Introduction to Ansible

Transcript

1. Introduction to Ansible Krishantha Dinesh Msc, MIEEE, MBCS Software Architect

   www.krishantha.com www.youtube.com/krish @krishantha

2. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Configuration management • Manage

   software on top of hardware • Maintain consistency based on functionality and design • It is systems engineering process for establishing and maintaining consistency of a product's performance

3. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Why Configuration Management •

   Make consistency • Maintain integrity • No need separate log in / execution on each server • Centralize control / management • Scaling made easy • No time to deploy or configure after successful build • Rolling back is easy

4. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ What is ansible •

   Ansible is an open-source software provisioning, configuration management, and application-deployment tool. • It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. • Its pushed based configuration management tool

5. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Why ansible • Free.

   Ansible is an open-source tool. • Very simple to set up and use. No special coding skills are necessary to use Ansible’s playbooks • Powerful. Ansible lets you model even highly complex IT workflows. • Flexible. You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs. • Agentless. You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure. • Efficient. Because you don’t need to install any extra software, there’s more room for application resources on your server.

6. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Ansible Architecture • Modules

   • Modules are like small programs that Ansible pushes out from a control machine to all the nodes / remote hosts. • The modules are executed using playbooks. • They control things such as services, packages and files. Ansible executes all the modules for installing updates or whatever the required task is, and then removes them when finished. • Ansible provides 400+ modules for common tasks

7. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ • Plugins • As

   many other tools and platforms, plugins are extra pieces of code that augment functionality. • Ansible comes with a number of its own plugins. • we can write your own as well.

8. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ • Inventory • All

   the machines you’re using with Ansible (the control machine plus nodes) are listed in a single simple file, with their IP addresses, names etc. • Once you list the inventory, you can assign variables to any of the hosts using a simple text file.

9. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ • Playbook • Ansible

   playbooks are like instruction manuals for tasks. • They are simple files written in YAML. (human-readable data serialization language). • Playbooks are really at the heart of what makes Ansible so popular because they describe the tasks to be done easily and without the need for the user to know or remember any special syntax. Not only can they declare configurations, but they can orchestrate the steps of any manually ordered task, and can execute tasks at the same time or at different times. • Each playbook is composed of one or multiple plays, and the goal of a play is to map a group of hosts to well- defined roles, represented by tasks.

10. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Ansible Tower • Ansible

    Tower is Red Hat’s commercial web-based solution for managing Ansible. • Its best-known feature is an easy-to-use UI for managing configurations and deployments, • Ansible Tower contains the most important features of Ansible, especially those that are easier to see in a graphical format rather than a text-based format.

11. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Practical example Ansible installed

    EC2 Manager EC2 node1 10.0.81.10 EC2 node2 10.0.81.11 EC2 node1 10.0.81.12

12. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Generate ssh key at

    Manager EC2 ssh-keygen

13. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Copy public key to

    remote (to node 1-2-3) • cat ~/.ssh/id_rsa.pub |ssh -i kkey.pem [email protected] "cat - >> ~/.ssh/authorized_keys” • Repeat above step to all 3 nodes

14. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Install ansible on Manager

    OR OR in ubuntu

15. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Every steps here onward

    to be execute on Manager (ansible installed instance)

16. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Basic config • Ansible

    by default install basic configs at /etc/ansible • Good practice is copy that and work on copy

17. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Configure hostfile • Since

    we have taken a copy we need to configure which host file to be used • Update ansible.cfg as follows

18. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Update hosts

19. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Verify [ad-hoc command] •

    Now we can verify that ansible can use all hosts or not

20. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Some more ad-hoc command

    • Add-hoc commands are the command can use directly on terminal without configure • -m à shell module • -a à argument

21. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/

22. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Failed – need sudo

    access

23. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ -b sudo access –K

    ask sudu password

24. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Verify user With ansible

    Without ansible

25. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Roles • Ansible will

    execute roles on target machines • Palybook can determine which role to which target machine • Role is directory under roles and need other directory call task and inside main.yml

26. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Install a package •

    nmap is not installed

27. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Create main.yml

28. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Create playbook

29. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ EXECUTE

30. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ verify nmap installed

31. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Configure additional packages

32. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Additional packages

33. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Variable substitution • Ansible

    can replace values with variable. • Lets see how we can use one install option and provide packages

34. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/

35. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Copy files • Create

    sample file at /home/ec2-user/data.txt vim roles/setup/tasks/main.yml

36. * http://www.krishantha.com * https://www.youtube.com/krish * https://www.linkedin.com/in/krish-din/ Execute and verify