A cheat sheet for Ansible, which covers common commands, modules, and best practices for managing and automating IT infrastructure:

1. Ansible Command Basics

• ansible <host-pattern> -m <module> -a "<arguments>": Run a module on target hosts.
• ansible-playbook <playbook.yml>: Run a playbook to perform tasks on target hosts.
• ansible-inventory --list: Displays the inventory and host groups.
• ansible-doc <module>: Shows documentation for a specific module.

2. Ansible Inventory

• Inventory File Syntax: Defines groups of hosts and variables.
• Dynamic Inventory: Use a script or plugin to dynamically generate the inventory.

3. Common Ansible Modules

• ping: Test connectivity to hosts.
• shell: Execute shell commands on remote hosts.
• command: Run a command on remote hosts (doesn't pass through a shell).
• copy: Copy files to remote hosts.
• yum: Manage packages with Yum.
• apt: Manage packages with APT.
• service: Manage services on remote hosts.
• user: Manage users on remote hosts.
• file: Manage file and directory attributes.

4. Ansible Playbook Structure

• YAML Format: Playbooks are written in YAML.
• Tasks: Define actions to be executed.
• Handlers: Trigger actions on state changes.
• Variables: Use variables to parameterize your playbooks.
• Roles: Group related tasks, handlers, variables, and files.

5. Ansible Vault

• Encrypting Files: Use Ansible Vault to encrypt sensitive data.
• Using Vault in Playbooks: Include encrypted variables in playbooks.

6. Ansible Ad-Hoc Commands

• Run Commands Across Hosts: Execute a quick task without a playbook.

7. Ansible Galaxy

• Role Management: Download reusable roles from Ansible Galaxy.Install a role: ansible-galaxy install geerlingguy.nginxList installed roles: ansible-galaxy listRemove a role: ansible-galaxy remove geerlingguy.nginx

8. Ansible Configuration

• Config File: Customize behavior via ansible.cfg.
• Environment Variables: Override settings using environment variables.

9. Best Practices

• Idempotency: Write playbooks that can be run multiple times without causing changes unless necessary.
• Use Roles: Organize playbooks into roles for reusability and maintainability.
• Version Control: Store playbooks and configuration in version control systems like Git.
• Error Handling: Use ignore_errors, failed_when, and when to manage errors and conditional execution.

Ansible provides a wide range of commands to manage and automate IT infrastructure. Below is a comprehensive list of Ansible commands along with brief descriptions:

Basic Ansible Commands

• ansible: Run ad-hoc commands against hosts.
• ansible-playbook: Execute playbooks containing a series of tasks.
• ansible-galaxy: Manage Ansible roles from the Ansible Galaxy repository.
• ansible-doc: Display documentation for Ansible modules.
• ansible-inventory: Display or manage inventory information.
• ansible-config: View or manage the configuration of Ansible.
• ansible-vault: Encrypt, decrypt, and manage sensitive data.
• ansible-pull: Pull playbooks from a VCS repository and apply them on the target machine.
• ansible-console: Start an interactive console for executing Ansible tasks.
• ansible-test: Run Ansible tests, typically used for testing Ansible itself.
• ansible-lint: Lint playbooks for best practices and potential issues (requires ansible-lint package).

Detailed Command Descriptions

1. ansible Command

• ansible <host-pattern> -m <module> -a "<arguments>": Run a module on specified hosts.Options:-i <inventory>: Specify inventory file or directory.-m <module>: Specify the module to use (e.g., ping, command, shell).-a "<arguments>": Pass arguments to the module.--become: Run operations with elevated privileges.-k: Prompt for SSH password.-K: Prompt for sudo password.-u <user>: Specify the remote user.Examples:ansible all -m pingansible web -m shell -a "uptime"

