Ansible Hands-on



 what is Ansible

It's a simple automation language that can perfectly describe an IT application infrastructure in Ansible Playbooks.

It's an automation engine that runs Ansible Playbooks.

Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a UI and RESTful API.


Ansible is...

Simple: 

Human readable automation no special coding skills needed tasks executed in order Get productive quicky.


Powerful:

App development configuration management workflow orchestration Orchestrate the app lifecycle


Agentless:

Agentless architecture uses OpenSSH & WinRM No agent to expolit or update More efficient & more secure.



Installing Ansible on Ubuntu 18.04 LTS

$ sudo apt update
$ sudo apt install software-properties-common
$ sudo apt-add-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansible


How Ansible Work:





Modules:

Modules are bits of code transferred to the target system and executed to satisfy the task declaration. Ansible ships with several hundred today!


  • apt/yum
  • copy
  • file
  • get_url
  • git
  • ping
  • debug
  • service
  • template


Module Documentation:

https://docs.ansible.com/ansible/latest/user_guide/modules.html


# List out all modules installed

$ ansible-doc -l

...

copy

cron

...

# Read documentation for installed module

$ ansible-doc copy

> COPY

The [copy] module copies a file on the local box to remote locations. Use the [fetch] module to copy files from remote locations to the local

box. If you need variable interpolation in copied files, use the [template] module.

* note: This module has a corresponding action plugin.

Options (= is mandatory):


Module: Run Commands

If Ansible doesn't have a module that suits your needs there are the "run command" module:


command: Takes the command and executes it on the host. The most secure and predictable.

shell: Executes through a shell like /bin/sh so you can use pipes etc. Be careful.

script: Runs a local script on a remote node after transferring it.

raw: Executes a command without going through the Ansible module subsystem.


Inventory:

Inventory is a collection of hosts (nodes) with associated data and groupings that Ansible can connect and manage.


Hosts

Groups

Inventory-specific data (variables)

Static or dynamic sources


Static Inventory Example:

192.168.0.0

192.168.0.1

192.168.0.2

192.168.0.3

host.example.com


Static Inventory Example

[control]

control ansible_host=192.168.0.0

[web]

node-[1:3] ansible_host=192.168.0.[6:8]

[haproxy]

haproxy ansible_host=192.168.0.2

[all:vars]

ansible_user=ubuntu

ansible_ssh_private_key_file=~/


Ad-Hoc Commands

An ad-hoc command is a single Ansible task to perform quickly, but don’t want to save for later.


# check all my inventory hosts are ready to be

# managed by Ansible

$ ansible all -m ping


# collect and display the discovered facts

# for the localhost

$ ansible localhost -m setup


# run the uptime command on all hosts in the

# web group

$ ansible web -m command -a "uptime"


Sidebar: Discovered Facts

Facts are bits of information derived from examining a host systems that are stored as variables for later use in a play.


$ ansible localhost -m setup

localhost | success >> {

"ansible_facts": {

    "ansible_default_ipv4": {

        "address": "192.168.1.37",

        "alias": "wlan0",

        "gateway": "192.168.1.1",

        "interface": "wlan0",

        "macaddress": "c4:85:08:3b:a9:16",

        "mtu": 1500,

        "netmask": "255.255.255.0",

        "network": "192.168.1.0",

        "type": "ether"

},



Ad-Hoc Commands:


Ansible can work with metadata from various sources and manage their context in the form of variables.


Command line parameters

  • Plays and tasks
  • Files
  • Inventory
  • Discovered facts
  • Roles


Tasks:


Tasks are the application of a module to perform a specific unit of work.


file: A directory should exist

yum: A package should be installed

service: A service should be running

template: Render a configuration file from a template

get_url: Fetch an archive file from a URL

git: Clone a source code repository


Example Tasks in a Play


tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: restart apache2

service:

name: apache2

state: restarted



Handler Tasks:


Handlers are special tasks that run at the end of a play if notified by another

task when a change occurs.


If a configuration file gets changed notify a service restart task that it needs to run.


Example Handler Task in a Play


tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

notify: restart apache2

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

handlers:

- name: restart apache2

service:

name: apache2

state: restarted



Plays & Playbooks


Plays are ordered sets of tasks to execute against host selections from your inventory. A playbook is a file containing one or more plays.


Playbook Example


---

- name: install and start apache

  hosts: web

 become: yes

vars:

http_port: 80

tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/


Human-Meaningful Naming


---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/


Host Selector


---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/


Privilege Escalation


---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/


Play Variables:

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/


Tasks:

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: latest apache2 package is present

apt:

name: apache2

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/










































Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ansible Hands-on

  what is Ansible It's a simple automation language that can perfectly describe  an IT application infrastructure in Ansible Playbooks. ...

  • Java Basics Syntax
      When we consider a Java program, it can be defined as a collection of objects that communicate via invoking each other's methods. Let ...
  • Why to Learn java Programming?
      Java  is a general-purpose, class-based, object-oriented programming language designed for having lesser implementation dependencies. It i...