Changes

Jump to: navigation, search

OPS435 Ansible

4,405 bytes removed, 14:05, 24 November 2019
no edit summary
[[Category:OPS435]][[Category:rchan]][[Category:OPS435 Lab]]
= Objective =
:# Install and configure Ansible on a controller Linux machine
:# Explore Ansible's ad hoc commands
:# Explore Ansible's built-in modules
:# Explore and create Ansible playbooks
 
= Overview =
* [https://www.ansible.com/overview/how-ansible-works Overview]::"Ansible is an agentless IT automation engine that automates for automating cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.::Ansible was designed for multi-tier deployments since day one, and models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a timeadministration tasks.::Ansible uses no agents and no additional custom security infrastructure, and it uses a very simple human readable language called 'YAML', to compose an Ansible Playbook which allow you to describe your automation jobs in a very simple way." For more detail information about ansible, check out describes the ansible web site at [http://www.ansible.com. www.ansibletasks you want to automate.com]
= Objective Reference =:* Install and configure Ansible on a controller Linux machineFor more detail information about ansible, check out the ansible web site at [http://www.ansible.com. www.ansible.com]:* Explore Ansible's ad hoc commands* Explore Ansible's built[https://www.ansible.com/overview/how-ansible-in modules* Explore and create Ansible playbooksworks Overview]
= Investigation I: Introduction to Ansible =
: In this introduction, we explore the main components of the Ansible configuration management system and its operating environment. we also study a simple playbook for managing the configuration of a CentOS 7.x VM. For : You need at least two VMs for this lab: one VM to be used as the control machine and one or more detail information about ansible, check out VMs to be used as the ansible web site at [https://wwwmanaged machines.ansible.com. https://www.ansibleYou only need to install Ansible on the control machine.com]
== Key Concepts when using Ansible==
* YAML - a human-readable data serialization language & is commonly used for configuration filesuse by Ansible's playbooks. To know more, your can check out the [https://en.wikipedia.org/wiki/YAML wikipedia page here]* Control machine - (Management node)* Remote machine - (managed node)* playbook - contains one or multiple plays, each of the host on which define the work you use Ansible to be done for a configuration execute tasks on a the managed server. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines; there are no standard plays.* Inventory file Managed machine - defines a host that is configured by the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate.control machine
* [[OPS435 Sample Ansible Hosts file|Hosts file]] - contains information about machines to be managed - click [[OPS435 Sample Ansible Hosts file | here]] for sample hosts file
* Ad hoc commands- a simple one-off task:
** <u><b>shell commands</b></u>
*** ansible 192.168.99.153 -a 'date'
*** ansible 192.168.99.153 -a 'df'
*** ansible 192.168.99.153 -a 'iptables -L -n -v' -u root
* Built-in modules- code that performs a particular task such as copy a file, installing a package, etc:
** <u><b>copy module</b></u>
*** ansible 192.168.99.153 -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
** <u><b>Package management</b></u>
*** ansible 192.168.99.153 -m yum -a "name=epel-release state=latest"
* Running Ansible Playbooks- contains one or multiple plays, each play defines a set of repeatable tasks on one or more managed machines. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines:
** ansible-playbook -i 192.168.99.153, setup_webserver.yaml
** ansible-playbook firstrun.yaml
== Hardware and software required
== Part 1: Installing Ansible on CentOS 7 ==
: run You only need to install the command yum install "ansible " package on your control VM. :* Login as root. You may have installed a regular user, change to the directory ~/ops435/lab9:* Issue the following dependent packagescommand to install the "ansible" package:<source lang="pythonbash">sudo yum install ansible -y--</source> Finished Dependency Resolution
You may have to install the following dependent packages:<source lang="bash">
Dependencies Resolved
[-a MODULE_ARGS] [-m MODULE_NAME]
pattern
 Define and run a single task 'playbook' against a set of hosts positional arguments: pattern host pattern optional arguments: --ask-vault-pass ask for vault password --list-hosts outputs a list of matching hosts; does not execute anything else --playbook-dir BASEDIR Since this tool does not use playbooks, use this as a substitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc.. --syntax-check perform : Take a syntax check on the playbook, but do not execute it --vault-id VAULT_IDS the vault identity to use --vault-password-file VAULT_PASSWORD_FILES vault password file --version show program's version number, config file location, configured module search path, module location, executable location and exit -B SECONDS, --background SECONDS run asynchronously, failing after X seconds (default=N/A) -C, --check don't make any changes; instead, try to predict some look of all the changes that may occur -D, --diff when changing (small) files and templates, show the differences in those files; works great with --check -M MODULE_PATH, --module-path MODULE_PATH prepend colon-separated path(s) to module library (def ault=~/.ansible/plugins/modules:/usr/share/ansible/plu gins/modules) -P POLL_INTERVAL, --poll POLL_INTERVAL set the poll interval if using -B (default=15) -a MODULE_ARGS, --args MODULE_ARGS module arguments -e EXTRA_VARS, --extra-vars EXTRA_VARS set additional variables as key=value or YAML/JSON, if filename prepend with @ -f FORKS, --forks FORKS specify number of parallel processes to use (default=5) -h, --help show this help message and exit -i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY specify inventory host path or comma separated host list. --inventory-file is deprecated -l SUBSET, --limit SUBSET further limit selected hosts to an additional pattern -m MODULE_NAME, --module-name MODULE_NAME module name to execute (default=available command) -o, --one-line condense output -t TREE, --tree TREE log output to this directory -v, --verbose verbose mode (-vvv options for more, -vvvv to enable connection debugging) Privilege Escalation Options: control how and which user you become as on target hosts  --become-method BECOME_METHOD privilege escalation method to use (default=sudo), use `the "ansible-doc -t become -l` to list valid choices. --become-user BECOME_USER run operations as this user (default=root) -K, --ask-become-pass ask for privilege escalation password -b, --become run operations with become (does not imply password prompting) Connection Options: control as whom and how to connect to hosts  --private-key PRIVATE_KEY_FILE, --key-file PRIVATE_KEY_FILE use this file to authenticate the connection --scp-extra-args SCP_EXTRA_ARGS specify extra arguments to pass to scp only (e.g. -l) --sftp-extra-args SFTP_EXTRA_ARGS specify extra arguments to pass to sftp only (e.g. -f, -l) --ssh-common-args SSH_COMMON_ARGS specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) --ssh-extra-args SSH_EXTRA_ARGS specify extra arguments to pass to ssh only (e" command.g. -R) -T TIMEOUT, --timeout TIMEOUT override the connection timeout in seconds (default=10) -c CONNECTION, --connection CONNECTION connection type to use (default=smart) -k, --ask-pass ask for connection password -u REMOTE_USER, --user REMOTE_USER connect as this user (default=None) Some modules do not make sense in Ad-Hoc (include, meta, etc)</source>: There are a lots of options when running Ansible. Let's move on to try a few simple ones.
== Part 2: Sample runs for some of the Ad hoc commands ==
1,760
edits

Navigation menu