Skip to main content

Ansible

 


Ansible is an open-source software provisioning, configuration management, and application-deployment tool. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.

Platform support

Control machines have to be a Linux/Unix host (for example SUSE Linux Enterprise, Red Hat Enterprise Linux, Debian, CentOS, macOS, BSD, Ubuntu, and Python 2.7 or 3.5 is required.
Managed nodes, if they are Unix-like, must have Python 2.4 or later. For managed nodes with Python 2.5 or earlier, the python-simplejson package is also required. Since version 1.7, Ansible can also manage Windows nodes. In this case, native PowerShell remoting supported by the WS-Management protocol is used, instead of SSH.

Cloud integration

Ansible can deploy to bare metal hosts, virtualized systems and cloud environments, including Amazon Web Services, Atomic, CenturyLink, Cloudscale, CloudStack, DigitalOcean, Dimension Data, Docker, Google Cloud Platform, KVM, Linode, LXC, LXD, Microsoft Azure, OpenStack, Oracle Cloud, OVH, oVirt, Packet, Profitbricks, PubNub, Rackspace, Scaleway, SmartOS, SoftLayer, Univention, VMware, Webfaction, and XenServer.

Difference Between Ansible Vs Puppet Vs Chef

Ansible components:

Inventory:

The “inventory” is a configuration file where you define the host information. Below we have configured "webservers" group for our web-servers.
File:- /etc/ansible/hosts

Playbooks:

In most cases – especially in enterprise environments – you should use Ansible Playbooks. A playbook is where you define how to apply policies, declare configurations, orchestrate steps and launch tasks either synchronously or asynchronously on your servers. Each playbook is composed of one or more “plays”. Playbooks are normally maintained and managed in a version control system like Git. They are expressed in YAML (Yet Another Markup Language).

Plays:

 Playbooks contain plays. Plays are essentially groups of tasks that are performed on defined hosts to enforce your defined functions. Each play must specify a host or group of hosts. For example, using:

 – hosts: all
…we specify all hosts. Note that YML files are very sensitive to white spaces, so be careful!

Tasks:

Tasks are actions carried out by playbooks. One example of a task in an Apache playbook is:
- name: Install Apache httpd
A task definition can contain modules such as yum, git, service, and copy.

Handlers:

Handlers are similar to tasks except that a handler will be executed only when it is called by an event. For example, a handler that will start the httpd service after a task installed httpd. The handler is called by the [notify] directive. Important: the name of the notify directive and the handler must be the same.

Templates:

Templates files are based on Python’s Jinja2 template engine and have a .j2 extension. You can, if you need, place contents of your index.html file into a template file. But the real power of these files comes when you use variables. You can use Ansible’s [facts] and even call custom variables in these template files.

Roles:

A role is the Ansible way of bundling automation content and making it reusable. Roles are organizational components that can be assigned to a set of hosts to organize tasks. Therefore, instead of creating a monolithic playbook, we can create multiple roles, with each role assigned to complete a unit of work. For example: a webserver role can be defined to install Apache and Varnish on a specified group of servers.

Sample Playbook:

## PLAYBOOK TO INSTALL AND CONFIGURE APACHE HTTP ON Servers
- hosts: all
  tasks:
   - name: Install Apache httpd
     yum: pkg=httpd state=installed
     notify:
       - Start Httpd
  handlers:
    - name: Start httpd
      service: name=httpd state=started
Contents:
1. Installation & configuration of Ansible on RHEL
2. Configuring agent less Node as an Ansible Client
3. Passwordless Authentication between Ansible Master & Ansible Client.
4. Creating our first Playbook.
5. Configuring resources on the agent based on below playbooks. Please refer below link.
7. What are Roles in Ansible
8. Ansible Galaxy
9. What are templates
10. Overview on Ansible Tower
11. Ansible Vault

