0% found this document useful (0 votes)
12 views36 pages

Ansible

Configuration management is a process that ensures computer systems and software maintain a consistent state over time. The document provides an overview of Ansible, an open-source IT automation engine that facilitates configuration management, provisioning, application deployment, and orchestration. It covers various aspects of Ansible, including its components, terminology, setup, and the use of playbooks and modules.

Uploaded by

David Singham
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
12 views36 pages

Ansible

Configuration management is a process that ensures computer systems and software maintain a consistent state over time. The document provides an overview of Ansible, an open-source IT automation engine that facilitates configuration management, provisioning, application deployment, and orchestration. It covers various aspects of Ansible, including its components, terminology, setup, and the use of playbooks and modules.

Uploaded by

David Singham
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

Configuration Management

Configuration management is a
process for maintaining computer
systems, servers, and software in a
desired, consistent state. It’s a way
to make sure that a system
performs as it’s expected to as
changes are made over time.
Why CM?
Configuration Management
Provisioning
Application Deployment
Orchestration
Uptime and Site Reliability
CM Tools
What do we cover
▪ Introduction
• What & Why Ansible
• How Ansible works
• Pre-requisites to start
▪ Prepare Ansible lab environment
• Ansible lab setup
• Install Ansible
• Setup managed nodes
What do we cover
▪ Ansible components
• Inventory
• Modules
• Playbooks
• Ansible configuration file
▪ Ansible playbooks
▪ Ansible syntax
▪ Write first ansible playbook
What do we cover
▪ Modules
• Yum
• File
• Copy

▪ Conditions
▪ When
▪ With_items
▪ Notify & handlers
What do we cover
▪ Ansible Variables
▪ Additional concepts
▪ Converting a shell script into a playbook
▪ Gather facts
▪ Error handling
▪ Tags
▪ Multitask Ansible Playbooks
▪ Install apache on Managed nodes
What do we cover
▪ Ansible Vault
• Ansible vault introduction
• Using vault with git
▪ Ansible Roles
• Roles introduction
• Converting a playbook into a role
• Push changes onto git
What is Ansible
Radically simple open-source IT automation engine.

Ansible Automates:
Configuration Management
Provisioning
Application Deployment
Orchestration
What do we cover
▪ Ansible Variables
▪ Ansible Vault
• Ansible vault introduction
• Using vault with git
▪ Additional concepts
▪ Converting a shell script into a playbook
▪ Gather facts
▪ Error handling
▪ Tags
Human readable Configuration Use OpenSSH
No special code skills App Deployment Secure
Tasks executed in order Provisioning
Orchestration
Efficient
Open Source
Flexible
How Ansible works

Node 1
Inventory

ssh

Control node Node 2


Playbooks

Modules
Node 3
Ansible Terminology
▪ Control node
▪ Any machine with Ansible installed.

▪ Managed nodes
▪ The network devices (servers) you manage with Ansible
▪ Inventory
▪ A list of managed nodes. An inventory file is also
sometimes called a “hostfile”.
Ansible Terminology
▪ Modules
▪ The units of code Ansible executes. Each module has a
particular functionality.
▪ Tasks
▪ The units of action in Ansible.
▪ Playbooks
▪ Ordered lists of tasks.
Ansible lab setup

RHEL Managed node

Control node Amazon Linux


(Amazon Linux) Managed node

Ubuntu Managed node


Setup Ansible control node

Control node
(Amazon Linux)
Prepare ansible server
1. Setup EC2 instance
2. Setup hostname
3. Create ansadmin user
4. Add user to sudoers file
5. Generate ssh keys
6. Enable password based login
7. Install ansible
Setup managed nodes

1. Setup EC2 instance


2. Setup hostname
3. Create ansadmin user
4. Add user to sudoers file
5. Enable password based login
Adding managed nodes to ansible

1. Add server to inventory file


2. Copy public ssh keys on to managed nodes
3. Do a ping test
Ansible Components
▪ /etc/ansible/ansible.cfg

▪ Inventory / Hosts

▪ Tasks

▪ Playbooks

▪ Modules
Ansible basics
▪ All ansible commands start with “ansible”

▪ Ansible default configuration file exists under /etc/ansible/ansible.cfg

▪ Default inventory file available under /etc/ansible/hosts

▪ Managed nodes information should be available in inventory file.


Setting up ansible environment

Control node (Amazon Linux) RHEL Managed node


Setting up ansible environment

RHEL Managed node

Control node Amazon Linux


(Amazon Linux) Managed node

Ubuntu Managed node


Ansible Ad-hoc commands
▪ Ping
▪ command
▪ Stat
▪ Yum
▪ User
▪ Setup
What is inventory
Ansible works against multiple managed nodes or “hosts” in your
infrastructure at the same time, using a list or group of lists know as
Inventory.

Inventory file is a collection of hosts(nodes) which are managed by ansible


control node.

Hosts information can be defined in following ways.

➢ Default Location: /etc/ansible/hosts

➢ Use -i option : ansible –i my_hosts

➢ Defined in ansible.cfg file


Install
Tomcat using
Playbook
Inventory:
a list of hosts or group of hosts
The default location for the host inventory file is /etc/ansible/hosts

The ansible* commands will use a different host inventory file when they are
used with the --inventory PATHNAME option, -i PATHNAME for short

https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#intro-
inventory
Ansible modules
A module is a reusable, standalone script that Ansible runs on your behalf, either locally or
remotely.

Modules interact with your local machine, an API, or a remote system to perform specific
tasks like
Creating users
Installing packages
Updating configurations
Spinning up instances Etc...

Modules are the programs that perform the actual work of the tasks of a play

Ansible ships with thousands of modules.


Ansible playbook
▪ A playbook is a text file written in YAML (YAML Ain’t Markup create_user.yml
Language) format, and is normally saved as .yml. ---
- hosts: all
▪ The playbook begins with a line consisting of three dashes (---) become: true
as a start of document marker. tasks:
- user: name=john
▪ An item in a YAML list starts with a single dash followed by a
space.

▪ hosts and tasks are mandatory items in a playbook

▪ The playbook primarily uses indentation with space characters


to indicate the structure of its data

▪ Modules are used to perform tasks ansible all –m user –a “name=john” –b

▪ Commant start with #


Modules:
Modules are the programs that perform the actual work of the tasks of a play

Core modules are the modules that come bundled with Ansible, There are
over 400 core modules.

tasks:
The goal of a play is to map a group of hosts to some well defined roles,
represented by things ansible calls tasks. At a basic level, a task is nothing more
than a call to an ansible module
What do we cover
▪ Ansible Variables
▪ Ansible Vault
• Ansible vault introduction
• Using vault with git
▪ Additional concepts
▪ Converting a shell script into a playbook
▪ Gather facts
▪ Error handling
▪ Tags
Ansible Variables

▪ Define with in the playbook

▪ Passing from external files

▪ Passing from hosts inventory

▪ Passing while running playbook

▪ Using group_vars or hosts_vars and so on..


Ansible Vault
Ansible Vault
Ansible Vault is a feature of ansible that allows you to keep sensitive data such
as passwords or keys in encrypted files, rather than as plaintext in playbooks or
roles.

▪ create : to create ansible vault file in the encrypted format


▪ view: to view data of encrypted file
▪ edit: to edit encrypted file
▪ encrypt : to encrypt an unencrypted file
▪ decrypt: to decrypt an encrypted file

▪ --ask-vault-pass : to provide password while running playbook


▪ --vault-password-file : to pass a vault password through a file.

You might also like