EX294 Red Hat Certified Engineer RHCE – Ansible Plays and Playbooks, Conditional Execution
1. Introduction
Hello, welcome to section one ansible plays and playbooks and conditional playbook execution. In this section we will mainly focus on Ginger two filters, ginger two conditional statements and loops. After having understanding of all these topics, we’ll create playbooks using Ginger two filters and Jinja two statements. This section is very important from exam point of view. I would say every section in this course is very important from exam point of view. But this section is a bit more tricky. Here is list of objectives we are going to cover in this section. Know how to work with commonly used ansible modules. In last section we had good understanding how we can use ansible modules in player books and in ad hoc commands. Here we’ll discuss more on these topics.
Use variables to retrieve the results of running a command. We’ll discuss about ansible variables ansible facts in more details here use conditionals to control play execution. This is very important. We will be using different Ginger two conditional statements to control the playbook execution. Configure error handling. So here I would give you an example. In case we try to display some ansible facts variable which does not exist, ansible will report some error. So here by using error handling, we can print some default value instead of error. For this, we will be using Ginger to filter. I will explain more on this during this section. Create playbooks to configure systems to a specified state. Again, this is same thing. We will be creating many playbooks to configure systems to some specified and state. This is all about section introduction let’s move ahead with the first lecture of this section where we will be discussing about Ginger two templating language and Ginger two filters.
2. Understanding Jinja2 templating and Jinja2 Filters
Hello, welcome to this lecture. In this lecture we will discuss about Ginger two filters. While talking about ansible variables and ansible facts variables, we already used Ginger two templating language to form expressions to refer and access variables in playbooks, we use used this expression multiple times to access and refer variables and unsubtle fax variables. Also, we used Ginger to filter password underscore hash to encrypt passwords. So here I’m just giving one example. You need to use algorithm according to your requirement. Now here in this lecture, we’ll discuss more about Ginger to filters. So here one important thing.
Templating always happens on ansible controller before task is sent and executed on target machine. This means the expressions we use in the playbook are evaluated on the controller itself. And only values are sent to target node and task is executed. This minimize the requirement of Ginger two on the remote nodes means Ginger two is needed only on the controller node. Now, let’s move ahead to discuss about more Ginger two filters here on this slide. First category of Ginger two filters are filters to format data. Using Ginger to filter, we can format data from one data structure to other. For example from JSON to YAML. Here is one example. We know by using ansible underscore facts variable with Ginger to expression, we can display facts about remote node, but by default facts will be displayed in JSON format.
But in this example, we are passing output of this variable to Ginger to filter to underscore YAML so that facts will be displayed in YAML format. For human readable output, we can use to underscore noise underscore YAML ginger two filter. I will explain how these filters work when we move to system. Now, next type of filter is defaulting undefined variable. This is most important filter for the exam. Using this filter, we can print default value for some variable which does not exist. Ginger two provides default filter for this purpose. So, this is filter name. For example, if we try to display size of some partition which does not exist, it will give some error, ansible will give some error. Using default filter, we can display some default value like does not exist or not applicable. So by using this filter, we can configure error handling. So instead of throwing some error, Ginger two will display some default value. Here is one example. We know about this expression.
We already used this expression to display size of partition. Here I’m using same expression, but I’m taking partition number twelve. We know this partition does not exist. If I will display this variable without using this filter, ansible will give error. But by using default filter, I can print this message bloke device does not exist. Here you must keep in mind, you are typing correct syntax for default filter default. Then in the brackets string you want to display enclosed in single quotation marks. It will be more clear when we will do this practically on the system here on this slide. Next category of filters are list filters. Filters which can be used with lists or list of item. First filter on the list is Min to get minimum value of list of items. Here is one example showing users of this filter. We need to provide one list or list of items as input to this filter.
So this expression will evaluate to the minimum value of list item amongst all list item. I will use this example to explain this on the system. In similar way, to get maximum value, we can use max filter. So this expression will evaluate to value five. We’ll verify by displaying this variable to get unique set from a list, we can use unique filter. So what will happen here? It will remove duplicated entries for example two and three, which are present two times in the list. They will be displayed only once. There are many more Ginger two filters, but for the exam we don’t need to know all about them. Most important filter is default filter which we will use for error handling, which is also on the list of objectives of RSCE exam. Now let’s move to ansible control node and understand how all these filters work. Now we are on ansible control node and I am logged in as ansible user.
