1.. _using_galaxy: 2.. _ansible_galaxy: 3 4***************** 5Galaxy User Guide 6***************** 7 8:dfn:`Ansible Galaxy` refers to the `Galaxy <https://galaxy.ansible.com>`_ website, a free site for finding, downloading, and sharing community developed roles. 9 10Use Galaxy to jump-start your automation project with great content from the Ansible community. Galaxy provides pre-packaged units of work such as `roles <playbooks_reuse_roles>`_, and new in Galaxy 3.2, `collections <collections>`_. 11You can find roles for provisioning infrastructure, deploying applications, and all of the tasks you do everyday. The collection format provides a comprehensive package of automation that may include multiple playbooks, roles, modules, and plugins. 12 13.. contents:: 14 :local: 15 :depth: 2 16.. _finding_galaxy_collections: 17 18Finding collections on Galaxy 19============================= 20 21To find collections on Galaxy: 22 23#. Click the :guilabel:`Search` icon in the left-hand navigation. 24#. Set the filter to *collection*. 25#. Set other filters and press :guilabel:`enter`. 26 27Galaxy presents a list of collections that match your search criteria. 28 29.. _installing_galaxy_collections: 30 31 32Installing collections 33====================== 34 35 36Installing a collection from Galaxy 37----------------------------------- 38 39.. include:: ../shared_snippets/installing_collections.txt 40 41.. _installing_ah_collection: 42 43Downloading a collection from Automation Hub 44---------------------------------------------------- 45 46To download a collection from Automation Hub with the ``ansible-galaxy`` command: 47 481. Get your Automation Hub API token. Go to https://cloud.redhat.com/ansible/automation-hub/token/ and click :guilabel:`Get API token` from the version dropdown to copy your API token. 492. Configure Red Hat Automation Hub server in the ``server_list`` option under the ``[galaxy]`` section in your :file:`ansible.cfg` file. 50 51 .. code-block:: ini 52 53 [galaxy] 54 server_list = automation_hub 55 56 [galaxy_server.automation_hub] 57 url=https://cloud.redhat.com/api/automation-hub/ 58 auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token 59 token=my_ah_token 60 613. Download the collection hosted in Automation Hub. 62 63 .. code-block:: bash 64 65 ansible-galaxy collection install my_namespace.my_collection 66 67.. seealso:: 68 `Getting started with Automation Hub <https://www.ansible.com/blog/getting-started-with-ansible-hub>`_ 69 An introduction to Automation Hub 70 71Installing an older version of a collection 72------------------------------------------- 73 74.. include:: ../shared_snippets/installing_older_collection.txt 75 76Install multiple collections with a requirements file 77----------------------------------------------------- 78 79.. include:: ../shared_snippets/installing_multiple_collections.txt 80 81 82Configuring the ``ansible-galaxy`` client 83------------------------------------------ 84 85.. include:: ../shared_snippets/galaxy_server_list.txt 86 87.. _finding_galaxy_roles: 88 89Finding roles on Galaxy 90======================= 91 92Search the Galaxy database by tags, platforms, author and multiple keywords. For example: 93 94.. code-block:: bash 95 96 $ ansible-galaxy search elasticsearch --author geerlingguy 97 98The search command will return a list of the first 1000 results matching your search: 99 100.. code-block:: text 101 102 Found 2 roles matching your search: 103 104 Name Description 105 ---- ----------- 106 geerlingguy.elasticsearch Elasticsearch for Linux. 107 geerlingguy.elasticsearch-curator Elasticsearch curator for Linux. 108 109 110Get more information about a role 111--------------------------------- 112 113Use the ``info`` command to view more detail about a specific role: 114 115.. code-block:: bash 116 117 $ ansible-galaxy info username.role_name 118 119This returns everything found in Galaxy for the role: 120 121.. code-block:: text 122 123 Role: username.role_name 124 description: Installs and configures a thing, a distributed, highly available NoSQL thing. 