Generate a playbook

Infrastructure as Code Ansible
#1

how to generate a ansible playbook of how to edit configmap data which is in json format:

kind: ConfigMap
apiVersion: v1
metadata:
  name: worker-recovery-checks
  namespace: kube-system
data:
  checkpod.json: |
    {
      "Check":"KUBEAPI",
      "Resource":"POD",
      "namespace":"",
      "PodFailureThresholdPercent":0,
      "FailureThreshold":30,
      "CorrectiveAction":"RELOAD",
      "CooloffSeconds":900,
      "IntervalSeconds":30,
      "TimeoutSeconds":10,
      "Enabled":true
    }

like from above one i want to change data checkpod.json in which i want to put namespace how can i do through ansible playbook

#2

Hi @anu,

With ansible you can use replace module to do it :
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/replace_module.html

#3

@mmkmou thanks but how can we write a playbook, means i want to change in the configmap in which there is a some thing like below data string in configmap yaml file

data:
envoy-config-urlparam-private.json:

in between the value "timeout_ms": 120000, i need to change it to "timeout_ms": 600000,

how can i do this through ansible playbook could you please help me in that

#4

@mmkmou I am waiting for your reply

#5

@mumshadgmail can you please help me in that

#6

Hi @anu,

Sorry for the late response, you can use the following link to see how to create a playbook and Kubernetes modules on ansible but to replace content on existed file the previous module can help you.
Creating a playbook — Ansible Documentation
kubernetes.core.k8s module – Manage Kubernetes (K8s) objects — Ansible Documentation

If you’re new to ansible I recommend you go through the course to see how it’s works

#7

@mmkmou yes i already go to that course

Here is my problem is different there is configmap resource in open shift in which i need to change a value in which is part of data string in json could you please help in that,means to update configmap through ansible playbook

#8

Hi @anu,

Solution 1 :
As mentioned, you can use the k8s module to apply a new config map below an example. Each time you need to update the config map update your ansible playbook and run it

- name: "Change a field in the ConfigMap (this will be a PATCH request)"
  k8s:
    definition:
      <!-- new Config map yaml file -->

- name: "Change a field in the ConfigMap (this will be a PATCH request)"
  k8s:
    definition:
      kind: ConfigMap
      apiVersion: v1
      metadata:
        name: worker-recovery-checks
        namespace: kube-system
      data:
        checkpod.json: |
          {
            "Check":"KUBEAPI",
            "Resource":"POD",
            "namespace":"",
            "PodFailureThresholdPercent":0,
            "FailureThreshold":30,
            "CorrectiveAction":"RELOAD",
            "CooloffSeconds":900,
            "IntervalSeconds":30,
            "TimeoutSeconds":10,
            "Enabled":true
          }
      apply: yes
      server_side_apply:
         field_manager: ansible
         force_conflicts: true

Check this link to see how to configure the Kubernetes ansible module kubernetes.core.k8s module – Manage Kubernetes (K8s) objects — Ansible Documentation

Solution 2 :
If you have the config map definition file, you can just use the replace module to change the content or add content and command module to run kubectl command on the target system

- name: Update yaml file
  replace:
    path: /path/to/yaml/file
    regexp: 'Regex to search item to replace'
    replace: 'Replace content'

- name: Apply Config Map file 
  command:
      cmd: kubectl replace -f /path/to/yaml/file

Be sure that the target system can run kubectl and connect to the cluster

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/replace_module.html

#9

@mmkmou means
how write for this one:

