Ansible is a configuration management and provisioning tool, similar to Chef, Puppet or Salt.
Here I'll show how easy it is to get started with Anible. We'll start basic and then add in more features as we improve upon our configurations.
needed Tasks executed in order Get productive quickly Application Deployment Continuous Delivery Beyond just Servers Orchestrate the App lifecycle Agentless architecture Uses OpenSSH and WinRM No exploits or updates More efficient and secure
from any machine with Python 2.6 or 2.7 1 Linux/Unix SSH 1.1 Python 2.4 or later 1.2 1.2.1 If running less than Python 2.5 on the remotes nodes, package "python- simplejson" is required. Note: RHEL 5.x has Python 2.4 only. 2 Windows (Ansible 1.7+) - enable and configure PowerShell remoting 3.0+ (WinRM)
NAMES ONE LINE PER HOST FILES ARE ORGANIZED AS HOSTS AND GROUPS A SET OF HOSTS CAN BE UNDER A GROUP NAME A HOST CAN BE IN MORE THAN ONE GROUP DYNAMIC INVENTORY TO PULL FILES FROM DYNAMIC SOURCES AND CLOUDS
SYSTEM COMMANDS, ETC. MODULE CAN BE EXECUTED DIRECTLY IN CLI OR THROUGH PLAYBOOKS LANGUAGE INDEPENDENT - RETURN JSON FORMAT DATA IDEMPOTENT - AVOIDS CHANGE TO SYSTEM UNLESS NEEDED
category and provide us the options to choose from while running system commands or scripts: Raw - Do not require Python on target/managed host Command - Most recommended module for executing commands on target nodes Shell - Runs the command through the '/ bin/sh ' shell on the target host. It is less secure than a command module (can be affected by a shell environment) Script - copy and execute a script in one step on remote host
configuration file. Ansible will select its configuration file from one of several possible locations on the control node, the file precedence is: Some configuration settings are: inventory - Change the location of the inventory file become - Enables or disables privilege escalation for operations on managed hosts. become_user - The user account to escalate privileges to on managed hosts. become_method - Defines the privilege escalation method on managed hosts Note: You can find many more options on /etc/ansible/ansible.cfg * ANSIBLE_CONFIG (an environment variable) * ansible.cfg (in the current directory) * .ansible.cfg (in the home directory) * /etc/ansible/ansible.cfg
to blueprint the infrastructure. Playbooks are expressed in YAML format and have a minimum of syntax, which intentionally tries to not be a programming language or script, but rather a model of a configuration or a process.
values for a given environment in yourAnsible project. Some examples of values that variables might contain include 1 Users to create 2 Packages to install 3 Services to restart 4 Files to remove 5 Archives to retrieve from the Internet
discovered by Ansible from a managed host. - Facts are pulled by the setup module and contain useful information stored into variables that administrators can reuse. - Fact variables can be used as part of playbooks, in conditionals, loops, or any other dynamic statement that depends on a value for a managed host. - We can also create custom facts and push them to a managed node. Displaying facts from a hosts: ansible codestar.ansible.com -m setup
tasks, handlers, and variables from external files. Static files and templates can also be associated and referenced by a role. Roles can be written so they are general purpose and can be reused. 1 Roles group content, allowing easy sharing of code with others 2 Roles can be written that define the essential elements of a system type: web server, database server, git repository, or other purpose 3 Roles make larger projects more manageable 4 Roles can be developed in parallel by different administrators
el The ansible-galaxy command line tool can be used to search for, display information about, install, list, remove, or initialize roles. Identifying and installing roles
a new encrypted data file, run the following command: Similarly we can use edit, encrypt, decrypt and rekey, for more details on how to work with vault files, please check manual page: $ ansible-vault create secret.yml $ man ansible-vault
handy
rayuron
knih
kakehashi
miu_crescent
shintaro_fukatsu
syoshie
murashotaro
yhana
yoshikiiida
shin1x1
risatube
jacobian
keathley
bkeepers
jnunemaker
addyosmani
marcduiker
lynnandtonic
afnizarnur
rmw
paulrobertlloyd
maggiecrowley
kevinliebholz
![AUTOMATING VIA ANSIBLE OMPRAGASH VISWANATHAN [email protected] Freenode IRC: ompragash COMPLETE](https://files.speakerdeck.com/presentations/954c03dbd16b4d22ab475f1f39908596/slide_0.jpg){kind=link}