2. ansible-playbook Command

• ansible-playbook <playbook.yml>: Execute tasks defined in a playbook.Options:-i <inventory>: Specify inventory file or directory.--check: Perform a dry run without making any changes.--diff: Show differences when files are changed.--limit <host-pattern>: Limit execution to a subset of hosts.--tags <tags>: Run only tasks with specified tags.--skip-tags <tags>: Skip tasks with specified tags.--extra-vars "<key>=<value>": Pass extra variables to the playbook.Examples:ansible-playbook site.ymlansible-playbook site.yml --limit web

3. ansible-galaxy Command

• Role Management:ansible-galaxy install <role>: Install a role from Ansible Galaxy.ansible-galaxy remove <role>: Remove an installed role.ansible-galaxy list: List installed roles.ansible-galaxy init <role>: Create a new role skeleton.Examples:ansible-galaxy install geerlingguy.nginxansible-galaxy list

4. ansible-doc Command

• ansible-doc <module>: Show documentation for a specific module.Options:-s: Show a short description of the module.-l: List all available modules.--snippet: Show a snippet of the module usage.Examples:ansible-doc yumansible-doc -l

5. ansible-inventory Command

• Inventory Management:ansible-inventory --list: List all groups and hosts in the inventory.ansible-inventory --graph: Show the inventory graphically.ansible-inventory --host <hostname>: Display details about a specific host.ansible-inventory --export: Export the inventory in JSON format.ansible-inventory -i <inventory>: Specify a custom inventory file.Examples:ansible-inventory --list -i inventory.ymlansible-inventory --graph

6. ansible-config Command

• Configuration Management:ansible-config list: List all available configuration options.ansible-config dump: Show current configuration as it will be used.ansible-config view: View the content of the current configuration file.ansible-config init --disabled: Initialize a configuration file with all options disabled.Examples:ansible-config listansible-config view

7. ansible-vault Command

• Vault Management:ansible-vault create <file>: Create a new encrypted file.ansible-vault edit <file>: Edit an encrypted file.ansible-vault encrypt <file>: Encrypt an existing file.ansible-vault decrypt <file>: Decrypt a file.ansible-vault rekey <file>: Re-encrypt a file with a new password.--ask-vault-pass: Prompt for a vault password.Examples:ansible-vault encrypt secrets.ymlansible-vault decrypt secrets.yml

8. ansible-pull Command

• Pulling Playbooks:ansible-pull -U <repo>: Pull a playbook from a VCS repository and run it locally.Options:-d <directory>: Specify the directory to pull the repository into.-i <inventory>: Specify an inventory file.--checkout <branch>: Checkout a specific branch or tag.Examples:ansible-pull -U https://github.com/user/repo.gitansible-pull -U https://github.com/user/repo.git --checkout production

9. ansible-console Command

• Interactive Console:ansible-console: Start an interactive console for running Ansible tasks.Options:-i <inventory>: Specify an inventory file.-m <module>: Specify the default module to use.Examples:ansible-console -i inventory.ymlansible-console

10. ansible-test Command

• Testing Ansible:ansible-test sanity: Run sanity tests.ansible-test integration: Run integration tests.ansible-test unit: Run unit tests.ansible-test coverage: Generate test coverage reports.Examples:ansible-test sanityansible-test integration

11. ansible-lint Command

• Linting Playbooks:ansible-lint <playbook.yml>: Lint a playbook for best practices and potential issues.Options:-r <rulesdir>: Specify a custom rules directory.--exclude <path>: Exclude specific paths from linting.-v: Increase verbosity.Examples:ansible-lint site.ymlansible-lint --exclude roles/ site.yml

Other Notable Commands

• ansible-generate: Generate various files or templates for Ansible (available in Ansible Collections).
• ansible-bender: Build container images with Ansible playbooks.
• ansible-navigator: A TUI for running and exploring playbooks (used with execution environments).
• ansible-runner: Manage Ansible jobs programmatically (often used in CI/CD pipelines).

This list includes all core Ansible commands and commonly used options.