Each and every minute dehail ob yous Machine (Sesver, Stewa9¢) Seee Veraa, Seabe contiguialion management Tool part ~ operation Patt ie oew ConFiqus ation Management Too! an S push Based | [ pull Based ; ene] =e Par a + Pugh COnAausation sewer + PU configutation nodes pushesh COnrFigutéalion to the node Check sith the Sesvet peyic ded felch Pre CnPigecsadion fiom § eng Ansible eng Chee SaltStack Puppet + | Advantage oy cM Teal! Complete Aworation Increase Uptime Tmpaore_PesFournance Ensuse Comell ance Prevent Errors Redace cost{rome 5) = Confiqueation Management ~ItPs a method Hosoygh which we oS aebomale Admin task. ConFigutation Managenent tool tuins yous code fobeLnftastouchy AC) So yous Code toould be Repeatable Heéhable and versionable, Ansible Ps am automation trol, whateve™ susiem admins ysed_to do monuatly 5 0D we ase auternating all thase tesk by Jasing Ansible - : Saw Ansible ts an Opensoursce IT- configusation Management 5 Peploymment and O8chestsation Tool Thaims to provide lasge produdtivily gains toa toe vaiey 0b Automation Challenges * eee ” x Publ Mechandsr| 8 Ceerbeok) Rais ili a a aol ansible Pe free Fo use by everyone Ansibla. Ps Vety Coesitent and HighFod ght and 0 Constkalnts Imegailing the 0.5 and. Underlying haxchoave ase present Tt Ps very secase due to Ths Ayentless . Copabilities Ad Open SSH Secivity feature. ‘ansible does nok nea “ony special System adminishaber ‘Skills +o instau ahd _use Sh.Aosible Sesver | The machina Whese arsible Fs installed and fore hich au +0sks and! playbodks Gill be Bun, [Mode | 7. Basicauy..a moclule ix 4 command of so. ob, Similar cormands meant tobe exceed On the, client-side [ross J: A task fs _qsecton thal consist ob 4 single ences +0.be complued - le]? _A_tooy Ob osganising Lashs and Relate) Files te be Jakev called in 4 ay neee (REET TAF onnaion febcheel froin he Clienk Bystem Fron foe igbbal vas ables -colth the ght ads , OpeeaHOn [Erventoey File containing dete out the ansible Client sewers. [pay 2 Execwion ob a playbook. [Tandiey [2° Task cohich fS Catt ed) Only Th Mobsyer™ és aa wore ex] * Section atrrbyle fo TUSK WWeh Cats @ handler fb the output bs Changed’. © Jploybook | + T+ consist code in YAME : Fremak,. ‘anich. clecrbe tasks fo be execled Host] ¢ Nodes , hich are Geetarmakds by gosidle,Fchael Dehaen developed Ansible and the ansible padyech , began in february 2012. J Redhat acquised the ansible tool in 2015. Ansible Ps aveilabe frre RHEL 5 osaele Linux , Be bigh 2 Centos ,. Can ese the 400. cohether yous Sets ape Th Cn-Premues as Inthe Cloud Ine teins yous code in to in frastcuct¥e f.e yous Seraiie emiotnmect has same_os He as yout APpli cation,skeO Creare Ec2 instance like + Ansible Servet + Ang ble Node =, TAnsible Nede-2 SPO) When these fostances ts seady we an assess these siostances Via Putty/ Mebaxtreary. ste) Th Ansible Sewer > + rw] gsado su StiGjeca-usex]# Week httes.t (Id) fedowapaaect 406g.) PUb] eel / epel- release f~ jalest ~ F. Neasch -rprn. wh + supGeca-ases] # 1S Lo ¥OU-CAN download epel—sélense —lakest~F-noasth-xpm_» em ANSIBIC