Open main menu

CDOT Wiki β

Changes

OPS435 Ansible

7,304 bytes added, 01:08, 26 November 2018
Created page with "Category:OPS435Category:rchanCategory:OPS435 Lab = Overview = == Introduction to Ansible == Ansible is an IT automation engine that automates cloud provisioning, c..."
[[Category:OPS435]][[Category:rchan]][[Category:OPS435 Lab]]
= Overview =
== Introduction to Ansible ==
Ansible is an IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
Ansible was designed for multi-tier deployments since day one, and models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time.

Ansible uses no agents and no additional custom security infrastructure, and it uses a very simple language called "YAML", to compose an Ansible Playbook which allow you to describe your automation jobs in a very simple way.

For more detail information about ansible, check out the ansible web site at [http://www.ansible.com. www.ansible.com]

In this introduction, we explore the main components of the Ansible configuration management system and its operating environment. we also study a simple playbook for managing the configuration of a CentOS 7.x VM. For more detail information about ansible, check out the ansible web site at [https://www.ansible.com. https://www.ansible.com]

== Key Concepts when using Ansible==
* YAML - a human-readable data serialization language & is commonly used for configuration files. To know more, your can check out the [https://en.wikipedia.org/wiki/YAML wikipedia page here]
* Control machine - (Management node)
* Remote machine - (managed node)
playbook - contains one or multiple plays, each of which define the work to be done for a configuration on a managed server. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines; there are no standard plays.
* Inventory file - defines the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate.
* Hosts file - contains information about machines to be managed
* Ad hoc commands
** <u><b>shell commands</b></u>
** ansible 192.168.99.153 -a 'date'
** ansible 192.168.99.153 -a 'df'
** ansible 192.168.99.153 -a 'iptables -L -n -v' -u root
** <u><b>copy module</b></u>
** ansible 192.169.99.153 -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
** <u><b>Package management</b></u>
** ansible 192.168.99.153 -m yum -a "name=epel-release status=latest"

== Sample runs for some of the Ad hoc commands ==
<pre>
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m copy -a "src=/home/rchan/ops435/ansible/ansible.txt dest=/tmp/ansible.txt"
192.168.99.153 | SUCCESS => {
"changed": true,
"checksum": "837affc90674fb92cdb0ebac6e49ad31a586b37e",
"dest": "/tmp/ansible.txt",
"gid": 1001,
"group": "rchan",
"md5sum": "78ae49d77d28d06173cf2194a3909732",
"mode": "0664",
"owner": "rchan",
"secontext": "unconfined_u:object_r:user_home_t:s0",
"size": 106,
"src": "/home/rchan/.ansible/tmp/ansible-tmp-1542902119.15-117618539513309/source",
"state": "file",
"uid": 1001
}
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present"
192.168.99.153 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"epel-release-7-11.noarch providing epel-release is already installed"
]
}
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present" -u root
192.168.99.153 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"epel-release-7-11.noarch providing epel-release is already installed"
]
}
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=latest" -u root
192.168.99.153 | SUCCESS => {
"changed": false,
"msg": "",
"rc": 0,
"results": [
"All packages providing epel-release are up to date",
""
]
}
</pre>

== Gather all the information available on remote machine ==
<pre>
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m setup
192.168.99.153 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.99",
"192.168.99.153"
],
"ansible_all_ipv6_addresses": [
"fe80::5054:ff:fe11:6767",
"fe80::5054:ff:fe8c:b67c"
],
"ansible_architecture": "x86_64",
"ansible_bios_date": "04/01/2014",
"ansible_bios_version": "1.9.1-5.el7_3.2",
"ansible_cmdline": {
"BOOT_IMAGE": "/vmlinuz-3.10.0-862.14.4.el7.x86_64",
"LANG": "en_CA.UTF-8",
"console": "ttyS0",
...
"ansible_userspace_bits": "64",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "kvm",
"module_setup": true
},
"changed": false
}
</pre>
[[OPS435_Ansible_setup|Click here for complete contents of the above]]

= Ansible Playbook =
== Updating /etc/motd file ==
=== Sample Run ===
Name: motd-play.yml
<pre>
---
- hosts: 192.168.99.153
user: root
vars:
apache_version: 2.6
motd_warning: 'WARNING: use by ICT faculty/students only.'
testserver: yes
tasks:
- name: setup a MOTD
copy:
dest: /etc/motd
content: "{{ motd_warning }}"
</pre>

Sample Run:
<pre>
[rchan@centos7 playbooks]$ ansible-playbook motd-play.yml

PLAY [192.168.99.153] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: [192.168.99.153]

TASK [setup a MOTD] ************************************************************
changed: [192.168.99.153]

PLAY RECAP *********************************************************************
192.168.99.153 : ok=2 changed=1 unreachable=0 failed=0

</pre>

=== Sample Run ===
Name: httpd-play.yml
<pre>
---
- hosts: 192.168.99.153
user: root
vars:
apache_version: 2.6
motd_warning: 'WARNING: use by ICT faculty/students only.'
testserver: yes
tasks:
- name: install apache
action: yum name=httpd state=installed

- name: restart apache
service:
name: httpd
state: restarted
</pre>
Sample Run:
<pre>
[rchan@centos7 playbooks]$ ansible-playbook httpd-play.yml

PLAY [192.168.99.153] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: [192.168.99.153]

TASK [install apache] **********************************************************
changed: [192.168.99.153]

TASK [restart apache] **********************************************************
changed: [192.168.99.153]

PLAY RECAP *********************************************************************
192.168.99.153 : ok=3 changed=2 unreachable=0 failed=0

</pre>

= Questions =
= System requirements =
* You must have at lease two networked machines
** control node - run ansible to configure remote node - need Ansible 2.x (latest version 2.7)
** remote nodes - to be managed by the control node
* You should be to ssh from your control node as a regular user to any of your remote nodes as root user without supplying a login password.
* Python 2.7+ on all nodes
= Reference =
[https://docs.ansible.com/ansible/latest/user_guide/index.html Ansible Latest User Guide]
1,760
edits