125 active: True 126 commit: c01947b7bc89ebc0b8a2e298b87ab416aed9dd57 127 commit_message: Adding travis 128 commit_url: https://github.com/username/repo_name/commit/c01947b7bc89ebc0b8a2e298b87ab 129 company: My Company, Inc. 130 created: 2015-12-08T14:17:52.773Z 131 download_count: 1 132 forks_count: 0 133 github_branch: 134 github_repo: repo_name 135 github_user: username 136 id: 6381 137 is_valid: True 138 issue_tracker_url: 139 license: Apache 140 min_ansible_version: 1.4 141 modified: 2015-12-08T18:43:49.085Z 142 namespace: username 143 open_issues_count: 0 144 path: /Users/username/projects/roles 145 scm: None 146 src: username.repo_name 147 stargazers_count: 0 148 travis_status_url: https://travis-ci.org/username/repo_name.svg?branch=master 149 version: 150 watchers_count: 1 151 152 153.. _installing_galaxy_roles: 154 155Installing roles from Galaxy 156============================ 157 158The ``ansible-galaxy`` command comes bundled with Ansible, and you can use it to install roles from Galaxy or directly from a git based SCM. You can 159also use it to create a new role, remove roles, or perform tasks on the Galaxy website. 160 161The command line tool by default communicates with the Galaxy website API using the server address *https://galaxy.ansible.com*. Since the `Galaxy project <https://github.com/ansible/galaxy>`_ 162is an open source project, you may be running your own internal Galaxy server and wish to override the default server address. You can do this using the *--server* option 163or by setting the Galaxy server value in your *ansible.cfg* file. For information on setting the value in *ansible.cfg* see :ref:`galaxy_server`. 164 165 166Installing roles 167---------------- 168 169Use the ``ansible-galaxy`` command to download roles from the `Galaxy website <https://galaxy.ansible.com>`_ 170 171.. code-block:: bash 172 173 $ ansible-galaxy install namespace.role_name 174 175Setting where to install roles 176^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 177 178By default, Ansible downloads roles to the first writable directory in the default list of paths ``~/.ansible/roles:/usr/local/share/py38-ansible/roles:/usr/local/etc/ansible/roles``. This installs roles in the home directory of the user running ``ansible-galaxy``. 179 180You can override this with one of the following options: 181 182* Set the environment variable :envvar:`ANSIBLE_ROLES_PATH` in your session. 183* Define ``roles_path`` in an ``ansible.cfg`` file. 184* Use the ``--roles-path`` option for the ``ansible-galaxy`` command. 185 186The following provides an example of using ``--roles-path`` to install the role into the current working directory: 187 188.. code-block:: bash 189 190 $ ansible-galaxy install --roles-path . geerlingguy.apache 191 192.. seealso:: 193 194 :ref:`intro_configuration` 195 All about configuration files 196 197Installing a specific version of a role 198--------------------------------------- 199 200When the Galaxy server imports a role, it imports any git tags matching the Semantic Version format as versions. In turn, you can download a specific version of a role by specifying one of the imported tags. 201 202To see the available versions for a role: 203 204#. Locate the role on the Galaxy search page. 205#. Click on the name to view more details, including the available versions. 206 207You can also navigate directly to the role using the /<namespace>/<role name>. For example, to view the role geerlingguy.apache, go to `<https://galaxy.ansible.com/geerlingguy/apache>`_. 208 209To install a specific version of a role from Galaxy, append a comma and the value of a GitHub release tag. For example: 210 211.. code-block:: bash 212 213 $ ansible-galaxy install geerlingguy.apache,v1.0.0 214 215It is also possible to point directly to the git repository and specify a branch name or commit hash as the version. For example, the following will 216install a specific commit: 217 218.. code-block:: bash 219 220 $ ansible-galaxy install git+https://github.com/geerlingguy/ansible-role-apache.git,0b7cd353c0250e87a26e0499e59e7fd265cc2f25 221 222Installing multiple roles from a file 223------------------------------------- 224 225You can install multiple roles by including the roles in a :file:`requirements.yml` file. The format of the file is YAML, and the 226file extension must be either *.yml* or *.yaml*. 