epel wales — ¢ | Feacth and Gad Fe, se@ RCo -USe%] # yarn Tost Genmends SH@ESHusOK TY /I/N 2 y aompiee, str@| eca-usew] Y xum updak —yo complete ste@)ecr-asev] # yar fnstall git Python eython -pip ansible —y ey Hhon-level\p4 \FpeQ. lec2—usen] # ansible --vession ee Batt J g Gee) | ca -uses] # vi /etc/asi ble / hosts We add group fn & poess * = hat Ale means add Heh 25), nodes pavale ipadd. Fa ; ae HEFISRVET AIS Re ee 7 aaEHIng the nodeva & gex as -------- Rapes | Ldermo} \ brow a nodes tip cerivate) (_eneale gsouP and copy prvele © nade2? fe Cevvaley ‘Ji ob node and: Paste hese. e c ; 4 2 f lesc 04 ond wack sk | of eca-uset] # vi Jetc/ansble! ansble-¢fq a a H # Bee basic default values ...- ; ripe 1Y#) jrventosy = /ete/ansible / hosts i i Y= j ween Sudo use = -00F \\h(st@leca-uses}] # useradd ansible g.J add uses fn sever, ecr-uset] # passed ansible pe reded .5,noder and new Paseoosd ¢ Admio eq Gree passed as Hai Rebyee Passwooxd 2 Admin Passad 2 ai) awhenkication tokens * updaled SuccessPully. SHO) IH Qrsible wdded_, ( ) M [ I Reiype Passwrtd ¢ Admin y 87 ¢ sudosg lea-uses] # addase® ansible Reb-uset] # passod ancible - Fee neo passeord : Admy | sad) | seme as Ansible Nedeqand Ansible-SAWe To Passud a, a aathencahon Foren aplaled Surely And ble Node2 a i SHO, @ _ecr-usesJ# sy - ansible Lansible@ ve -J touch Gilet Lonsible@ie-7 4 Filet Cansible@ fe] $ xum instead hHpd — eji vou need te be Toot to perfarm His Command.” Ie) JH Sudo yarn instau hHed — ¥ Wwe trust ou have sereived He UsYas lechere fom the local Systean Administsakers . Lsado} password fer degible 2 Cenk password) - ansible “5 FOtTathe Sudeoss File,Give Sudo Pights +o ansible Use®. Csudo, PVE oKlge J.) FO Bee's ecr-uses]# WSudo a Allow nook te Run any commands any whese hoot ALL = CALL) ALL space Jansible’ «Aue = CALL No passwd g ALL ese roq SHED] Gve sudo pavitedged Fe pedea an A@Sde 2) tees 3 Sudo su eo-uses ]# visudo | < eet ANOW root to TUN any Commands any wheso foot ALL = Cate Abts ansible ALL = CALL) Nopasswd 2 ALL = i | esc wq_ SHAE) Sade prMledged fo Node2 <— G Same OS nddet and ansible: Saver fo ase Now we have +eyfro iMstact ary sobko are Siting sudo pesmissisn: ieee = ansible =e)| [Papen —«d) © 30@|[ansinie@ip—J B xumy jostall hited aa" = ou need te be woot useS te pestron His b aedBlransible@ ip—]_$ Sudo yum insta httpd 4 Instead hod T 2 a SHA) Se Gp Communication (SEH Connection eshablish’) £ Login ansible uses in aul Hrree mascvne 3 Login Ansiple Seer 4 j @asi-usev] 4 Su ansible _fansible@ip=)4 senp, oe tp-addx PEVMIBION dened x ar And do Some chang Q woot USeS . “aed Caosible@ iep—7 $ exit 104 0c Troot@ip - C2-usery gy; [ete] 88h] sshd — contig permit weotlegin yes F Passend acon can Ro== seo oko GG) = Restart —Seevtce Sghd 4 Fre chan. t de Ps done seo, indading sewer met So Tang blesesves 8 Space Sshd rSterst Tost Uses - wodet-root — Seaie sshd westast > Neder-woot — Sesvce sshd - westat ocr -USeX J) #, Su - ansible : ansible @ip— J # SSh_ (moder PINAR tpadd sess.) Caey from Aws COsdie Make Changes os (RAR Giles and Poder tm podet via Anable