled=yes state=present' ansible all -m yum_repository -a 'file=external_repos name=AppStream description="AppStream Repo" baseurl=http://192.168.208.100/softwares/AppStream gpgcheck=yes gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial enabled=yes state=present' [devops@ansible-server ansible]$ chmod +x yum-repos.sh [devops@ansible-server ansible]$ ./yum-repos.sh [devops@ansible-server ansible]$ ansible all -m command -a 'cat /etc/yum.repos.d/external_repos.repo' node1 | CHANGED | rc=0 >> [BaseOS] baseurl = http://192.168.208.100/softwares/BaseOS enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = BaseOS Repo [AppStream] baseurl = http://192.168.208.100/softwares/AppStream enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = AppStream Repo node3 | CHANGED | rc=0 >> [BaseOS] baseurl = http://192.168.208.100/softwares/BaseOS enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = BaseOS Repo [AppStream] baseurl = http://192.168.208.100/softwares/AppStream enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = AppStream Repo node4 | CHANGED | rc=0 >> [BaseOS] baseurl = http://192.168.208.100/softwares/BaseOS enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = BaseOS Repo [AppStream] baseurl = http://192.168.208.100/softwares/AppStream enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = AppStream Repo node2 | CHANGED | rc=0 >> [BaseOS] baseurl = http://192.168.208.100/softwares/BaseOS enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = BaseOS Repo [AppStream] baseurl = http://192.168.208.100/softwares/AppStream enabled = 1 gpgcheck = 1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial name = AppStream Repo
All systems normal

© 2025 2023 Sanjeeb KC. All rights reserved.