Ansible 101 Getting Started
Ansible is an agentless automation that automates deployment, configuration management (maintain infrastructure consistency) and orchestration (execution of multiple applications in order). Ansible gains it’s popularity due to it’s simplicity for being agentless, efficient, requires no additional software installed on target machine, use the simple YAML and complete with reporting.
Ansible architecture is very simple. It requires Ansible Server basically a node (laptop, PC or server) where Ansible is installed with the module of configuration files called playbook and inventory of target servers called hosts. Playbook consists of Roles, and Roles consists of Tasks. Task is an individual command in Ansible. By using inventory we group the nodes by using labels.
Ansible Server and the node talks by using passwordless SSH.
Flow of working with Ansible:
- Create playbook and inventory in local machine
- Create SSH to the target nodes
- Ansible Server gathers the facts of the target nodes to get the indication of the target nodes
- Playbook are sent to nodes
- Playbook are executed in the nodes
Important Terms
Ansible server: The machine where Ansible is installed and from which all tasks and playbooks will be ran
Module: Basically, a module is a command or set of similar commands meant to be executed on the client-side
Task: A task is a section that consists of a single procedure to be completed
Role: A way of organizing tasks and related files to be later called in a playbook
Fact: Information fetched from the client system from the global variables with the gather-facts operation
Inventory: File containing data about the ansible client servers. Defined in later examples as hosts file
Play: Execution of a playbook
Handler: Task which is called only if a notifier is present
Notifier: Section attributed to a task which calls a handler if the output is changed
Tag: Name set to a task which can be used later on to issue just that specific task or group of tasks.
STEP 1 — Setup Ansible Server
Below is the installation for ubuntu
$ sudo apt-get update
$ sudo apt-get -y install software-properties-common
$ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt-get update
$ sudo apt-get install -y ansibleSTEP 2— Setup SSH Connection to Target Server
Make sure you can ssh to server with certificate and can ssh successfully
ssh -i /root/.ssh/your.key -t root@yourserver 'sudo mkdir -p /root/.ssh'
scp -i /root/.ssh/your.key /root/.ssh/id_rsa.pub root@yourserver:/root/.ssh/id_rsa.pub
ssh -i /root/.ssh/your.key -t root@yourserver 'cat /root/.ssh/id_rsa.pub | sudo tee -a /root/.ssh/authorized_keys ;echo "PermitRootLogin yes" | sudo tee -a /etc/ssh/sshd_config'
ssh-keyscan yourserver | sudo tee -a /root/.ssh/known_hostsSTEP 3-Create your first Ansible Playbook
Playbooks are text files written in YAML format and therefore need:
- to start with three dashes (
---) - proper indentation using spaces and not tabs!
In this example we are going to automate the simple command in CentOS:
yum install java-1.8.0-openjdk
Create file jdk.yml with the following content:
---
- name: JDK installed
hosts: node1
become: yes
tasks:
- name: JDK version 8installed
yum:
name: java-1.8.0-openjdk
state: latest
STEP 4-Edit hosts file
Edit hosts file on /etc/ansible/hosts and add your target server
node1
[webservers]
foo.example.com
bar.example.com
[dbservers]
one.example.com
two.example.com
three.example.comSTEP 5-Testing and Running Playbook
$ ansible-playbook --syntax-check jdk.yml
$ ansible-playbook jdk.yml
$ ansible node1 -m command -a 'java -version'Tips
You obviously need to use privilege escalation to install a package or run any other task that requires root permissions. This is done in the Playbook by become: yes.