Module 19: What is Ansible ?

 What Is Ansible?

Ansible is an open source IT Configuration Management, Deployment & Orchestration tool. It aims to provide large productivity gains to a wide variety of automation challenges. This tool is very simple to use yet powerful enough to automate complex multi-tier IT application environments.

All we do is to open a file and start adding tasks.

A task could be Installing NGINX webserver, for example.

In Ansible, we name a task and write down the command we want it to execute.

A task can be part of bigger thing like bringing up our e-commerce website.

Other tasks like applying updates, adding our custom config file can also be added.

The bigger thing or a group of tasks is grouped in what we call a Playbook.

A Playbook is just a file where we tell Ansible the tasks we want it to execute in an orderly fashion.

Ansible doesn't depend on additional daemons, client or servers. 

The mechanics of Ansible

A Control node (that has Ansible installed) reads a Playbook file and executes the tasks listed in the playbook.

We also mention in the playbook the host or group of hosts where such tasks should be executed.

The inventory file is where we have a list of individual hosts.

We can group individual hosts into groups within the Inventory file.

In the example below, we execute ansible-playbook <playbook_name> command on Ansible control node (10.10.10.100).

It then reads a Playbook file that has 2 tasks.

Task1 is executed on DBServers group of hosts and Task2 on WebServers group:

Ansible Terms:

• Controller Machine: The machine where Ansible is installed, responsible for running the provisioning on the servers you are managing.
• Inventory: An initialization file that contains information about the servers you are managing.
• Playbook: The entry point for Ansible provisioning, where the automation is defined through tasks using YAML format.
• Task: A block that defines a single procedure to be executed, e.g. Install a package.
• Module: Ansible modules are discrete units of code which can be used from the command line or in a playbook task. 
• Role: A pre-defined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of a provisioning.
• Play: A provisioning executed from start to finish is called a play. In simple words, execution of a playbook is called a play.
• Facts: Global variables containing information about the system, like network interfaces or operating system.
• Handlers: Used to trigger service status changes, like restarting or stopping a service.

ANSIBLE ARCHITECTURE      

 

       

Ansible installation on linux AWS

Step1:

Launch Two (Amazon Linux 2) Aws instances(one will be the controller, the other will be the Target host)

Step 2:

On The Target host machines Set password Authentication:

Switch to root user

sudo su -

Then edit the sshd_config file to enable password authentication

vi /etc/ssh/sshd_config

look for the below line and change the entry from no to yes

PasswordAuthentication yes

#PermitEmptyPasswords no

#PasswordAuthentication no

Next Create a password for ec2-user

passwd ec2-user

#then enter the password twice and press enter(you can use admin123)

Note: The password will not show on the screen as u type it. Just type and press enter when u are done

Next Edit the sudoers file to enable ec2-user have full previledges

vi /etc/sudoers

Insert the below line in the editor and save

ec2-user ALL=NOPASSWD: ALL

Save ---> :wq!

Next restart the ssh service with below command

systemctl restart sshd

Step 3:On Ansible Controller machine Install Ansible

Switch to root

sudo su -

Install Ansible

sudo yum update -y

amazon-linux-extras install ansible2 -y

ansible --version 

Next edit the hosts file which will contain inventory of all ur target hosts and add ur target host ip

vi /etc/ansible/hosts

Uncomment [webservers] delete the entries under it and Add ip of Target host under it

Save then switch to ec2-user

su - ec2-user

Generate a keypair

ssh-keygen

#Press enter four times to generate ssh key to connect the hosts machine

Next send the public key of the Ansible Controller to the target machine by executing this command

ssh-copy-id -i ec2-user@ipofansiblehost

eg ssh-copy-id -i ec2-user@192.168.25.1

You will be prompted for password. Enter ur password: admin123

Now try and connect to the target host

ssh ec2-user@ipofansiblehost

eg ssh ec2-user@192.168.25.1

Then exit

exit

#check for remote connection to your hosts machine with below command

ansible -m ping webservers

#Ansible Module: A module is a command or set of similar Ansible commands meant to be executed on the client-side

#example of module command

ansible -m user -a "name=paul password=paul" webservers --become

#yum module

ansible -m yum -a "name=httpd state=present" webservers --become

Go to the node and check for the user paul with id paul command 

#Copy module

ansible -m copy -a "src=/tmp/date.txt dest=/tmp/date.txt" webservers --become

before you the above command make the file controller to enable it copy it to remote node

[ec2-user@ip-172-31-47-131] cd /tmp

[ec2-user@ip-172-31-47-131 tmp] touch date.txt

[ec2-user@ip-172-31-47-131 tmp] echo "This is devops class" >> date.txt

Let's use some playbook

sudo vi playbook.yml

Insert the below lines into the playbook

---

- hosts: webservers

  become: true

  become_user: root

  tasks:

  - name: Install httpd

    yum: name=httpd state=present

  - name: start httpd

    service: name=httpd state=started

Save with :wq!

#check for syntax errors with below command

ansible-playbook playbook.yml --syntax-check

#do a dry run with below command

ansible-playbook playbook.yml --check

#Run the playbook with the below command

ansible-playbook playbook.yml 

Now go to the target server and check if httpd is installed

systemctl status httpd

Lets try another playbook to install tomcat

sudo vi playbook02.yml

Paste the below lines into the editor and save

---

- hosts: webservers

  become: true

  become_user: root

  tasks:

  - name: Install tomcat

    yum: name=tomcat state=present

  - name: start tomcat

    service: name=tomcat state=started

  - name: Deploy war file

    get_url: url=https://tomcat.apache.org/tomcat-7.0-doc/appdev/sample/sample.war

             dest=/usr/share/tomcat/websapps

    notify: restart tomcat

  handlers:

  - name: restart tomcat

    service: name=tomcat state=restarted

#Now run the playbook

ansible-playbook playbook02.yml

Now check for tomcat on target node with ps -ef | grep tomcat