We are already inside Tasks directory. Now I will create one playbook to explain working off different Ginger to filters. First of all, we’ll discuss Ginger two filter. To format data, I will create playbook with name Ginger two filter YML. You can use any name. I will set target as m host one. We can set any host as target, because we just need to understand the concept. Here I will set become too true to make sure all facts are gathered. Although this is not necessary here.
So here this is important. We must set gather underscore Facts to true. Although this is default in the config file, still I will prefer to mention it here in the playbook. Then in the Tasks section will define our task. I will provide some description here displaying facts. Then here we’ll use debug module to display as simple facts of node m host one. We know what we need to do. We’ll use MSG Directive. And here we need to specify expression to access ansible facts. This is all we need to do. I’m not using any filter here.
Later on I will modify this. We’ll execute this playbook task. Gathering facts. So here we have facts in the JSON format. By default, facts are displayed in JSON format. Now we’ll use Ginger to filter to format the facts in YAML format. I will open this file again. And here I will use filter to underscore YAML. We need to pass the output of this variable to this filter. This is all we need to do. Again, I will execute this playbook. This time output will be displayed in YAML format. So this is YAML format. I know this is not very clear. Here you can see and of line character for each variable but they are not shown in different lines. We’ll discuss more on this. While discussing template module we’ll also learn how we can nicely format ansible facts. Now I will clear this. Now here we’ll use other filter to underscore noise underscore YAML again we’ll execute playbook. Again we have output in YAML format but this is really not readable. I will come to this later on. For now you just need to keep in mind how we can use Ginger to filter to format the data from one data structure to another.
Now next we’ll discuss about example of defaulting undefined variable. I will use same playbook. Here we need to provide expression to display size of partition number twelve we know how to form expression ansible underscore Facts. Then here using bracket notation will specify device which is next level dictionary below and sibal underscore Facts. Then here we specify device which is SGA. Then further under device partitions then further partition number. We are using partition number twelve. Then here in the last we’ll use key to display size of this partition. But we know this partition does not exist. So unsafe will give some error. I will just change description as well. Displaying size of partition here become must be set to true.
Because we need to display size of partition also gather underscore facts must be set to true because we are using ansible facts in this task. Now I will save and exit. We’ll execute this playbook ansible playbook playbook name. So here we have error as expected because we knew partition sta twelve does not exist. Same situation can happen on the exam as well. In our lab setup all our managed nodes have similar disk configurations. But on the exam this might not be true. Some managed nodes might have three partitions and others can have four partitions. So in case you will be trying to display size of partition number four. So it will throw error for the nodes which don’t have this partition. In those cases this filter will be very useful. You can print default value for those nodes. Now again I will open the playbook in editing mode and here we’ll add default filter.
We know what we need to do default then in the brackets will provide string to be displayed enclosed in single quotation marks. So here you need to provide the string according to exam requirements. Now again we’ll execute this playbook gathering facts. Now this time we have message Bloke device does not exist. This is more nicer than to have error. So in this way we can configure error handling. Now I will clear the screen. Now I’ll move ahead to discuss about list filters. Again I will use same playbook. We’ll just modify this to discuss about lift filters. We don’t really need become set to true, I will just remove it. Also we don’t need to gather facts. I will set this to folds to save some time in gathering facts. Also I will change the description displaying minimum list item value. And here I will remove all this and we know what we need to do. I will provide one list as input.
One space two, two again three, three again four, five. Then here we’ll use pi, specify filter to be used. So here I’m using same list as I showed you in the example. I will save it. Now we’ll execute this playbook, we know what should be the result. We have value one in the output. As expected, we will again open this. And here instead of min I will specify max. And here I will change description as well. Again we’ll execute this playbook. Now we have value five, which is a maximum value of list item amongst all list items. Now last we’ll use unique filter. Again I will change the description displaying unique set. So here we have duplicated entries removed from the list. This is all about Ginger Two filters. In case you need to know more about Ginger two filters, I would suggest to check ansible documentation. Here on this page you can get more information about Ginger Two templating. Also you can check more about Ginger two filters. There are many types of filters. Filters for formatting data. We already discussed about them. Just go through them, you will find more examples. Here defaulting undefined variables. We also discussed about this filter, which is important for the exam. You can check for more examples. Then we have list filters and so on. Just go through them. This is all about this lecture. In next lecture we’ll discuss about Jinja Two.