Sesves , Er) * you.made changes in Ansible Sewer YOu Can see 1) Meer: Follow same. io Ansible User Re Node 2, ible®i H_SSh_(noder ob chpy Fram Aws cansve address Make changes . and check in Nwbuses SSh~ keyged concept & pase ef Pub’ (Teast = Reaionthie nodal, 2 oat 7. Root J | | Pe ea (loser -p user Same ay aber Pub tL nad. his eae las cory oe es 0 exer gdh CAS® $000 Chrade B avalabh ond everyhime TS nop pessible to 1agin Vid pas oad Hab hy ssh-Keygen Concepis i leon 25#ePG) In anstble eee pode user t., Dede wsewr login as ansible cewvev 5 as_a ansible sewer. Noo go te ansible sewer and Kreale Keys Rin vs Command 4S ansible 4se8 Lansitie@ip—~] § Stherkeygso BShrakeqge _SSh -Keygen Eplet passphsase (omply Ry pe passehrase) + a Enter Same passphrase agains _{ oT < Tho koy Figerpint Ps 2 | aU SST ts gentle { ste Cansible@fo-9 jf is -% Pr ainiehia sa seca eine Shi B) [ansible O1P-~3$ Gassh, SRG Lansible ie — -ssh]gls 7 Sroka) [ansibe@ie_ «ssh F SSh-copy- 1d Ansve@ (hades private TP) fdassa id “Sa pub 1k 00 hoshs: aasible@ — % Rassend & Admin zl f laskHime asked Numbet sb Koy added 34 ste 36) Same aS above step Are node 2 Numbex Ob Key(s) added 2 4.ee = __F alt ansiblesetver] $ SSh Cnade2 Ippevde) , ewe nd need fo-add passooid ae se @ir (we _no need to add password right ROW _) 9A) Lonsble + ssh] $-cd [ansible sewes] ¢ ssh (nodes Fp pavate) = Gogess anSblenedea_and 2 witht Pasiond - Ppalern aebess fp asl Machine ina ieveotoy + lansbie alt > hnsi ble X geoup name > (OI nsible < 9vOUP name> = —]Kst+hosks isk-hostS = olist“hasts: soup Hare f2 2S 7 picks grouprame Col ~7 pick fisst machine eb grup. gouip hameCt] 7 pick Secnd Machine o4 group. gscoupryame f—41) 7 Picks att Machine eb group | qsnup name [ 2:4] 7 wicks fivst koe reaching in Hus group By“ S.and 6 machine 1D the gvavp + | Gscup sepabale by a Colenican be used 40. USE hasks fom multiple FSaPHS os = Walle, nich Gs Ths Ge have Kno 5 , SONGS last Use¥ check , Gest THRE thecKy 5 v ¥ we have fo Know how Many USES aye fi] z 3 Mutiple Uses are availableot [ew No. ) steA@3) [ansible Qie— ~] #- ansible all —list~ hosts hosks(2) * ae i, ress Check. i odd eeecleb t HOG many host & jp addvess neder _[ FRY. oo Sk [ansible@ ip—w 7 ansible demo = -list=hosts hosts (2 4 — 7 tr case ve have too {9501p Hun see toe To dhis command - steel) Pansible @ip-~v] F ansible clermoloJ ~-lish-hasks hosts C4) = ~1 $ ansible deme fort) —ANst-host cheer tag Leb@:fs Einished = check au C2 PS S&P oF pdtAd-hoc commands C Simple linux. Command. e41 L No fdemectency (means Repealation-€ oveide. (Temeceasy) Ad-hoc Nok KNOD because ob eel tHhak envicament so fd-hoc Tontpealed 4esk and oyenda Same GRY, Language Ploy book ~ GRACE MOL phan ome Module caued Play bak | module combinabion salt IModwe — Only Single Command Tun a do single Coa | | Sogie —] f=Medelet ~ jastau htted wi 7-9 modelo moduler = Stast hited | rad ates — webserver t powle YAML) Scneh for His module townad —1.@ playbook Teoh, Ey ‘oy PP ee SS see | Ad-hoc ComrpdindS ase Coramands: Which Can ke Bun, } 4 individually to PesFesm .