oc get cm wmlenvoyconfig -n ibm-cpd -o yaml
apiVersion: v1
data:
envoy-config-urlparam-private.json: “{\n "listeners": [\n {\n "address":
"tcp://0.0.0.0:17600",\n "ssl_context": {\n "ca_cert_file":
"/etc/private_certs/envoycacert.pem",\n "cert_chain_file": "/etc/private_certs/cacertchain.pem",\n
\ "private_key_file": "/etc/private_certs/key.pem",\n "alpn_protocols":
"h2,http/1.1",\n "alt_alpn_protocols": "http/1.1"\n },\n "filters":
[\n {\n "type": "read",\n "name": "http_connection_manager",\n
\ "config": {\n "access_log": [\n {\n "format":
"[%START_TIME%] \"%REQ(X-FORWARDED-FOR)%\" - \"%REQ(USER-AGENT)%\" \"%REQ(:METHOD)%
%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %BYTES_RECEIVED%
%BYTES_SENT% x-request-id = \"%REQ(X-REQUEST-ID)%\" x-global-transaction-id
= \"%REQ(X-GLOBAL-TRANSACTION-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\"
\"%UPSTREAM_CLUSTER%\" rt=\"%DURATION%\" uct=\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\"
\n",\n "path": "/dev/stdout"\n }],\n "generate_request_id":
true,\n "codec_type": "auto",\n "idle_timeout_s":
120,\n "stat_prefix": "ingress_http",\n "route_config":
{\n "virtual_hosts": [\n {\n "name":
"service",\n "domains": [""],\n "require_ssl":
"all",\n "routes": [\n {\n "timeout_ms":
120000,\n "retry_policy": {\n "retry_on":
"gateway-error,connect-failure",\n "num_retries":
120\n },\n \t\t "prefix": "/",\n \t\t
\ "cluster_header" : "v4-deployment-id"\n }\n ]\n
\ }\n ]\n },\n "filters": [\n
\ {\n "type": "decoder",\n "name":
"router",\n "config": {}\n }\n ]\n
\ }\n }\n ]\n }\n ],\n "admin": {\n "access_log_path":
"/dev/stdout",\n "address": "tcp://0.0.0.0:8001"\n },\n "cluster_manager":
{\n "clusters": [\n ],\n "sds": {\n "cluster": {\n "name":
"sds",\n "connect_timeout_ms": 120000,\n "type": "strict_dns",\n
\ "lb_type": "round_robin",\n "hosts": [\n {\n "url":
"tcp://localhost:8081"\n }\n ]\n },\n "refresh_delay_ms":
1000\n },\n "cds": {\n "cluster": {\n "name": "cds",\n
\ "connect_timeout_ms": 120000,\n "type": "strict_dns",\n "lb_type":
"round_robin",\n "hosts": [\n {\n "url": "tcp://localhost:8081"\n
\ }\n ]\n },\n "refresh_delay_ms": 100\n },\n "outlier_detection":
{\n "event_log_path": "/dev/stdout"\n }\n }\n}\n"
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: '{“apiVersion”:“v1”,“data”:{“envoy-config-urlparam-private.json”:"{\n "listeners":
[\n {\n "address": "tcp://0.0.0.0:17600",\n "ssl_context":
{\n "ca_cert_file": "/etc/private_certs/envoycacert.pem",\n "cert_chain_file":
"/etc/private_certs/cacertchain.pem",\n "private_key_file": "/etc/private_certs/key.pem",\n "alpn_protocols":
"h2,http/1.1",\n "alt_alpn_protocols": "http/1.1"\n },\n "filters":
[\n {\n "type": "read",\n "name": "http_connection_manager",\n "config":
{\n "access_log": [\n {\n "format":
"[%START_TIME%] \"%REQ(X-FORWARDED-FOR)%\" - \"%REQ(USER-AGENT)%\" \"%REQ(:METHOD)%
%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %BYTES_RECEIVED%
%BYTES_SENT% x-request-id = \"%REQ(X-REQUEST-ID)%\" x-global-transaction-id
= \"%REQ(X-GLOBAL-TRANSACTION-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\"
\"%UPSTREAM_CLUSTER%\" rt=\"%DURATION%\" uct=\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\"
\n",\n "path": "/dev/stdout"\n }],\n "generate_request_id":
true,\n "codec_type": "auto",\n "idle_timeout_s":
120,\n "stat_prefix": "ingress_http",\n "route_config":
{\n "virtual_hosts": [\n {\n "name":
"service",\n "domains": [""],\n "require_ssl":
"all",\n "routes": [\n {\n "timeout_ms":
120000,\n "retry_policy": {\n "retry_on":
"gateway-error,connect-failure",\n "num_retries":
120\n },\n \t\t "prefix": "/",\n \t\t "cluster_header"
: "v4-deployment-id"\n }\n ]\n }\n ]\n },\n "filters":
[\n {\n "type": "decoder",\n "name":
"router",\n "config": {}\n }\n ]\n }\n }\n ]\n }\n ],\n "admin":
{\n "access_log_path": "/dev/stdout",\n "address": "tcp://0.0.0.0:8001"\n },\n "cluster_manager":
{\n "clusters": [\n ],\n "sds": {\n "cluster": {\n "name":
"sds",\n "connect_timeout_ms": 120000,\n "type": "strict_dns",\n "lb_type":
"round_robin",\n "hosts": [\n {\n "url": "tcp://localhost:8081"\n }\n ]\n },\n "refresh_delay_ms":
1000\n },\n "cds": {\n "cluster": {\n "name": "cds",\n "connect_timeout_ms":
120000,\n "type": "strict_dns",\n "lb_type": "round_robin",\n "hosts":
[\n {\n "url": "tcp://localhost:8081"\n }\n ]\n },\n "refresh_delay_ms":
100\n },\n "outlier_detection": {\n "event_log_path": "/dev/stdout"\n }\n }\n}\n”},“kind”:“ConfigMap”,“metadata”:{“labels”:{“app”:“wml-deployment-envoy”,“app.kubernetes.io/instance":“ibm-wml-cpd”,“app.kubernetes.io/managed-by”:“ansible”,“app.kubernetes.io/name”:“ibm-wml-cpd”},“name”:“wmlenvoyconfig”,“namespace”:“ibm-cpd”,“ownerReferences”:[{“apiVersion”:“wml.cpd.ibm.com/v1beta1”,“kind”:“WmlBase”,“name”:“wml-cr”,“uid”:"9180835e-660a-4106-9f22-7cf8b6738bbf”}]}}’
creationTimestamp: “2022-09-18T19:15:04Z”
labels:
app: wml-deployment-envoy
app.kubernetes.io/instance: ibm-wml-cpd
app.kubernetes.io/managed-by: ansible
app.kubernetes.io/name: ibm-wml-cpd
name: wmlenvoyconfig
namespace: ibm-cpd
ownerReferences:

  • apiVersion: wml.cpd.ibm.com/v1beta1
    kind: WmlBase
    name: wml-cr
    uid: 9180835e-660a-4106-9f22-7cf8b6738bbf
    resourceVersion: “14573747”
    uid: 897e867b-bcbf-49e5-9402-a9c34258e12e

in this above one i need to change means like there data string in which you see "timeout_ms":
120000 that value i need to change it to 600000 and using your solution1 is that possible and restart configmap through ansible playbook

#10

@mmkmou through your solution 1 i want to change

#11

actually this one is complex i had no clue how to start it

#12

@mmkmou please let me know,how can i do this,I am waiting for your response

#13

i cannot put data:
envoy-config-urlparam-private.json: whole data string in ansible ,this could be possible but not good aproach because this data string will vary cluster to cluster so please help me how can i just change value only timeout_ms 600000

#14

@mumshadgmail could you please help me in that