Configuration Management [ Ansible ]

AGENDA
What is Ansible?

How Ansible Work?

Ansible Architecture

Setting up Master Slave Using Ansible

Ansible Playbook

Ansible Roles

Applying Configuration Using Ansible

 WHAT IS
ANSIBLE?

© Copyright. All Rights Reserved.

 WHAT IS ANSIBLE?

Ansible is an open-source configuration management tool

Used for configuration management

Can solve wide range of automation challenges

Written by Michael DeHaan
Named after a fictional communication device, first used by Ursula K.
LeGuin in her novel Rocannon’sWorld in 1966
In 2015 Red Hat acquired Ansible

© Copyright. All Rights Reserved.

 WHY
ANSIBLE?

© Copyright. All Rights Reserved.

 WHY ANSIBLE?

Google Trends Results for Ansible

© Copyright. All Rights Reserved.
 ADVANTAGE OF ANSIBLE

Easy to learn

Written in Python

Easy installation and configuration steps

No need to install ansible on slave

Highly scalable

© Copyright. All Rights Reserved.

 POPULARITY OF ANSIBLE

Apple NASA Intel

Percussion Cisco Twitter

© Copyright. All Rights Reserved.

 HOW DOES
ANSIBLE WORK?

© Copyright. All Rights Reserved.

 HOW DOES ANSIBLE WORK?

With the help of AnsiblePlaybooks,

which are written in a very simple language,YAML

Configuration Management

© Copyright. All Rights Reserved.

 PROBLEM STATEMENT

Say, Josh runs an enterprise, wants to install a new version of

Apache Tomcat in all the systems

Configuration Management
Josh

© Copyright. All Rights Reserved.

 PROBLEM STATEMENT-SOLUTION WITH ANSIBLE

Instead of going to each system, manually updating, Josh can use

Ansible to automate the installation using Ansible Playbooks

Configuration Management
Josh

YAML

Ansible Playbook

© Copyright. All Rights Reserved.

 ANSIBLE
ARCHITECTURE

© Copyright. All Rights Reserved.

 ANSIBLE ARCHITECTURE

Playbook
Inventories Modules

SSH
&
python

Master Ansible AutomationEngine

Hosts

Basic Ansible Architecture

© Copyright. All Rights Reserved.
 ANSIBLE ARCHITECTURE- MASTER

Playbook

• Describes the tasks to be executed

• Written in simple language
• Playbooks are likeinstruction
manuals

Master

© Copyright. All Rights Reserved.

 ANSIBLE ARCHITECTURE- INVENTORIES
Play

Playbook
Inventories Modules

• List of hosts
• Where playbooktasks
will be operated

Master Ansible AutomationEngine

© Copyright. All Rights Reserved.

 ANSIBLE ARCHITECTURE- MODULES
Play

Playbook
Inventories Modules

• Modules are liketools

• Can control system
resources, like
services, packagesetc.
• 500+ core modules
• Also allowscustom
Master Ansible AutomationEngine

© Copyright. All Rights Reserved.

 ANSIBLE ARCHITECTURE- HOSTS

Playbook
Inventories Modules

SSH
&
python

Master Ansible AutomationEngine

Hosts

© Copyright. All Rights Reserved.

 INSTALLING
ANSIBLE

© Copyright. All Rights Reserved.

 INSTALLING ANSIBLE

1 Install Ansibleon Master

2 Configure SSH access to Ansible Host

3 Setting up Ansible Host and testing connection

© Copyright. All Rights Reserved.

 CREATING
ANSIBLE PLAYBOOKS

© Copyright. All Rights Reserved.

 WHAT IS ANSIBLE PLAYBOOK?

An organized unit of scripts

Defines work for a server configuration
Written in YAML

Ansible Playbook

YAML Ain’t Markup Language

© Copyright. All Rights Reserved.

 ANSIBLE PLAYBOOK STRUCTURE
Play of plays
Playbook have number
Playbook
Play contains tasks
Tasks calls core or custom modules
Handler gets triggered from notify and

Play Play Play executed at the end only once.

Task Task Task Task

Ansible Playbook

Module Module Notify Handler

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

Say, we want to create a playbook with

two plays with following tasks

1 Execute a command in host1

Play1

2 Execute a script in host1

3 Execute a script in host2

Play2
4 Install nginx in host2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE
---

- hosts: host1 Say we want to create a playbook with

sudo: yes
name: Play 1
two plays with following tasks
tasks:
- name: Execute command ‘Date’
command: date
- name: Execute script on server
script: test_script.sh
1 Execute a command in host1

- hosts: host2
name: Play 2
sudo: yes
tasks:
2 Execute a script in host1
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest 3 Execute a script in host2

4 Install nginx in host2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

---

- hosts: host1
Start YAML file with
sudo: yes [---]
name: Play 1
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server
script: test_script.sh

- hosts: host2
name: Play 2
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

---

- hosts: host1
Start YAML file with
sudo: yes [---]
name: Play 1
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server
script: test_script.sh
[-] Indicates an item
- hosts: host2 in the list
name: Play 2
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

--- “hosts” can have one

- hosts: host1
host or group of hosts
sudo: yes from the inventory file
name: Play 1 /etc/ansible/hosts
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server
script: test_script.sh

- hosts: host2
name: Play 2
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