@aick opesahon (function). These ad.choc Commands ate inob, used. for Configesation Monagernent and deeloyment ax ob one Hme Usage. because +h°S@ rsammands 4 The “ansible ad-hoc Commands: | uses the /US8/ IN| APsible command line tool to @Wabomak a Srge_task + ¢Stast Hreee Instances and ates these Instances Via euby mobaX heam . [ansible Sees. Masthine a Ansible Noded = maddve & ansible Node2 = machine 3 To ansible Sesves 1] 8 Sudo sa A eca-uses] # Sy = ansible < @eerand qe ansibe@ip—a] Sg ie ro SSS Sg — ee So Lansible@ie-~]¢ ansible démo -a &€ls > 3group ‘nade infosmalion shown hese, nodex = nodez = Loosible Oip-njFansble all =a epgrs # Qt gvouP and gtoup nodes Thfmation Shown here [onsble@ip-~15 anitle au aq *@ touch Wei s-used His command fort create Pilea one att node and grep, hy f do te sed fedtys Plea. MaaStepigd |S? eas “UE fe Cun TUO HGS Command One more fem pe ONE Changed means tis is PdempObency=] 4 we —=F © Lonsible@ie=-~ JF -onsible demo. sa! 1S-ai ? ei be «au detahs tau KiddenFile under al THA hidden G12 POABS eI Seen hase, [ansible @ie-~]} ansibe demo -a *€ Sudo yurn instal httpd =y 2 means [nsiall httpd Sesvet ost lava tne derno Gad there nedes verity 5/1 instatted oF not >» which gid . fog SME S/W om AU Nodes(group) % WT Tonsible@ie- 17 ansible demo. a §*Sudo yum score bids oer ansible demo ~ ba yum eemove hited J"? Vetby s/o remove oF mF y Onich BHEd Ansible ships Gith.q humbes o mrdales Clatved Cmadule libtary”) rat can be xrcuied dicey oP Pemole hosts EY tyrough* aul yous Nibsasy ob modales Con Seale on any maachines, and these-are na SeveSs daemons, os daterbase see. Where dosible modules are Stored 7 debault location Fee the Inveotosy file fs | Be /etel angi ble / host S (Minstau = _psesent {_uoinsta = absent [ oe ie (_ereale = rates + \ module g cote in KAmL SHOE! 4 au spn em ansiple ae ‘oc ane Cansible@ip—.~J $. ansible demo -b.-r_ yam ef pkg=htted | stale = esees a: sd name, josie Verity httpd Znsta or not ¢ UINch filled . Ip akwve Command run more wun MSgi already wu by ¥ = (green coeur = [Lonsible@ip-~3F ansible demo -b =m yam -a ce pkg = httpd “stale= Latest _>9 te Forupdate ekg Lansible@ fep-~J $ ansble demo —b -" yum -@ re pkg =hitpd stale = absent > sf : Ie fos PKG Move tha _g soup (nddes) fnstatl once again hHed.9W By wua 45F Command. Lansible@ie-~J#sude sewice bed Shabys 1 Check Seance Ts Start OHNO < [ansible @ip-~} § _ansiple clemo —b -M sontce a fe Names hhipd: Stale eistated 29 ehby § sude service hited “status 2 _ [ansible@ ip -~J$ ansible demo —b —m uses. -a ce names xyz °F Check to Node machine <_7 [Lensible ©1P— IF touch copytomarnee A are Tas [+ cevred Promsevey = —~ |pansiple @ie =) F ansible demo velneet [-1] b= Mey 4 ee #¢ Suc = copied from senvet Heshk.s simp ”* ; ee Powee filename Jessamine Tf evetbyes Cahsible @ ie - 73. F touch file 20-9 18'% filer a . Lansibie @1F-~ JF ansible demo -b —m copy -as ee secs Filet dest shire very E/eP vt pode. 5 LandbidBien] $ Snap eeS =m Sup, ie 2 aus, Fo abo Cansible Ousnik Tab dep ene ap ee =a Riera tipvats? ‘ Mi | Sor ip addeess Selaled ToAmalran