Skip to main content

Ansible

 


Ansible is an open-source software provisioning, configuration management, and application-deployment tool. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.

Platform support

Control machines have to be a Linux/Unix host (for example SUSE Linux Enterprise, Red Hat Enterprise Linux, Debian, CentOS, macOS, BSD, Ubuntu, and Python 2.7 or 3.5 is required.
Managed nodes, if they are Unix-like, must have Python 2.4 or later. For managed nodes with Python 2.5 or earlier, the python-simplejson package is also required. Since version 1.7, Ansible can also manage Windows nodes. In this case, native PowerShell remoting supported by the WS-Management protocol is used, instead of SSH.

Cloud integration

Ansible can deploy to bare metal hosts, virtualized systems and cloud environments, including Amazon Web Services, Atomic, CenturyLink, Cloudscale, CloudStack, DigitalOcean, Dimension Data, Docker, Google Cloud Platform, KVM, Linode, LXC, LXD, Microsoft Azure, OpenStack, Oracle Cloud, OVH, oVirt, Packet, Profitbricks, PubNub, Rackspace, Scaleway, SmartOS, SoftLayer, Univention, VMware, Webfaction, and XenServer.

Difference Between Ansible Vs Puppet Vs Chef

Ansible components:

Inventory:

The “inventory” is a configuration file where you define the host information. Below we have configured "webservers" group for our web-servers.
File:- /etc/ansible/hosts

Playbooks:

In most cases – especially in enterprise environments – you should use Ansible Playbooks. A playbook is where you define how to apply policies, declare configurations, orchestrate steps and launch tasks either synchronously or asynchronously on your servers. Each playbook is composed of one or more “plays”. Playbooks are normally maintained and managed in a version control system like Git. They are expressed in YAML (Yet Another Markup Language).

Plays:

 Playbooks contain plays. Plays are essentially groups of tasks that are performed on defined hosts to enforce your defined functions. Each play must specify a host or group of hosts. For example, using:

 – hosts: all
…we specify all hosts. Note that YML files are very sensitive to white spaces, so be careful!

Tasks:

Tasks are actions carried out by playbooks. One example of a task in an Apache playbook is:
- name: Install Apache httpd
A task definition can contain modules such as yum, git, service, and copy.

Handlers:

Handlers are similar to tasks except that a handler will be executed only when it is called by an event. For example, a handler that will start the httpd service after a task installed httpd. The handler is called by the [notify] directive. Important: the name of the notify directive and the handler must be the same.

Templates:

Templates files are based on Python’s Jinja2 template engine and have a .j2 extension. You can, if you need, place contents of your index.html file into a template file. But the real power of these files comes when you use variables. You can use Ansible’s [facts] and even call custom variables in these template files.

Roles:

A role is the Ansible way of bundling automation content and making it reusable. Roles are organizational components that can be assigned to a set of hosts to organize tasks. Therefore, instead of creating a monolithic playbook, we can create multiple roles, with each role assigned to complete a unit of work. For example: a webserver role can be defined to install Apache and Varnish on a specified group of servers.

Sample Playbook:

## PLAYBOOK TO INSTALL AND CONFIGURE APACHE HTTP ON Servers
- hosts: all
  tasks:
   - name: Install Apache httpd
     yum: pkg=httpd state=installed
     notify:
       - Start Httpd
  handlers:
    - name: Start httpd
      service: name=httpd state=started
Contents:
1. Installation & configuration of Ansible on RHEL
2. Configuring agent less Node as an Ansible Client
3. Passwordless Authentication between Ansible Master & Ansible Client.
4. Creating our first Playbook.
5. Configuring resources on the agent based on below playbooks. Please refer below link.
7. What are Roles in Ansible
8. Ansible Galaxy
9. What are templates
10. Overview on Ansible Tower
11. Ansible Vault

Installation of Ansible:
yum install epel-release or 

amazon-linux-extras install epel -y

yum install ansible -y 

ansible --version

Enable ansible logging by adding below line to /etc/ansible/ansible.cfg

[defaults]
log_path = ./ansible.log

Also add below line to dsiable host key verication
[defaults]
log_path = ./ansible.log
host_key_checking = False

Passwordless Authentication between
Master & the Client
Create a Private DNS server between Ansible Master & Clients. 
Deploy an Ansible client & permit root login to "YES" in below file. Just un-comment the line
[root@ip-Ansible-Client ~]# vi /etc/ssh/sshd_config

Restart sshd service on Ansible Client
[root@ip-Ansible-Client ~]# systemctl restart sshd
Go to Ansible & generate public & private key for SSH connection between Ansible Host & Client.

