Ansible

What is Ansible?

Ansible is an open source IT configuration management (CM) and automation platform, provided by Red Hat. It uses human-readable YAML templates so that users can program repetitive tasks to occur automatically, without learning an advanced language.  Ansible can be used to provision the underlying infrastructure of your environment, virtualized hosts and hypervisors, network devices, and bare metal servers. It can also install services, add compute hosts, and provision resources, services, and applications inside of your cloud. 

Ansible Architecture

Ansible is a simple but powerful configuration management and orchestration tool. Ansible is mainly used for the automation of cross-platform computer support tasks. It is fundamentally intended for IT professionals, who use it for configuration management, cloud provisioning, application deployment, intra-service orchestration, updates on workstations and servers, and nearly for anything a systems administrator does on a day-to-day basis. Ansible doesn’t depend on agent software and, most importantly, no additional custom security infrastructure, so this makes it easy to deploy. It uses a straightforward language (YAML, in the form of Ansible Playbooks) that allows people to use it to describe automation jobs, and this way, it’s easy to use.

Why Ansible and how it works?

Ansible does not just automate but also simplifies the repetitive, complex, and strenuous tasks that bring substantial time savings and increases overall productivity. As we already know, Ansible helps us to automate server and cloud provisioning, configuration management, and application deployment.

Ansible works by connecting to your server with SSH and thereby pushing out small programs, known as ‘Ansible modules’ to it. Ansible’s most powerful feature of creating playbooks, a small piece of YAML code, is used to automate almost anything related to your IT requirements.

Ansible advantages

The five advantages that make Ansible a favorite automation tool.

  1. It is agentless – No need to install additional software on your server nodes to manage Ansible.
  2. Declarative and not procedural – You as a master specify and write a description of the final desired state of the machine, and it takes all the essential steps to fulfill that description.
  3. Playbooks are easy to read and edit – The Playbooks 0are written in simple YAML, and easy to setup.
  4. Automatic step-by-step reporting – Ansible encourages administrators to name every task in the provisioning script, and it automatically reports whether or not that task succeeded or failed and shows error messages if any. All color-coded.
  5. IaC – infrastructure defined as, and described through code in Ansible. It eases the process of continuous integration and continuous deployment techniques by reducing the elements of human errors.

Main Features of Ansible

Configuration management:

Building and maintaining large-scale modern IT systems involves a lot of elements that should be taken care of and can be a resource-intensive effort, and this is more prone to increased risk due to manual errors. Configuration and resource management is an automated method of maintaining computer systems and software in a desired, known, and consistent state. Configuration management suggests and ensures the configuration of servers, system resources, computer systems, and other IT assets are known, good, and in a trusted condition. It is sometimes also referred to as IT automation. These days, every company is meant to use technology to automate their processes, networks, data centers, operating systems, configuration files, etc., and this is highly needed to engage a highly trusted technology tool to automate all these. To reduce cybersecurity risk and improve operations, many businesses employ a configuration management database (CMDB), configuration management strategy plan, and a configuration manager and a solid tool like Ansible to ensure successful configuration management.

Ansible Playbooks samples:

The real strength of Ansible is ‘Playbooks.’ A playbook works like a straightforward recipe or an instructions manual that instructs Ansible what to do and how to execute things. Playbooks are written in simple YAML. In simple terms, an Ansible playbook is an organized and systematic unit of scripts which defines work for a server configuration executed by the automation tool Ansible. An Ansible playbook will have one or many plays, and each defines the work that should be done as suggested for a configuration on a managed server. An administrator creates every play in Ansible with environment-specific elements and parameters for the target machines. Infrastructure-as-code has been considered as one of the DevOps best practices, and Ansible makes it possible by helping people automate IT-related tasks. Ansible also provides even more advanced management flows, such as roles, which are useful for organizing playbooks and a further level of abstraction.

Ansible environment is complex, and headed to hybrid, if it isn’t already. But when you look at the wide variety of DevOps tooling available and the tools currently being used by your systems administration, development, and network teams, how can you start to change the way your teams interact across the whole system?

