Automating Server Setup with Ansible

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy.
It support configuration management with examples as below.
1.Configuration of servers
2.Application deployment
3.Continuous testing of already install application
4.Provisioning
5.Orchestration
6.Automation of tasks
Why Ansible?
1.It is a free open source application
2.Agent-less — No need for agent installation and management
3.Python/yaml based
4.Highly flexible and configuration management of systems.
5.Large number of ready to use modules for system management
6.Custom modules can be added if needed
7.Configuration roll-back in case of error
8.Simple and human readable
Ansible Architecture

IT Automation
There are many IT automation tools in market like: Ansible, Chef, Puppet, Jenkins, Saltstack etc.
Automation reduce cost as well as human manual efforts. Functionality of each automation tools is different . Each tool has its own advantage and disadvantage.
What is Ansible?
“Ansible is very simple IT automation engine that automates provisioning, configuration, application deployment, intra service orchestration, and many other IT needs.
It is widely used by system administrators,system engineers, application developers, database administrators and network admins.”
“Ansible is owned and administered by RedHat.”
Below URL’s explain about provisioning (server, user and network provisioning) and Orchestration.
There are two types of machine in Ansible architecture:-
1) Control Node
2) Manged Node/Client Node/Remote NodeControl Node is the machine which will act as a server and other machine will act as a client.
Requirement of Control Node:-
Ansible Package
Python version 2.6 or later
OpenSSH packageRequirement of Client Node/Remote Node/ Managed node:-
Python version 2.4 or later.
OpenSSH package
Feature of Ansible?
1. Open Source
2. It is written in Python so it is easy to read and extend.
3. Easy installation and configuration.
4. Highly scalable.( We can control 2 clients or 20000 clients so it is highly scalable)
5. Agent less client configuration.
Ansible is agent less means no agent needed like other application to establish connection between server and client
Components of Ansible? Programs:
1. ansible
2. ansible-doc
3. ansible-playbook
4. ansible-pull
Modules:
1.It perform configuration and system management. Ansible modules are written in python language.
2.Ansible ships with number of modules that can be executed directly on remote hosts or through playbooks.
3.There is a list of modules available on the ansible website:
Some common modules are given below:
copy, service, file, yum, apt-get, user, group, command, shell, ping, cron, unarchive, debug, get_url, fetch, firewalld, find, mount, mail, nmcli, stat, zypper etc.
Types of modules :
Each module got specific set of instructions to manage the service efficiently.
*copy module is used to copy any file/directory to clients from control server.
* yum and apt-get is used to Install, upgrade, downgrade, remove and lists packages.
* service module is used to start/stop any service.
* ping module is used to communicate to other machines.
* user module is used to create or delete users.
* group module is used to create of delete groups.
* shell module is used to run any command on Linux shell.
* command module is used to run any command on client machines.
* cron module is used to schedule any task on client machines.
* unarchive module is used to unarchive zipped content on client machines.
* get_url module is used to download any file from http/https/ftp to the remote servers.To check all the modules:
1.ansible-doc -l
2.To check how to use any module :ansible-doc modulename
example: ansible-doc yum
Inventory:
Ansible works against multiple systems in our infrastructure at the same time. It does this by selecting portions of systems listed in Ansible inventory, which defaults to being saved in the location /etc/ansible/hosts.
We can specify a different inventory file using the -i <path> option on the command line. Not only is this inventory configurable, but you can also use multiple inventory files at the same time and pull inventory from dynamic or cloud sources or different formats (YAML, ini, etc).
There are two types of inventory :
1. Static inventory
2. Dynamic inventory.
How to install Ansible?
- Download and install EPEL repo
We installed CentOS 7 machine and executed “yum install epel* -y” package. to install epel
“yum install epel* -y”EPEL stands for extra package for enterprise Linux.
2. yum install ansible-2* -y
To check Ansible application version:
ansible — versionTo see Python programming language version: python — version
To check all files which are generated through ansible package which we installed:
[root@Vineet ~]# rpm -qa | grep ansible ansible-2.3.1.0–1.el6.noarch
[root@Vineet ~]# rpm -ql ansible-2.3.1.0–1.el6.noarchIt will show us all files which are generated by ansible like — Ansible configuration file, inventory file and all modules and library.
Default location for host inventory:
/etc/ansible/hosts
How to setup Ansible environment?
1. Global file
2. Directory based config
3. User based config
4. ANSIBLE_CONFIG
1. System first check ANSIBLE_CONFIG value. If it not set then system check configuration file in your current directory. If there is no config file on current directory then system will read global file /etc/ansible/ansible.cfg.
2. If we want to force system to use ansible configuration file from any location then we can set it using :
ANSIBLE_CONFIG as below.
export ANSIBLE_CONFIG= file location[root@Vineet ~]# export ANSIBLE_CONFIG=/tmp/ansible.cfg
[root@Vineet ~]# ansible — version
Ansible 2.3.1.0
config file = /tmp/ansible.cfg
configured module search path = Default w/o overrides
python version = 2.6.6 (r266:84292, March 18 2018, 15:13:37) [GCC 4.4.7 20120313 (Red Hat
4.4.7–17)]
3.When user will log out then again we have to set ANSIBLE_CONFIG we can put it on .bash_profile so each time when user login it will be done automatically.
4. If we want to activate change which we did in .bash_profile then we can execute “source .bash_profile”
5.To unset ANSIBLE_CONFIG execute “unset ANSIBLE_CONFIG”
How to force system to use ansible configuration file from home directory for a particular user?
Ans: Keep Ansible configuration file in hidden format in that users home directory.