Copy the public file /root/.ssh/id_rsa.pub & paste in Client /root/.ssh/authorized_keys file


Now try ssh from Ansible Master to Ansible Client

vi /etc/ansible/hosts

# Ex 2: A collection of hosts belonging to the 'webservers' group

[webservers]
ansibleclient1

Using Ansible Simple Commands


ansible -m ping all

ansible -m ping webservers

ansible -m ping ansibleclient1

ansible -m shell -a 'free -m' ansibleclient1

Follow below link & start using
your own playbooks
https://gitlab.com/Azam-devops/ansible
ansible-playbook "Your_Playbook.yaml"
Command to create an Ansible Role
ansible-galaxy init "Your_Role_Name"

yum install tree -y

tree "Your_Role_Name"


Go to your role

cd "your_role"

run *.yml file to execute your_role

ansible-playbook *.yaml or *.yml

Please check below link for all the sample files. 

https://gitlab.com/Azam-devops/ansible
How to use Jenkins to run Playbooks

Install Ansible on Jenkins Master or Jenkins Slave, i.e whichever Machine you use to run the job.

Copy id_rsa.pub file of jenkins user from that Jenkins master/slave to the 

ansibleclient's --> ec2-users --> authorized_keys to initiate passwordless authentication

between Jenkins master/slave & your ansibleclient. Assuming that "jenkins" user will go

to ansibleclient as ec2-user & become root to run ansible commands.

Check doing ssh from jenkins master/slave as jenkins user to ec2-user on ansibleclient

Once done

Update your *yaml files with below text to use ec2-user as remote user & become sudo to 

perform root tasks on Ansible-client. (If you need some other user other than root to perform 

this operation then create that user on ansibleclient & give sudo permissions. Then copy 

jenkins user's id_rsa.pub file to that ansibleclient user's .ssh/authorized_keys file)

---

- hosts: webservers
  remote_user: ec2-user
  become: true
  become_method: sudo
  tasks:
  - name: Create a login user
    user:
      name: jordan
      password: 'supp0rt'
      state: present
      shell: /bin/bash       # Defaults to /bin/bash
      createhome: yes        # Defaults to yes
      home: /home/jordan  # Defaults to /home/<username>

Now, you can use Ansible playbooks in jenkins job to configure Ansible-Clients.
Note: Change log file location in /etc/ansible/ansible.cfg file after you use jenkins as an Ansible user. 

It will not log in root directory unless you mention specific user's home directory for logging. 


Ansible Vault:-



Useful Links:


https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-centos-7

https://linuxacademy.com/blog/linux-academy/ansible-roles-explained/

https://cloudacademy.com/blog/ansible-aws/

https://docs.ansible.com/ansible/latest/modules/shell_module.html

https://www.mydailytutorials.com/ansible-register-variables/

https://serverfault.com/questions/531004/where-do-i-find-the-latest-ansible-error-log

https://stackoverflow.com/questions/58772082/can-i-include-multiple-tasks-in-include-tasks-from-tasks-main-yml

https://stackoverflow.com/questions/24732627/ansible-roles-and-handlers-cannot-get-role-handlers-to-work

https://stackoverflow.com/questions/24851575/ansible-how-to-pass-multiple-commands

https://www.tecmint.com/ansible-variables-and-facts/

https://stackoverflow.com/questions/28489705/how-to-assign-a-random-number-to-a-variable-in-ansible/28490160

https://www.toptechskills.com/ansible-tutorials-courses/ansible-include-import-variables-tutorial-examples/

https://www.mydailytutorials.com/ansible-template-module-examples/

https://www.mydailytutorials.com/how-to-copy-files-and-directories-in-ansible-using-copy-and-fetch-modules/

How to use Jenkins user to configure other ec2 instances.