The answer? You need a tool that can act as the glue layer automating across services and applications no matter where they are. Once one person on your team learns how to do something, they can capture their solution in an Ansible Playbook and enable everyone to use it.

Ansible automates across:

DEVELOPMENT

Issue Tracking / Service Mgmt:

  • JIRA
  • Chocolatey
  • ServiceNow
  • and more…

Devel Environment:

  • Vagrant
  • and more…

Source Control Mgmt:

  • GitHub
  • Atlassian Bitbucket Pipelines
  • Gitlabs
  • BZR
  • Mercurial
  • Subversion
  • and more

TESTING / INTEGRATION

Test:

  • Selenium
  • Cucumber
  • and more

Build and Artifact Mgmt:

  • Nexus
  • Maven
  • and more

CI/CD:

  • Jenkins
  • Bamboo
  • Travis CI and more

DEPLOYMENT

  • Cloud Providers
  • Containers
  • Systems
  • Virtualization and more

MONITORING / ANALYTICS / CHATOPS

Monitor:

  • AppDynamics
  • InfluxData
  • New Relic
  • Sensu
  • Nagios
  • BigPanda
  • DataDog
  • Dynatrace
  • and more

Analytics:

  • Splunk
  • and more

Chat:

  • Slack
  • HipChat
  • IRC
  • Twilio
  • and more

Ad-hoc Commands

  • An Ad-Hoc command is a one-liner ansible command that performs one task on the target host(s)/group(s).
  • Unlike playbooks — which consist of collections of tasks that can be reused — ad hoc commands are tasks that you don’t perform frequently, such as restarting a service or retrieving information about the remote systems that Ansible manages.
  • This command will only have two parameters,
    the group / target of a host that you want to perform the task and
    the Ansible module to run.

Modules: These are small programs that do some work on the server. They are the main building blocks of Ansible and are basically reusable scripts that are used by Ansible Ad-hoc and playbooks. Ansible comes with a number of reusable modules.

  • The basic syntax of an Ad-hoc command is

$ ansible [ -i inventory_file ] server1:server2:Group1:Group2 -m [-a arguments]

  • To list all available modules: $ ansible-doc -l

Testing Connection to Ansible Hosts

The following command will test connectivity between your Ansible control node and all your Ansible hosts. This command uses the current system user and its corresponding SSH key as the remote login, and includes the -m option, which tells Ansible to run the ping module. It also features the -i flag, which tells Ansible to ping the hosts listed in the specified inventory file

$ ansible all -i inventory -m ping

  • If this is the first time you’re connecting to these servers via SSH, you’ll be asked to confirm the authenticity of the hosts you’re connecting to via Ansible. When prompted, type yes and then hit ENTER to confirm.

You should get output similar to this:

 Output
 server1 | SUCCESS => {
   "changed": false,
    "ping": "pong"
  }
 server2 | SUCCESS => {
   "changed": false,
    "ping": "pong"
  }
  • Once you get a “pong” reply back from a host, it means the connection is live and you’re ready to run Ansible commands on that server.

Adjusting Connection Options

By default, Ansible tries to connect to the nodes as a remote user with the same name as your current system user, using its corresponding SSH keypair.

To connect as a different remote user, append the command with the -u flag and the name of the intended user:

$ ansible all -i inventory -m ping -u sammy

  • If you’re using a custom SSH key to connect to the remote servers, you can provide it at execution time with the –private-key option:

$ ansible all -i inventory -m ping –private-key=~/.ssh/custom_id

  • Once you’re able to connect using the appropriate options, you can adjust your inventory file to automatically set your remote user and private key, in case they are different from the default values assigned by Ansible. Then, you won’t need to provide those parameters in the command line.

