This article will focus on the Ansible service module and how to handle the lifecycle of service through the Ansible adhoc command and Ansible playbook.
Introduction To Services
A service is a background process that runs in the operating system. In Linux-based systems, the background process is also referred to as daemons. These daemon processes are responsible for receiving clients’ input and making further system calls to complete the desired action. Let’s take mongodb service for example. MongoDB architecture is based on the client-server model. The daemon process for mongodb called ‘mongod’ will run and listen to the queries or commands a user issues through the mongodb client. The daemon will then internally make the necessary calls to the system or application to complete the action.
In Linux based operating system a init process is assigned with process ID 1 which will start as the first process during the boot. This process is responsible for running other system services. There are many init systems available like systemd, anopa, OpenRC, etc. You can learn more about the init systems from the wiki link below.
REFERENCE – https://wiki.archlinux.org/title/init
Ansible Service Module Documentation
The service module is available in ansible.builtin collections and comes by default with Ansible or ansible-core installation. You can run the following command to check module availability.
$ ansible-doc -l | grep -i -w ansible.builtin.service
ansible.builtin.service Manage services
$ ansible-navigator collection
To access the service module documentation run any of the following commands.
$ ansible-doc service
$ ansible-navigator doc service
NOTE: The description section of the documentation states that the service module is just a wrapper or proxy for service manager modules. There are dedicated modules for the init system which can also be used.
Ansible Service Module As Adhoc Command
I will use the service module to manage the OpenSSH Server (SSHD) daemon process running on the local host. Fedora and Ubuntu-based systems use systemd as the default init system.
Run the following systemctl command to check the SSH service status. Here the service state is inactive. I will start the service using the service module.
$ systemctl status sshd
NOTE: The service module requires elevated privilege. Submit the command as a privileged user.
Following is the syntax for the ansible adhoc command with the service module.
# SYNTAX
$ ansible <node> -m service -a "name=<service-name> state=<state>" -c localSTATE supports 4 arguments
To start the service set ‘STATE’ = started
To stop the service set ‘STATE’ = stopped
To restart the service set ‘STATE’ = restarted
To reload the service set ‘STATE’ =reloaded
The following adhoc command will start the sshd service.
# Start service
$ ansible localhost -m service -a "name=sshd state=started" -c local
Similarly, you can modify the state parameter for stopping, restarting, and reloading the service.
# Stop Service
$ ansible localhost -m service -a "name=sshd state=stopped" -c local# Restart service
$ ansible localhost -m service -a "name=sshd state=restarted" -c local
# Reload service
$ ansible localhost -m service -a "name=sshd state=reloaded" -c localYou can set the service to start automatically during boot by setting the parameter ‘enabled=yes’.
# Enable service to start during boot
$ ansible localhost -m service -a "name=sshd enabled=yes" -c localAnsible Service Module In Playbook
Any configuration to the OpenSSH server configuration file needs a service restart for the changes to be effective. Here I will be creating a playbook with two tasks.
TASK 1 – Disable SSH root login in /etc/ssh/sshd_config file
TASK 2 – Restart SSH service
1) Create a new directory
$ mkdir ~/service-module
$ cd ~/service-module2) Create an inventory file.
$ echo "localhost ansible_connection=local"> hosts3) Create ansible.cfg file.
$ echo "[defaults]
inventory = ./hosts
host_key_checking = false
nocows = true" > ansible.cfg4) Create a playbook with two tasks. In the second task, a condition is set to restart the service only when changes are made to the first task.
---
- name: Playbook to test service module
hosts: localhost
gather_facts: false
become: true
become_method: ansible.builtin.sudo
tasks:
- name: Disable ssh login for root user
ansible.builtin.lineinfile:
dest: /etc/ssh/sshd_config
regexp: 'PermitRootLogin'
line: "PermitRootLogin no"
state: present
backup: yes
register: ssh_status
- name: Restart ssh daemon
ansible.builtin.service:
name: sshd
state: restarted
when: ssh_status is changedRun the following command to submit the playbook.
$ ansible-playbook playbook.yml -KYou can also run the playbook using the ansible-navigator command.
$ ansible-navigator run playbook.yml -m stdout -K
Ansible Service Module As Handler Tasks
Handlers allow you to run the task in a controlled manner. Handlers are best suited when using the service module. If you have never used handlers then I suggest you take a look at our article on how to use handlers.
REFERENCE – How To Work With Handlers In Ansible With Examples | Nixzie
Here I will move both tasks inside a role and place the second task under the handler directive.
$ mkdir roles; cd roles
$ ansible-galaxy init service_role
- Role service_role was created successfullyNow move the first task under tasks/main.yml.
---
# tasks file for service_role
- name: Disable ssh login for root user
ansible.builtin.lineinfile:
dest: /etc/ssh/sshd_config
regexp: 'PermitRootLogin'
line: "PermitRootLogin no"
state: present
backup: yes
notify: SSH restartMove the handler task under handler/main.yml.
---
# handlers file for service_role
- name: SSH restart
ansible.builtin.service:
name: sshd
state: restartedModify the main playbook.yml file to run the role.
---
- name: Playbook to test service module
hosts: localhost
gather_facts: false
become: true
become_method: ansible.builtin.sudo
roles:
- service_roleRun the playbook and you will see the second task is submitted under the handler directive.
$ ansible-navigator run playbook.yml -m stdout -K
Wrap-Up
Ansible service module is used to manage the life cycle of services in your linux operating system. There are dedicated modules for different init systems but the service module will be simple to use for all basic operations. If you have any feedback on this article please let us know in the comment section.