rede,ee = — Playbeok in ansible ase corsHen in (yano forreah Tis human ‘seadable data. Serialization language rt fs commonly’ used Fee Conhiguvalion Files: os Playbook fs like a file where you ak codes. consists Ob Vass, tasks 5 Kandiexs, Files templabes and ol Each ploybook is composed one ov mose ¢ modules? in a_ Ifst Module fs a Collection eb confqutabion. Files, Playdooks ate clivided jote man} Secliam like - Tatget secon — Defines the host agains! @nch Playbooks ask has te be Rxeuled. Varrable SeHOR - DeGine vaviabeé “Ss 'TasksecHon = List ob au modules that we need to +749 4 in an orders. YAML Basics (Yet Anothey Mankap Language) a Fox ansible, neatly every YAML Filles Starrs Di @ Wish, Bach fiem jn the list fs @ list ob Gey value) Pats commonly cated @ Scena, All YAHL Files have to begin with 7 and end With tenes 99= pas — Tet > A (A EF Ob feats [Paene a) } An membass 6b @list hness must begin caith ame fdeniabion jevel Skasing with t__ > faults § = Mango = steacobewy =" Banaoa Guages: Witt de yptax t Names | Bhupnday job Playbook-Srel A dichonary Ps Aepresented 61a Gimple Key? Value fern seae fer eg, ———# Saas O customer customey ¢ name: Akash Joes Ptainee si ANGBe yo - Exp: years exreveion Sb Playbook File 7s ( a) y and Vale. Wore :- Theve howd Be Space geweersee] Login £C2 Eostance via Party [Mobaxteor . s#p@| Goto ansiblesewveé WF Sudo Sa ec2-usev ]# Su — ansible sH06) fansible@ie=~ 79 1s | Ren ROVE AH BF (PiTename) t Ph any File here << Now scale one playbook ster ansible@ip—~J4 vi tasget-yml E el press ?_and Ove straw Play book FS OS Undess —-— # My eirsst TesHing AML Playbook, —_hosts: demo Rr 960) = uses? angble Sepieeah ortega e sudo = becomes yes = tennecHon: Ssh = by deat = = gohbevPads? yes esc ac0q Sre@) Now, +0 exccule tnis Playbook — ; eRe [ansible Oi — ~9 F (ansible — playbook. Larger mr) conte! ep = __ Play = TASK Play RECAP== suo) peat ste) Now Ceeale one mose playbook I ancible Sewer |Lansible Ofp ~-oJ F 'vi) task-yool ——— FH Tasget and Task: playbook. — hosts). deeno. vuse’t ansible : became = Yes: ordi OAEHON; SSh HUSSEY aduath yds SPALTEPS = HOGS Trstaul bEted on Linux adion: yum nameshtipd shale=tnotaled Play (demo) me = Task [ Gabheang Facts\) ae '-* TASK L Bnstal HTTPD en Linux) play Reeap Cevera” = . + [ansitie uses vaable Onch ave debined Previously fe Sable more Hexibility fo playbooks end, voles - : They can be ust to loop Hough q sek ob g¥eP Yalects lactess Vamous Infgsmotmalion like the hosk Mame Ob 4 sysi and *place Cevtain Shangs fo tempraies colt Spedtic values | + [put vawanle Section anove task 40 that Oe clapne fk AFH ang ust The Playbook@e Now goto ansible SENET and Creale One Playbook y Tenable @ip] tM vorsgml =~ FH My vonagie playbook shosist demo Use 7 aosibye become: yes A = Connecon: SA Vors Pkgnam’ t hited tasks: name; install hited sewe? on Lnun adien: Yen AEME = fF ekgname™ s est 109) MOO @ease plo ybdok [ansible @ip]4 ansible= play Book ‘yrothondles $3 eracHy the same as a. task bak Th Will BUN. When leased by anothey task, or Handlets ase just like ~‘eqWav tusks