3. Understanding Jinja2 Template Conditional Statement: when
Hello, welcome to this lecture. In this lecture we will discuss about ginger two template conditional statements. So first statement we are going to discuss about the when statement we can use when close when we need to skip a particular host for some task. For example where we need to install some package on some nodes and we want to skip some others. We can do this using when statement using row ginger two expression without curly braces while discussing about ansible sex I told you we will be using different expressions in conditional playbook execution. Here I would like to add we can use row ginger to expression with when statement without curly braces. Here in this example you can see we are not using curly braces around this variable.
So make sure whenever you are using when condition don’t use curly braces and double quotation marks around them. We simply need to provide expression. Now let’s move back on this example. This example is to display some variable on mhstone and skip for all others. So here in the targets I’m setting all target is all managed nodes. Here we must set gather underscore facts to true which is of course by default as per setting in config file. However, I always prefer to mention this in the playbook we will be needing facts for this task. Here we don’t need to set become to true because we simply need to display Sqdn which is possible without per village escalation or I will say which can be displayed as normal user as well. Then in the tasks section will define our task using name using dash space name will provide some description displaying variable we’ll use debug module then using MSG will provide expression to display FQDN of the host or I will say fully qualified domain name for the host. But here we have when condition here one important thing to keep in mind level of indentation of when and module must be same. This is important when colon space.
Then here we need to provide row ginger two expression without curly brackets and also without quotation marks. Then here we need to use double sign of equal to for equality. Here we are setting this condition to match m host one which must be enclosed in double quotation marks. So what will happen when this playbook will be executed? Facts will be gathered for all manage nodes. Then ansible will check facts of all remote nodes and will match this condition. We know this condition will be true only for Mhost one. So this task will be executed only for m host one. Restaurant will be skipped so FQDN of m host one will be displayed. Here we have one more example. Here we are specifying multiple conditions that need to be true for task execution.
So where everything is same just I’m adding one more condition ensible underscore facts then in the brackets OS underscore family enclosed inside single quotation marks I’m setting this condition to match Red Hat. We know for all our managed nodes, OS family is Red Hat. So this condition is true for all managed nodes. But this condition can be true only for M host one, and this task will be executed on the nodes for them both these conditions must be true. But these two conditions can be true only in case of M host one. So effectively this task will be executed only on M host one. Here you might have noticed, I’m using list items to specify different conditions for logical and we can also use and between two conditions. I will explain this while we’ll practice this on ancient control node. Then we have example using logical ore. Again here everything is same. But here one condition needs to be true for the task to be executed on a particular host. Hereby, using or keyword, I’m adding one more condition, ansible underscore facts. Then in the brackets distribution underscore major underscore version enclosed in single quotation mark, we know we are using major version eight, because all our managed nodes are sent to us eight nodes.
So this condition is false for all managed nodes. But this condition is true for M host one. So effectively this task will be executed only on M host one. So what will happen if we change this to eight? Then this condition will become true for all manage nodes. But still this condition will be true only four M host one. But we have logical or. We need only one condition need to be true for the execution. Because this will be true for all manage nodes. In case we’ll set this to eight. So task will be executed on all managed nodes. In that case, here we have last example combining logical and and logical over again everything is same. Here I am combining two conditions using and keyword between them and these two conditions are enclosed in the brackets. Then here I’m using or and providing one more expression containing two conditions using logical and.
So in this case, one of these two expressions must be true for task execution on a particular node. We know this condition or this expression will be true for M host one. Now, coming to this expression, so we know this first condition is true only for M host two, and this condition is false four role managed nodes. Because we are not using major version S seven. So this will be false. So this expression will evaluate two Foals. So based on this expression, this task will be executed only on M host one, for which both these conditions are true. So what will happen if I will change this to eight? In that case, this task will be executed on M host one as well as on m host two. Because this expression will also evaluate to true in that case. Now let’s move to the NCBL control node and practice all these examples on the system. Now we are on ansible control node and I am logged in as ansible user. We are already inside Tasks directory where our nsible config file is present. Now to understand working of when condition, I will create one playbook with name vendor YML. Here I will set target as all manage nodes. Here we must set gather underscore facts to true.
We don’t need to set become to true for this task. In the Tasks section will define our task. I will provide some description. Here displaying variable. Then we know here we need to use debug module according to our example. Here using MSG directive will provide expression to display scrudion of the host. We know which expression to use ansible underscore facts. And here using bracket notation, I will specify FQDN enclosed inside single quotation mark. This is all we need to do now. Here we need to specify when condition. Now I will specify condition which must be met ensible underscore facts in the scale bracket hostname enclosed in single quotation marks. Then double sign of equal to this is very important. I will set this to m host one enclosed in double quotation marks. Again this is important. This is all we need to do to verify working of when condition for first example. So in this case we know this task will be executed only for Most one.