The following example inventory file sets up the ansible_user variable only for the server1 server:

~/ansible/inventory
 server1 ansible_host=203.0.113.111 ansible_user=sammy
 server2 ansible_host=203.0.113.112
  • Ansible will now use sammy as the default remote user when connecting to the server1 server.
  • To set up a custom SSH key, include the ansible_ssh_private_key_file variable as follows:

~/ansible/inventory
server1 ansible_host=203.0.113.111 ansible_ssh_private_key_file=/home/sammy/.ssh/custom_id
server2 ansible_host=203.0.113.112
  • In both cases, we have set up custom values only for server1. If you want to use the same settings for multiple servers, you can use a child group for that:

~/ansible/inventory
[group_a]
203.0.113.111
203.0.113.112

[group_b]
203.0.113.113

[group_a:vars]
ansible_user=sammy
ansible_ssh_private_key_file=/home/sammy/.ssh/custom_id

ansible_user=sammy ansible_ssh_private_key_file=/home/sammy/.ssh/custom_id
  • This example configuration will assign a custom user and SSH key only for connecting to the servers listed in group_a.

Defining Targets for Command Execution

  • When running ad hoc commands with Ansible, you can target individual hosts, as well as any combination of groups, hosts and subgroups. For instance, this is how you would check connectivity for every host in a group named db:$ ansible db -i inventory -m ping
  • You can also specify multiple hosts and groups by separating them with colons:$ ansible server1:server2:dbservers [-i inventory] -m ping
  • To include an exception in a pattern, use an exclamation mark, prefixed by the escape character , as follows. This command will run on all servers from group1, except server2:$ ansible group1:!server2 -i inventory -m ping
  • In case you’d like to run a command only on servers that are part of both group1 and group2, for instance, you should use & instead. Don’t forget to prefix it with a \ escape character:$ ansible group1:&group2 -i inventory -m ping

Sample of Ansible playbook

  • hosts: localhost
    become: yes
    tasks:
  • name: Install Git
    yum: name=git state=present
  • name: git clone
    git:
    repo: ‘https://github.com/devopstrainingbanglore/gradle-web-app.git’
    dest: /home/ansible/gradle-web-app

#This playbbok will install HTTP server and start the server.
  • hosts: all become: true tasks:
    • name: Install Apache HTTP server
      yum: name=httpd update_cache=yes state=latest
    • name: Start HTTP Server
      service: name=httpd enabled=yes state=started
    • name: Insert Index Page
      template:
      src: index.html
      dest: /var/www/html/index.html

Ansible is the simplest solution for configuration management available. It’s designed to be minimal in nature, consistent, secure and highly reliable, with an extremely low learning curve for administrators, developers and IT managers. Ansible configurations are simple data descriptions of your infrastructure (both human-readable and machine-parsable) – ensuring everyone on your team will be able to understand the meaning of each configuration task. New team members will be able to quickly dive in and make an impact. Existing team members can get work done faster – freeing up cycles to attend to more critical and strategic work instead of configuration management.

Ansible requires nothing more than a password or SSH key in order to start managing systems and can start managing them without installing any agent software, avoiding the problem of “managing the management” common in many automation systems. There’s no more wondering why configuration management daemons are down, when to upgrade management agents, or when to patch security vulnerabilities in those agents.

—————————————————————————————————————————————————————————————————————————————-

When you’re free to be yourself, the right people will take notice of you. Let’s take a stand for genuineness. Be Warned of Scam: Please do not use Chattme.com to spam people, soliciting money or business or defraud people. We do allow accounts created to or that impersonate another person or entity, you have to be yourself. Double Accounts: Do not create multiple accounts on Chattme.com, unless permission has been granted by our customer support staff. Including fake pictures in our platform, do not attempt to use an account that isn’t yours. Be Real when using your chattme.com profile, All of the information in your profile should be truthful and about you only.
Never attempt to mask characters, content, or game the system to get around our rules for content.
Profile Image; All your profile images should be focused on you, with your face clearly visible. We may remove images if your face is not clear or overly obscured. and also we do not allow nude profile pictures

Follow by Email
LinkedIn
Share
WhatsApp

New Report

Close