Static Inventory :
Create inventory (Define user, port number for particular group or server in inventory)
*We can give any name to inventory file. Inventory is the file which keeps server list of your environment.
Example:
vi myserverlist [localhost]
locathost ansible_connection=local[dev] node1.vineet.com node2.vineet.com node3.vineet.com[prod] node4 node2
192.68.122.4[mixed:children] dev
prod[webservers]
www[001:099].vineet.com:1234 ansible_connection=ssh ansible_user=vineet ansible_ssh_pass=redhat
ansible_host=192.168.122.2
To combine two groups we use :children suffix
We can define inventory file location in ansible configuration file or can use -i option with inventory file absolute path on Ad Hoc command
There are two default groups: all and upgrouped. All contain every host. ungrouped contains all hosts that do not have another group.
Dynamic Inventory-
While Ansible provides a basic text based system as described previously, it also has the ability to use dynamic inventory.
We can pull the inventories from a cloud provider(AWS, Rackspace, openstack etc), LDAP, cobbler etc.
Ansible tower also provides a database to store inventory results.
Run Ad Hoc commands with Ansible:
1.How to check all hosts or any group hosts or hosts which are not part of any group using ad hoc command.
ansible all — list-hostsAbove command will show all servers which are listed in inventory file. Above command will through error if inventory file location is not set in ansible configuration file. We can use -i option to define inventory file location as below.
ansible all — list-hosts -i /root/inventoryHere ansible is the binary/command (/usr/bin/ansible). all means all servers which are mentioned on inventory file. — list-hosts or — list-host option is used to check servers list from ansible inventory. -i option is used to define inventory on adhoc command.
ansible dev — list-hostsAbove command will show you servers which are available in dev group.ansible ungrouped –list-hosts Above command will show you all servers which are not part of any group in inventory file.
2.How to use ping module on ad hoc command.
“Ping (Packet internet gropher ) is a computer network administration software utility used to test the reachability of a host on an Internet Protocol (IP) network.”
example1. ansible all -m ping -i inventory
example2. ansible dev1.vineet.com -m ping -i inventory
example3. ansible dev -m ping -i inventory -o
In first example we used all means ping to all machine which are listed in inventory.
In second example we used dev1.vineet.com means it will check only this server in inventory and ping to only to dev1.vineet.com machine.
In Third example we used dev which is a group in our inventory file so it will ping to all machines which are listed in dev group in inventory file.
3.How to use command module.
“If we not mention any module on adhoc command then command module will be used by default. We can execute any Linux based command using command module.”
ansible all -m command -a id ansible all -a idansible node1 -a “/usr/sbin/reboot” ansible all -a “ls -l /home/vineet” ansible all -a “id” — become- user vineetansible node2 -a /sbin/reboot -u ram — become — ask-become pass

4.How to use copy module
“The `copy’ module copies a file from the local or remote machine to a location on the remote machine.”
ansible node1 -m copy -a “src=/tmp/test.txt dest=/tmp/test.txt”ansible node1 -m copy -a “src=/tmp/P1 dest=/tmp/P1 owner=root group=root mode=0600”ansible node1 -m copy -a “src=/tmp/P2 dest=/tmp/P2 owner=root group=root mode=u=rw,g=r,o=r”
5.How to use user module
“User module is used to create or delete users.”
To create user:
ansible node2 -m user -a “name=vineet.sharma” -sTo delete user:
ansible node2 -m user -a “name=vineet.sharma state=absent”To delete user with home directory:
ansible node2 -m user -a “name=vineet.sharma state=absent remove=yes”Create user with expiry date, shell and group:
ansible node2 -m user -a “name=vineet state=present shell=/sbin/nologin groups=vineet expires=2422403387”Add user in other groups:
ansible node2 -m user -a “name=vineet groups=root,alpha”
6.How to use setup module
“Setup module gather all system information. This module is automatically called by playbooks to gather useful variables about remote hosts that can be used in playbooks.”
ansible all -m setup
ansible all -m setup -a “filter *ipv4*7. How to use File module:
“Sets attributes of files, symlinks, and directories, or removes files/symlinks/directories.”
ansible all -m file -a “dest=/test mode=600”
ansible node2 -m file -a “name=/tmp/s2 state=directory” ansible node2 -m file -a “name=/tmp/s1 state=touch”8. How to use Yum module:
“Installs, upgrade, downgrades, removes, and lists packages and groups with the `yum’ package manager.”
ansible all -m yum -a“name=httpd state=present” ansible dev1 -m yum -a “name=httpd state=absent” ansible dev2 -m yum -a “name=httpd state=latest”
9. service module:
“Service module is used to start/stop services on remote hosts”
ansible all -m service -a “name=httpd state=restarted”
ansible all -m service -a “name=httpd state=reloaded”
ansible all -m service -a “name=httpd state=reloaded enabled=yes”
10. How to use fetch module:
“Fetch module is used to copy any file from remote machine to locally.”
ansible node1 -m fetch -a “src=/tmp/test dest=/root/test”11. How to use get_url module:
“get_url module is used to download any file from http/https/ftp to the remote servers.”
ansible node1 -m get_url -a
“url=https://static.pexels.com/photos/33109/fall-autumn-red-season.jpg dest=/tmp”12.How to use shell module:
“Shell module is used to run any Linux shell based command”
“ ansible node1 -m shell -a ; ls -ld /tmp;ls -ld /etc”Thanks