Because this condition is true or can be true only for Mhost one, I will save and quit. Now we’ll execute this playbook. So here we can see task is executed only for m host one for which this when condition is true and Sqdn is displayed rest all nodes are skipped. Now I will move to temp directory where we saved our ensuite config file. For reference, I will search for display. So here we can see this directive which is by default true. By default ansible playbook will display skipping host. That’s why we see skipped host. If you will set this directive to force, you will not see skipping host. But I prefer skipping host must be displayed. Again, I will search for color. Here we have colors section.
So for the skipped host so output will be shown in this color. This is not really important, but I just wanted to tell you something extra. Now we’ll exit. From here we’ll move back to Tasks directory. Now we’ll move to next one example where we will combine two conditions using logical and firstly I will use and keyword between two conditions that need to be true. Here I will specify second condition. Ansible underscore facts that are in the brackets OS underscore family enclosed in single quotation marks space double sign of equal to. Then here in double quotation marks I will specify Redhead. Now this task will be executed on the nodes for which both these conditions will be true. We know this condition can be true only for Mhost one. This is unique to Mhost one.
But this is common variable and this is same for all nodes. OS family for all our remote nodes is Redhead. But we have and between two conditions. So effectively it will be executed only for m host one. I will save and again we’ll execute this playbook. So here we can see task is executed only for m host one. I will clear the screen. I will open this file. I will make one change. Here I will specify send us here. Now what will happen. These two conditions cannot be true for any of manage node. So it means this task will be skipped for all manage nodes. I will save.
And again we’ll execute this playbook. So here we can see task is skipped for all managed nodes. As expected. Now I will clear the screen. Here I will specify these two conditions as list items. As we discussed in our example, effect will be same. But this is just to understand. We can specify and conditions in two ways. Using and keyword or defining different conditions and list items. This will also work perfectly. Fine. We’ll again execute this playbook. We have same results. This is just to show you.
We can specify and conditions in two different ways. Now we will clear the screen. Now we’ll move to our next example where we’ll use two conditions using logical or. One condition needs to be true for task execution on manage node. I will open this playbook, I will remove all this. I will align this. And here I will use or keyword. And here we specify our second condition. Ansible underscore facts distribution major version enclosed in single quotation marks. Then space double sign of equal to. And here I will specify seven. This is all we need to do. So this task will be executed on the managed nodes. For which one of these two conditions will be true? We know this condition is always true for m host one. So for sure this task will be executed on m host one. This second condition is no true for any of managed nodes. So effectively this task will be executed only on m host one. I will save and quit will execute this playbook. It takes some time because facts need to be gathered.
So here we can see task is executed only for m host one. For which one of these two conditions is true? I will clear the screen. I will make one change here instead of seven, I will provide here value eight. Now we know this condition is true for all managed nodes. And this condition is true only for m host one. But there is logical or one condition needs to be true for the task execution on a particular host. So this condition is true for all managed nodes. So it means task will be executed on all managed nodes. I will save and quit. Again we’ll execute this playbook. It’s taking some time. So here we can see this task is executed on all manage nodes as expected. Now I will clear the screen. Now we’ll move to our last example. Where we combined multiple conditions using logical ore and logical. And I will open the playbook. And here I will make changes according to example.
I will just copy this. And here I will paste this. Now I will modify this according to example. It’s done. Now we have two expressions using or. Each expression is a combination of two and statements. So for this task execution, one of these two expressions must be true for the node. We know this expression is true for Mhost one. Because we are using major version as eight.
And hostname for mhstone is m host one. So both conditions are true. So this means this task will be executed at least one M host one. Now, moving to the second expression, we know this condition is not true for any of managed nodes. So this expression will evaluate to folds. So effectively, this playbook task will be executed only on M host one. I will save and we’ll execute this playbook. It’s in progress. Gathering facts. So this playbook task is executed only on M host one.
This is as expected. Now I will open this file again. I will just make one change. In the second expression, I will change this value to eight. So now both conditions are true. This expression is true for M host one. And this expression is true for m host two. So now this playbook task will be executed on both M host one and m host two. I will save and quit again, I will execute this playbook. So here we can see task is executed on both m host one and Mhost two. This is all about when condition. In next lecture we’ll.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »