With the use of lookup modules, we can simply pull the information coming through outside domains in Ansible. Internal filesystems, remote data warehouses, or services are only a few examples of these domains. After the information is collected from those providers, the information is processed by the lookup module and then retrieved via Ansible’s templating engine. And it will allow access to that template. The main aim of the Ansible config Lookup plugin is to import parameters or templates that include information from outside domains or remote devices.
Working on Lookup Plugin in Ansible
The following are the working principles of the advanced lookup plugin in the Ansible tool:
In contrast to local activities that operate with such a specified directory associated with the implemented play or role, lookups are run with a specified directory outside of the play or role.
You should have a solid understanding of Ansible, its functionality, and its instructions when you are going to utilize the lookup module in Ansible because this is an advanced functionality.
Information is only processed remotely. Thus, we need to be aware that it must be passed into a parameter or used as a resource of information after computation or evaluation.
There are several diverse approaches to enable customized modules like placing them into the domain lookup module next to, placing it within a lookup plugins path, and adding a source from a lookup directory set up in the cfg.
For information gathering or information generation, we can integrate Ansible modules with filters and experiments.
The query operation, which has been implemented in Ansible in version 2.5, is used to invoke lookup modules. The query module always provides an array of values, whereas the lookup produces a set of comma-separated values (CSV). To force a lookup to generate a value, we can specifically utilize the wantlist=True parameter.
Prerequisites of Ansible Lookup Plugin
Before implementing the example, we need the following criteria to be fulfilled:
There must be an Ansible control server of named ansible controller. To build a connection and utilize the ansible config lookup plugin, we will need the remote hosts. And here we are using the local host as a target remote host during implementation.
We will build playbooks, issue Ansible commands, and observe the outcomes on distant hosts on the ansible-controller device.
We will try to use different scenarios to examine a few of the Ansible Lookup Plugins. The configuration of the lookup module in these scenarios is solely intended to demonstrate how to utilize them.
Example 01: Displaying the Default Role Configurations in Ansible
Now, we are going to implement the very first example where we will get the default role path by using the lookup plugin of Ansible. First, we will create the playbook to include the target remote host and the tasks. The following is the command used for creating the playbook in Ansible:
After writing the command above and hitting enter, the playbook editor will be opened into a new terminal named “config_lookup. The identification of the instance or module that we are intending to use initially will be written down. We have used the “gather_facts” parameter of ansible so that we will get all the information related to the localhost will display in the output, but we do not want to get the extra information of the target local host so we have passed the “false” value to the “gather_facts” in the playbook. Now, we will mention the hosts of the playbook so we have provided the “localhost”.
Next, we want to list the tasks which we want to do. So, we wrote the “tasks” parameter and then list the tasks one by one. In this list, first, we have to use the “name” parameter to display the name of the tasks. And then we utilized the “debug” parameter and supply the “msg” parameter in it so that the message which we want to display in the outcome will be displayed.
gather_facts: false
hosts: localhost
tasks:
- name: print out role paths
debug:
msg: "These are the configured role paths: {{lookup('config', 'DEFAULT_ROLES_PATH')}}"
In this example, we are not going to build the inventory file to make a connection because we are using the local host as a target remote host. To get the results by executing the playbook created above, we will write the below command in the terminal:
Here is the output after running the command above. We will get the configured path of the localhost along with the message which we have written in the playbook in the green font with the “ok” signal.
Example 02: Viewing the Default Configured Colours in Ansible
Here is the second example that we are going to implement by using the built-in module of Ansible, which is the lookup module. In this scenario, we will get the configured colors of the item.
We will not create another playbook for this example. We just do the necessary changes in the “config_lookup” playbook. First, we will open the playbook by writing the command below:
In playbook tasks, we will alter the name of the task and then we will pass the “item” to get the default color. We have used the “loop” parameter to get the default colors in a list.
gather_facts: false
hosts: localhost
tasks:
- name: see the default colors
debug: msg="{{item}}"
loop: "{{lookup('config', 'COLOR_OK', 'COLOR_CHANGED', 'COLOR_SKIP', wantlist=True)}}"
Now, terminate the playbook by saving the modification and run the playbook through the command below:
The following illustrated snippet will show us the desired output by executing the statement written above. We have the three default configured colors of the lookup plugin in Ansible which are green, yellow, and cyan.
Example 03: Viewing the Procedure for Escalating Privileges in Ansible
We are going to implement the third example of the built-in config lookup plugin in Ansible. In the example, we will escalate the privileges of the lookup module. First, we will open the playbook.
We will now change the code and configure it to suit our requirements. We will change the name of the task and change the debug logic.
gather_facts: false
hosts: localhost
tasks:
- name: print out default privilege escalation method
debug:
msg: "DEFAULT_BECOME_METHOD: {{lookup('config', 'DEFAULT_BECOME_METHOD')}}"
Again, we will use the same command to run and showcase the results of the example.
As shown in the output below, we will get the “sudo” escalate privilege in the green color.
Conclusion
We have learned one of the built-in modules of Ansible which is the configuration of the lookup plugin. We have discussed the working of the plugin and implemented several examples so that we can easily understand the working and different modules of the lookup plugin in Ansible.