https://github.community/t/ansible-playbook-setup-py-permission-denied/11496
Ex:-
---
- hosts: my-test
  remote_user: myuser
  become: true
  become_method: sudo






























































Comments











Post a Comment



















Popular posts from this blog



















Docker In Details




























  Course Contents:- 1. Overview of Docker 2. Difference between Virtualization & Containerization 3. Installation & Configuration of Docker Runtime on Linux & Windows 4. Practice on Docker commands 5. launch a Webserver in a container 6. Launch public & official images of application like Jenkins, Nginx, DB etc.. 7. Launch a base OS Container 8. How to save changes inside the container & create a fresh image(commit) 9. How to ship image & container from one hardware to another. 10. How to remove stop/rm multiple container/images 11. Docker Registry 12. Docker Networking       Check current docker network                  Docker Network Bridge                     Docker Network Weaving                  Launch our own Docker Cluster with our defined Network             ...




















Post a Comment









Read more






























Jenkins




























Pre-requisites 1. Install a Webserver https://gitlab.com/Azam-devops/webserver/-/blob/main/README.md Code for index.html https://gitlab.com/Azam-devops/webserver 2. Maven Code https://gitlab.com/Azam-devops/imperial-maven-project 1. Install & configure Jenkins Automation Server on Linux Vm.  2. Go through at some of the important options in Jenkins.  3. Manage Jenkins.  4. Plugins  5. Global Tools Configuration.  6. Credentials  7. Users  8. Slave Nodes  9. Configuring CI pipeline using Gitlab.  10. Configuring standalone CICD pipeline using.  11. Automating the CICD pipeline.  12. Jenkins log  13. Introduction to Jenkins file.  14. Basic groovy syntax & file formation.  15. Launching a Pipeline using Jenkins file. 3. DevOps Architecture Description of above DevOps plan. Create Maven based source code in Gitlab. Create a Jenkins job which will execute below stages. Checkout code from Gitlab Build/compile the source code using Maven as a build tool. scan the code virtually. Test...




















Post a Comment









Read more






























Roadmap to DevOps




























      DevOps is nothing but the combination of process and philosophies which contains four basic component culture, collaboration, tools, and practices. In return, this gives a good automated system and infrastructure which helps an organisation to deliver a quality and reliable build. The beauty of this culture is it enables a quality for organizations to better serve their customers and compete more effectively in the market and also add some promised benefits which include confidence and trust, faster software releases, ability to solve critical issues quickly, and better manage unplanned work.     1. What are the tasks of a DevOps Engineer?     Design,      build, test and deploy scalable, distributed systems from development      through production   Manage      the code repository(such as Git, SVN, BitBucket, etc.) including code      merging and integrating, branching and maintenance and remote repository      management   Manage,      configure and maintain infra...




















Post a Comment









Read more




























Connect SparkThriftServer with Tableau/PowerBI




























  Connect SparkThriftServer with Tableau/PowerBI REFERENCE : https://docs.microsoft.com/en-us/azure/hdinsight/hdinsight-apache-spark-use-bi-tools Use Power BI for Spark data visualization Note   This section is applicable only for Spark 1.6 on HDInsight 3.4 and Spark 2.0 on HDInsight 3.5.     Once you have saved the data as a table, you can use Power BI to connect to the data and visualize it to create reports, dashboards, etc.   1.       Make sure you have access to Power BI. You can get a free preview subscription of Power BI from http://www.powerbi.com/ . 2.       Sign in to Power BI .   3.       From the bottom of the left pane, click Get Data . 4.       On the Get Data  page, under Import or Connect to Data , for Databases , click Get . 5.       On the next screen, click Spark on Azure HDInsight  and then click Connect . When prompted, enter th...




















Post a Comment









Read more




























Git




























Git   Git  has steadily risen from being just a preferred skill to a must-have skill in last few years. in this blog we will go through top 20 git commands that every devops uses daily.   If you don't have a gitlab account. please follow below link to create it free.     https://gitlab.com/   before using git please install git on your linux machine using below command.   yum install git -y   Use below command to create ssh keyol   ssh-keygen -t rsa   Below are the git command which we will cover in this blog.   ·          git config   ·          git init   ·          git clone   ·          git add   ·          git commit   ·          git diff   ·          git reset   ·      ...




















2 comments









Read more