Installation of Ansible:
yum install epel-release or 

amazon-linux-extras install epel -y

yum install ansible -y 

ansible --version

Enable ansible logging by adding below line to /etc/ansible/ansible.cfg

[defaults]
log_path = ./ansible.log

Also add below line to dsiable host key verication
[defaults]
log_path = ./ansible.log
host_key_checking = False

Passwordless Authentication between
Master & the Client
Create a Private DNS server between Ansible Master & Clients. 
Deploy an Ansible client & permit root login to "YES" in below file. Just un-comment the line
[root@ip-Ansible-Client ~]# vi /etc/ssh/sshd_config

Restart sshd service on Ansible Client
[root@ip-Ansible-Client ~]# systemctl restart sshd
Go to Ansible & generate public & private key for SSH connection between Ansible Host & Client.

Copy the public file /root/.ssh/id_rsa.pub & paste in Client /root/.ssh/authorized_keys file


Now try ssh from Ansible Master to Ansible Client

vi /etc/ansible/hosts

# Ex 2: A collection of hosts belonging to the 'webservers' group

[webservers]
ansibleclient1

Using Ansible Simple Commands


ansible -m ping all

ansible -m ping webservers

ansible -m ping ansibleclient1

ansible -m shell -a 'free -m' ansibleclient1

Follow below link & start using
your own playbooks
https://gitlab.com/Azam-devops/ansible
ansible-playbook "Your_Playbook.yaml"
Command to create an Ansible Role
ansible-galaxy init "Your_Role_Name"

yum install tree -y

tree "Your_Role_Name"


Go to your role

cd "your_role"

run *.yml file to execute your_role

ansible-playbook *.yaml or *.yml

Please check below link for all the sample files. 

https://gitlab.com/Azam-devops/ansible
How to use Jenkins to run Playbooks

Install Ansible on Jenkins Master or Jenkins Slave, i.e whichever Machine you use to run the job.

Copy id_rsa.pub file of jenkins user from that Jenkins master/slave to the 

ansibleclient's --> ec2-users --> authorized_keys to initiate passwordless authentication

between Jenkins master/slave & your ansibleclient. Assuming that "jenkins" user will go

to ansibleclient as ec2-user & become root to run ansible commands.

Check doing ssh from jenkins master/slave as jenkins user to ec2-user on ansibleclient

Once done

Update your *yaml files with below text to use ec2-user as remote user & become sudo to 

perform root tasks on Ansible-client. (If you need some other user other than root to perform 

this operation then create that user on ansibleclient & give sudo permissions. Then copy 

jenkins user's id_rsa.pub file to that ansibleclient user's .ssh/authorized_keys file)

---

- hosts: webservers
  remote_user: ec2-user
  become: true
  become_method: sudo
  tasks:
  - name: Create a login user
    user:
      name: jordan
      password: 'supp0rt'
      state: present
      shell: /bin/bash       # Defaults to /bin/bash
      createhome: yes        # Defaults to yes
      home: /home/jordan  # Defaults to /home/<username>

Now, you can use Ansible playbooks in jenkins job to configure Ansible-Clients.
Note: Change log file location in /etc/ansible/ansible.cfg file after you use jenkins as an Ansible user. 

It will not log in root directory unless you mention specific user's home directory for logging. 


Ansible Vault:-



Useful Links:


https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-centos-7

https://linuxacademy.com/blog/linux-academy/ansible-roles-explained/

https://cloudacademy.com/blog/ansible-aws/

https://docs.ansible.com/ansible/latest/modules/shell_module.html

https://www.mydailytutorials.com/ansible-register-variables/

https://serverfault.com/questions/531004/where-do-i-find-the-latest-ansible-error-log

https://stackoverflow.com/questions/58772082/can-i-include-multiple-tasks-in-include-tasks-from-tasks-main-yml

https://stackoverflow.com/questions/24732627/ansible-roles-and-handlers-cannot-get-role-handlers-to-work

https://stackoverflow.com/questions/24851575/ansible-how-to-pass-multiple-commands

https://www.tecmint.com/ansible-variables-and-facts/

https://stackoverflow.com/questions/28489705/how-to-assign-a-random-number-to-a-variable-in-ansible/28490160

https://www.toptechskills.com/ansible-tutorials-courses/ansible-include-import-variables-tutorial-examples/

https://www.mydailytutorials.com/ansible-template-module-examples/

https://www.mydailytutorials.com/how-to-copy-files-and-directories-in-ansible-using-copy-and-fetch-modules/