227 228Use the following command to install roles included in :file:`requirements.yml:` 229 230.. code-block:: bash 231 232 $ ansible-galaxy install -r requirements.yml 233 234Again, the extension is important. If the *.yml* extension is left off, the ``ansible-galaxy`` CLI assumes the file is in an older, now deprecated, 235"basic" format. 236 237Each role in the file will have one or more of the following attributes: 238 239 src 240 The source of the role. Use the format *namespace.role_name*, if downloading from Galaxy; otherwise, provide a URL pointing 241 to a repository within a git based SCM. See the examples below. This is a required attribute. 242 scm 243 Specify the SCM. As of this writing only *git* or *hg* are allowed. See the examples below. Defaults to *git*. 244 version: 245 The version of the role to download. Provide a release tag value, commit hash, or branch name. Defaults to the branch set as a default in the repository, otherwise defaults to the *master*. 246 name: 247 Download the role to a specific name. Defaults to the Galaxy name when downloading from Galaxy, otherwise it defaults 248 to the name of the repository. 249 250Use the following example as a guide for specifying roles in *requirements.yml*: 251 252.. code-block:: yaml 253 254 # from galaxy 255 - name: yatesr.timezone 256 257 # from GitHub 258 - src: https://github.com/bennojoy/nginx 259 260 # from GitHub, overriding the name and specifying a specific tag 261 - name: nginx_role 262 src: https://github.com/bennojoy/nginx 263 version: master 264 265 # from a webserver, where the role is packaged in a tar.gz 266 - name: http-role-gz 267 src: https://some.webserver.example.com/files/master.tar.gz 268 269 # from a webserver, where the role is packaged in a tar.bz2 270 - name: http-role-bz2 271 src: https://some.webserver.example.com/files/master.tar.bz2 272 273 # from a webserver, where the role is packaged in a tar.xz (Python 3.x only) 274 - name: http-role-xz 275 src: https://some.webserver.example.com/files/master.tar.xz 276 277 # from Bitbucket 278 - src: git+https://bitbucket.org/willthames/git-ansible-galaxy 279 version: v1.4 280 281 # from Bitbucket, alternative syntax and caveats 282 - src: https://bitbucket.org/willthames/hg-ansible-galaxy 283 scm: hg 284 285 # from GitLab or other git-based scm, using git+ssh 286 - src: git@gitlab.company.com:mygroup/ansible-base.git 287 scm: git 288 version: "0.1" # quoted, so YAML doesn't parse this as a floating-point value 289 290Installing roles and collections from the same requirements.yml file 291--------------------------------------------------------------------- 292 293You can install roles and collections from the same requirements files, with some caveats. 294 295.. code-block:: yaml 296 297 --- 298 roles: 299 # Install a role from Ansible Galaxy. 300 - name: geerlingguy.java 301 version: 1.9.6 302 303 collections: 304 # Install a collection from Ansible Galaxy. 305 - name: geerlingguy.php_roles 306 version: 0.9.3 307 source: https://galaxy.ansible.com 308 309.. note:: 310 While both roles and collections can be specified in one requirements file, they need to be installed separately. 311 The ``ansible-galaxy role install -r requirements.yml`` will only install roles and ``ansible-galaxy collection install -r requirements.yml -p ./`` will only install collections. 312 313Installing multiple roles from multiple files 314--------------------------------------------- 315 316For large projects, the ``include`` directive in a :file:`requirements.yml` file provides the ability to split a large file into multiple smaller files. 