---
“hosts” can have one
- hosts: host1 host or group of hosts
sudo: yes from the inventory file
name: Play 1
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server Each play is like a dictionary
script: test_script.sh
and has
- hosts: host2 name, hosts, tasks.
name: Play 2 Order doesn’t matter
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

---
“hosts” can have one
- hosts: host1 host or group of hosts
sudo: yes from the inventory file
name: Play 1
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server Each play is like a dictionary
script: test_script.sh
and has
- hosts: host2 name, hosts, tasks.
name: Play 2 Order doesn’t matter
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest So the playbook is a list
of dictionaries
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE

---
Similarly tasks are nothing
- hosts: host1
but lists
sudo: yes
name: Play 1 Denoted by [-]
tasks:
- name: Execute command ‘Date’
Play 1

command: date
- name: Execute script on server
script: test_script.sh For tasks ordered
collection.
- hosts: host2
name: Play 2 Position of entry matters
sudo: yes
tasks:
- name: Execute script on server
script: test_script.sh
- name: Install nginx
apt: name=nginx state=latest First entry gets performed
first
Play 2

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE
Create first_playbook.ymlusing
sudo nano <playbookname>

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE
Create test_script.sh using
sudo nano <file_name>

© Copyright. All Rights Reserved.

 CREATING ANSIBLE PLAYBOOK-EXAMPLE
Syntax-check and execute ansible playbook using
ansible-playbook <playbook> --syntax-check and
ansible-playbook <playbook>

© Copyright. All Rights Reserved.

 ANSIBLE
ROLES

© Copyright. All Rights Reserved.

 WHAT IS ANSIBLE ROLES?

An ansible role is group of tasks, files, and handlers stored in a

standardized file structure.
Roles are small functionalities which can be used independently used
but only within playbook

Ansible Playbook Ansible Roles

Ansible playbook organizes tasks Ansible roles organizes playbooks

© Copyright. All Rights Reserved.

 WHY DO WE NEED ANSIBLE ROLES?

Roles simplifies writing complex playbooks

Roles allows you to reuse common configuration steps between

different types of servers

Roles are flexible and can be easily modified

© Copyright. All Rights Reserved.

 STRUCTURE OF ANSIBLE ROLE
Structure of an ansible role consists of below given
components

Defaults: Store data about the role, also store default variables.

Files: Store files that needs to be pushed to the remote machine.

Handlers: Tasks that get triggered from some actions.

Meta: Information about author, supported platforms and dependencies.

Structure of an Ansible Role

© Copyright. All Rights Reserved.

 STRUCTURE OF ANSIBLE ROLE
Structure of an ansible role consists of below given components:

Tasks: Contains the main list of tasks to be executed by the role

Templates: Contains templates which can be deployed via this role.

Handlers: Tasks that get triggered from some actions.

Vars: Stores variables with higher priority than default variables.

Difficult to override.
Structure of an AnsibleRole

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

1 Use the ansible-galaxy init <role name> --offline

command to create one Ansible role

Remember that Ansible roles should be written

inside /etc/ansible/roles/

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE
2 Install tree package using sudo apt install tree. Use tree
command to view structure of the role

Use tree <role name> to see the role structure

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE
Go inside task folder inside apache directory. Edit
3 main.yml using sudo nano main.yml. Make changes as
shown. Save and thenexit.

Keeping install,configure and service files separately

helps us reduce complexity.

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

4 Create install.yml, configure.yml andservice.yml to

include in the main.yml

To install apache2 inthe remote machine

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

4 Create install.yml, configure.yml andservice.yml to

include in the main.yml

To configure the apache2.conf file and to send

copy.html file to the remote machine. Add notify too,
based on which handlers willget triggered

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

4 Create install.yml, configure.yml andservice.yml to

include in the main.yml

To start apache2 service in the remote machine

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

5 Now go inside files. Store the files that needs to be

pushed to the remote machine

Copy the apache2.conf file and create one html file

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

6 Go inside handlers and add the action that needs to be

performed after notify from configure.yml is executed.

Once the notify gets executed restart the apache2

service

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE
Remember that notify name and handler name should
match.

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

7 Go inside meta and add information related to the role

Add author information, role descriptions, company

information etc.

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE
Structure of the role after adding all the required files

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

8 Go to the /etc/ansible/ and create one top level file

where we can add hosts and roles to be executed

Execute apache role on the hosts that is under the

group name servers, added in the inventory file
/etc/ansible/hosts

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE

9 Before we execute our top level yml file we will checkfor

syntax errors.

Use ansible-playbook <filename.yml> --syntax-check

© Copyright. All Rights Reserved.

 CREATING AN ANSIBLE ROLE
10 Execute the top level yml file

Use ansible-playbook <filename.yml>

© Copyright. All Rights Reserved.

 USING ROLES
IN PLAYBOOK

© Copyright. All Rights Reserved.

 USING ROLES IN PLAYBOOK
To use ansible roles along with other tasks in playbook
Use import_role and include_role.

Here we have created one playbook called

playbookrole.yml to execute on servers along with two
debug tasks before and after apache role.

© Copyright. All Rights Reserved.

 USING ROLES IN PLAYBOOK
Check for syntax error and execute the playbook with
roles.

© Copyright. All Rights Reserved.

© Copyright. All Rights Reserved.