How to use Jenkins user to configure other ec2 instances.

https://github.community/t/ansible-playbook-setup-py-permission-denied/11496
Ex:-
---
- hosts: my-test
  remote_user: myuser
  become: true
  become_method: sudo


















































Comments











Post a Comment



















Popular posts from this blog





















Jenkins




























Pre-requisites 1. Install a Webserver https://gitlab.com/Azam-devops/webserver/-/blob/main/README.md Code for index.html https://gitlab.com/Azam-devops/webserver 2. Maven Code https://gitlab.com/Azam-devops/imperial-maven-project 1. Install & configure Jenkins Automation Server on Linux Vm.  2. Go through at some of the important options in Jenkins.  3. Manage Jenkins.  4. Plugins  5. Global Tools Configuration.  6. Credentials  7. Users  8. Slave Nodes  9. Configuring CI pipeline using Gitlab.  10. Configuring standalone CICD pipeline using.  11. Automating the CICD pipeline.  12. Jenkins log  13. Introduction to Jenkins file.  14. Basic groovy syntax & file formation.  15. Launching a Pipeline using Jenkins file. 3. DevOps Architecture Description of above DevOps plan. Create Maven based source code in Gitlab. Create a Jenkins job which will execute below stages. Checkout code from Gitlab Build/compile the source code using Maven as a build tool. scan the code virtually. Test...




















Post a Comment









Read more




























Docker In Details




























  Course Contents:- 1. Overview of Docker 2. Difference between Virtualization & Containerization 3. Installation & Configuration of Docker Runtime on Linux & Windows 4. Practice on Docker commands 5. launch a Webserver in a container 6. Launch public & official images of application like Jenkins, Nginx, DB etc.. 7. Launch a base OS Container 8. How to save changes inside the container & create a fresh image(commit) 9. How to ship image & container from one hardware to another. 10. How to remove stop/rm multiple container/images 11. Docker Registry 12. Docker Networking       Check current docker network                  Docker Network Bridge                     Docker Network Weaving                  Launch our own Docker Cluster with our defined Network             ...




















Post a Comment









Read more




























Basic Linux Commands 




























  Linux Command Cheat Sheet   Hello All,   Below are the most common commands used in a day to day life of  linux user. if you are new to linux i will recommend you to go through all of the commands.  this commands will help you to troubleshoot linux issues.               Command          Description              ls          Lists all files and directories from present working directory              ls-R          Lists files in sub-directories              ls-a          to list down hidden files.              ls-al          Lists files and directories with complete details like permissions,   size, owner              cd or cd ~          To go back to home directory              cd ..          Move one level up              cd          To change to a particular directory              cd /          Move to the root directory              cat > filename          Creates a new file              cat filename          Displays the content of a file              cat file...




















Post a Comment









Read more






























Kubernetes-Update




























                                                    https://kubernetes.io/ Kubernetes (K8s)  is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes builds upon  15 years of experience of running production workloads at Google , combined with best-of-breed ideas and practices from the community. Latest Verion:-  1.19 Kubernetes Objects   Kubernetes defines a set of building blocks ("primitives"), which collectively provide mechanisms that deploy, maintain, and scale applications based on CPU, memory or custom metrics. Kubernetes is loosely coupled and extensible to meet different workloads. This extensibility is provided in large part by the Kubernetes API, which is used by int...




















Post a Comment









Read more