in an ansible Playbook , lout ase Only TUN TE the “ask contains q ene olitecHve also indi caies Hal it changed semesning | xs Gate ansible seivet Consible @ie1$ Ni hondlets-yrol TTB Handles Playbook oo — hosts s demo Get: ansible Bprrone nh become! Hes Connecon : SSK : tasks: é 2 : ae meme: Tostat hHed Sesver E E acHon : jum nameshtipd Siale = installed, = nokby: restost preted Handless : = name ; Sestait HTTPD a Gcion; SeWe name> hited. stale >Slavted Tansivle@ie J ansible- playbook handlews-ymolCheck eoerhev phe playbook fs, fronatted coecoly 2 andble-Playiook —_hondlev-yrn|__= =cheels Baypsan command = Somdimes you cont to merck a tosh roulHple mes. Tp compaker pxrgram ming , Hs fs called loops Beading changing Svoctsnip 00%) " evitty the Fle Modwe-y Results Reaen Now 90 +0 ansible sewer Common ansibe loops Sevetal Files and jor atrsectoves and mepeding a polling Step UNKN Cesan T Jaops:3rql Lansble@ 10d > —-— #F pry tocps playbook shostsi demo uses: ansible - becomes yes Connedions SSh fosk: shame: ddd @ lish ob usmys user? Norm: “ESilemj}” Shales pseecnr with ems + — brash J agar == Kabir, = Rupa = payai — fescitr ss ogy —~fansible @ieJF ansible =playboek . loops-ymi —}ro vevhy 2° doside Node 7 3 Car Jee passed mad4 = |Wwheneves we have didbesen! dibbecent stenahor , ee pak (olidens | acorsling #3 the \Stenavo. When _staternent SomeHns you Dante skip a Paday Cenmand om 4 eettcatay node - f=] penian Fala PexeckO » oct 5] ieethat Limyiwhy Kes—siom cadens ——- # Condition playbook FEE Debian, = host : demd ABR EETS ae GSeTT ANGE Became? yes "Sux ConnecHon: 35h task ¢mo nome: instay apache on debian Family (oF SE Goramand MO pRgeH: Ya Install apa hen condi? ~ When: ansibleos—farnily = = *¢ Oebiao = name ; instau apache por wedbad Pans ly eat cammand: yun -¥ insta htted ay Nheny ans ble—0S-family => * RedHat ?? > Jena [rae o — tL | iL [ansible @iel F Ansipble- Playbook Condi Hon-yrl ST nwes SF “a yor Playborks . Ansible allows keeging sensife. data Buch as Passoords OS keys in encrypted tiles ¥athee than & Plaintex in cseaing a ‘new entypted “playbook Ansible-vault Cxeae vauit-ym! | Edit the encsypied playbook ensibe-Novlt edit vewtymi] ~ [ro change 4ho ea seword Onsible-vault _rekey Vawhyrol | Te encrypt an OrISHE] playsook nsible-vault encyet “tosges yr] |= 4 a apsble-vault decgypt _ Latget -yroj J To: On encrypted playbook fos cseabing vault File 4 angle Nault cwale age! yo] ; passeoord | check vault: yml —y WW vaulF got To see encrypted alta _wenserney [9 taste [ansible Oip ] 7 cd playbook Lansible @iP} 4 Tree Op + PP bes = soles Ly websewer Ly task, Lansible@ie Jt touch role /usbsesver | task/fraio-y im) ansible ©iP}$ touch rmaskev-yro) | run Free cammand tor [Londbe@iey 9 vi peles /websever] Easks | DaPyrol —hame: instal apache on RedHat <—! yarn: pkg=httpd state = iabest es sug 4 aro ipe@iejP vi maskvyml | Playbaak maskY == H mash ploybook fer wobservens = host: demo Uset> ansi bie became: yes Gmnechan > ShPage No. ate i = Wwebsewvers, ac 7 Fa, eit dd Considle @ ip - playbook 14 ansible-playbools _mates-yrn! Sle