317 318For example, a project may have a :file:`requirements.yml` file, and a :file:`webserver.yml` file. 319 320Below are the contents of the :file:`webserver.yml` file: 321 322.. code-block:: bash 323 324 # from github 325 - src: https://github.com/bennojoy/nginx 326 327 # from Bitbucket 328 - src: git+http://bitbucket.org/willthames/git-ansible-galaxy 329 version: v1.4 330 331The following shows the contents of the :file:`requirements.yml` file that now includes the :file:`webserver.yml` file: 332 333.. code-block:: bash 334 335 # from galaxy 336 - name: yatesr.timezone 337 - include: <path_to_requirements>/webserver.yml 338 339To install all the roles from both files, pass the root file, in this case :file:`requirements.yml` on the 340command line, as follows: 341 342.. code-block:: bash 343 344 $ ansible-galaxy install -r requirements.yml 345 346.. _galaxy_dependencies: 347 348Dependencies 349------------ 350 351Roles can also be dependent on other roles, and when you install a role that has dependencies, those dependencies will automatically be installed. 352 353You specify role dependencies in the ``meta/main.yml`` file by providing a list of roles. If the source of a role is Galaxy, you can simply specify the role in 354the format ``namespace.role_name``. You can also use the more complex format in ``requirements.yml``, allowing you to provide ``src``, ``scm``, ``version``, and ``name``. 355 356The following shows an example ``meta/main.yml`` file with dependent roles: 357 358.. code-block:: yaml 359 360 --- 361 dependencies: 362 - geerlingguy.java 363 364 galaxy_info: 365 author: geerlingguy 366 description: Elasticsearch for Linux. 367 company: "Midwestern Mac, LLC" 368 license: "license (BSD, MIT)" 369 min_ansible_version: 2.4 370 platforms: 371 - name: EL 372 versions: 373 - all 374 - name: Debian 375 versions: 376 - all 377 - name: Ubuntu 378 versions: 379 - all 380 galaxy_tags: 381 - web 382 - system 383 - monitoring 384 - logging 385 - lucene 386 - elk 387 - elasticsearch 388 389Tags are inherited *down* the dependency chain. In order for tags to be applied to a role and all its dependencies, the tag should be applied to the role, not to all the tasks within a role. 390 391Roles listed as dependencies are subject to conditionals and tag filtering, and may not execute fully depending on 392what tags and conditionals are applied. 393 394If the source of a role is Galaxy, specify the role in the format *namespace.role_name*: 395 396.. code-block:: yaml 397 398 dependencies: 399 - geerlingguy.apache 400 - geerlingguy.ansible 401 402 403Alternately, you can specify the role dependencies in the complex form used in :file:`requirements.yml` as follows: 404 405.. code-block:: yaml 406 407 dependencies: 408 - name: geerlingguy.ansible 409 - name: composer 410 src: git+https://github.com/geerlingguy/ansible-role-composer.git 411 version: 775396299f2da1f519f0d8885022ca2d6ee80ee8 412 413When dependencies are encountered by ``ansible-galaxy``, it will automatically install each dependency to the ``roles_path``. To understand how dependencies are handled during play execution, see :ref:`playbooks_reuse_roles`. 414 415.. note:: 416 417 Galaxy expects all role dependencies to exist in Galaxy, and therefore dependencies to be specified in the 418 ``namespace.role_name`` format. If you import a role with a dependency where the ``src`` value is a URL, the import process will fail. 419 420List installed roles 421-------------------- 422 423Use ``list`` to show the name and version of each role installed in the *roles_path*. 424 425.. code-block:: bash 426 427 $ ansible-galaxy list 428 - ansible-network.network-engine, v2.7.2 429 - ansible-network.config_manager, v2.6.2 430 - ansible-network.cisco_nxos, v2.7.1 431 - ansible-network.vyos, v2.7.3 432 - ansible-network.cisco_ios, v2.7.0 433 434Remove an installed role 435------------------------ 436 437Use ``remove`` to delete a role from *roles_path*: 438 439.. code-block:: bash 440 441 $ ansible-galaxy remove namespace.role_name 442 443 444.. seealso:: 445 :ref:`collections` 446 Shareable collections of modules, playbooks and roles 447 :ref:`playbooks_reuse_roles` 448 Reusable tasks, handlers, and other files in a known directory structure 449