Ansible Automation

Ansible Automation

Ansible is simply an open-source IT engine that automates application deployment, intra service orchestration, cloud provisioning, and many other IT tools.

Ansible is easy to deploy because it does not use any agents or custom security infrastructure

Ansible uses playbook to describe automation jobs, and playbook uses very simple language i.e. YAML (It’s a human-readable data serialization language & is commonly used for configuration files, but could be used in many applications where data is being stored) which is very easy for humans to understand, read and write. Hence the advantage is that even the IT infrastructure support guys can read and understand the playbook and debug if needed (YAML – It is in human-readable form)

Ansible is designed for multi-tier deployment. Ansible does not manage one system at a time, it models IT infrastructure by describing all of your systems are interrelated. Ansible is completely agentless which means Ansible works by connecting your nodes through ssh(by default). But if you want another method for connection like Kerberos, Ansible gives that option to you

After connecting to your nodes, Ansible pushes small programs called “Ansible Modules”. Ansible runs those modules on your nodes and removes them when finished. Ansible manages your inventory in simple text files (These are the hosts file). Ansible uses the hosts file where one can group the hosts and can control the actions on a specific group in the playbooks

Advantages of Ansible

 Free: Ansible is an open-source tool.
 Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
 Powerful: Ansible lets you model even highly complex IT workflows
Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
 Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure. Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.

What is Configuration Management? Configuration management in terms of Ansible means that it maintains the configuration of the product performance by keeping a record and updating detailed information that describes an enterprise’s hardware and software

How Ansible Works? The picture given below shows the working of Ansible. Ansible works by connecting to your nodes and pushing out small programs, called "Ansible Modules" to them. Ansible then executes these modules (over SSH by default) and removes them when finished. Your library of modules can reside on any machine, and there are no servers, daemons, or databases required

The management node in the above picture is the controlling node (managing node) which controls the entire execution of the playbook. It’s the node from which you are running the installation. The inventory file provides the list of hosts where the Ansible modules need to be run and the management node does an SSH connection and executes the small modules on the host's machine and installs the product/software.

  To list the host inside inventory file use command

[ansible@ansible-control ]$ ansible all -i inventory --list-hosts 

                                           hosts (2): 

                                             ansible-node1 

                                                ansible-node2 

 To list it as a graph use command:     

[ansible@ansible-control ]$ ansible-inventory all -i inventory --graph 

@all:

 |--@ungrouped:

 |     |--ansible-node1 

 |      |--ansible-node2 

The beauty of Ansible is that it removes the modules once those are installed so effectively it connects to the host machine, executes the instructions, and if it’s successfully installed removes the code which was copied on the host machine which was executed. 

Ansible - Environment Setup
Installation Process Mainly, there are two types of machines when we talk about deployment − 

 Control machine − Machine from where we can manage other machines.

  Remote machine − Machines that are handled/controlled by the control machine.

 There can be multiple remote machines that are handled by one control machine. So, for managing remote machines we have to install Ansible on the control machine.

Control Machine Requirements 

Ansible can be run from any machine with Python 2 (versions 2.6 or 2.7) or Python 3 (versions 3.5 and higher) installed.
Note − Windows does not support a control machine. By default, Ansible uses ssh to manage a remote machine.

Ansible can be installed on the control machine which has the above-mentioned requirements in different ways. You can install the latest release through Apt, yum, pkg, pip, OpenCSW, Pacman, etc.

 1- Add user on each machine named for example (Ansible) 

2- Configure SSH login between these servers (control and remotes) without a password 

 3- Install Ansible: 

 [root@ansible-control ~] # yum install -y ansible 

After running the above line of code, you are ready to manage remote machines through Ansible. 

Just run Ansible --version to check the version and just to check whether Ansible was installed properly or not

Ansible - YAML Basics 

Ansible uses YAML syntax for expressing Ansible playbooks. 

This chapter provides an overview of YAML. 

 Ansible uses YAML because it is very easy for humans to understand, read and write when compared to other data formats like XML and JSON. 

Every YAML file optionally starts with “---” and ends with “...”

Understanding YAML
  In this section, we will learn the different ways in which the YAML data is represented. key-value pair YAML uses simple key-value pairs to represent the data. The dictionary is represented in key: value pair. Note − There should be space between: and value

Abbreviation You can also use abbreviation to represent dictionaries.

 Example James: {name: ram shing, rollNo: 34, div: C, sex: male} 

Representing List We can also represent List in YAML. Every element(member) of the list should be written in a new line with the same indentation starting with “- “ (- and space)

Example --- countries: 

             - America 

             - China     

            - Canada 

            - Iceland

 Abbreviation You can also use the abbreviation to represent lists. 

Example Countries: [‘America’, ‘China’, ‘Canada’, ‘Iceland’]

List of Dictionaries We can also make a list of dictionaries

YAML uses “|” to include newlines while showing multiple lines and “>” to suppress newlines while showing multiple lines. Due to this we can read and edit large lines. In both cases, 

the indentation will be ignored. We can also represent Boolean (True/false) values in YAML. where boolean values can be case insensitive.

 

Some common words related to Ansible.
Service/Server − A process on the machine that provides the service. 

Machine − A physical server, VM (virtual machine), or a container. 

Target machine − A machine we are about to configure with Ansible.

Task − An action (run this, delete that), etc. managed by Ansible. 

Playbook − The YML file where Ansible commands are written and YML is executed on a machine. Ansible.cfg – ansible configuration file

Ansible - Ad hoc Commands
Ad hoc commands are commands which can be run individually to perform quick functions. These commands need not be performed later. For example, you have to reboot all your company servers. 

For this, you will run the Adhoc commands from ‘/usr/bin/ansible’. 

These ad-hoc commands are not used for configuration management and deployment, 

because these commands are of one-time usage. ansible-playbook is used for configuration management and deployment.

Parallelism and Shell Commands
Reboot your company server in 12 parallel forks at a time. 

For this, we need to set up SSHagent for connection. 

$ ssh-agent bash $ ssh-add ~/.ssh/id_rsa 

 To run reboot for all your company servers in a group, 'abc', in 12 parallel forks − 

$ Ansible abc -a "/sbin/reboot" -f 12 

By default, Ansible will run the above Ad-hoc commands from the current user account. 

If you want to change this behavior, you will have to pass the username in Ad-hoc commands as follows − $ Ansible abc -a "/sbin/reboot" -f 12 -u username

 File Transfer

 You can use the Ad-hoc commands for doing SCP (Secure Copy Protocol) lots of files in parallel on multiple machines. Transferring file to many servers/machines

 $ Ansible abc -m copy -a "src = /etc/yum.conf dest = /tmp/yum.conf"

File Transfer 9 You can use the Ad-hoc commands for doing SCP (Secure Copy Protocol) lots of files in parallel on multiple machines.

 Transferring file to many servers/machines 

$ Ansible abc -m copy -a "src = /etc/yum.conf dest = /tmp/yum.conf"

Creating a new directory
$ Ansible abc -m file -a "dest = /path/user1/new mode = 777 owner = user1 group = user1 state = directory"

 Deleting whole directory and files 

$ Ansible abc -m file -a "dest = /path/user1/new state = absent" Managing Packages

Managing Packages

The Ad-hoc commands are available for yum and apt. Following are some Ad-hoc commands using yum. The following command checks if yum package is installed or not, but does not update it.

 $ Ansible abc -m yum -a "name = demo-tomcat-1 state = present"

 The following command checks the package is not installed.

 $ Ansible abc -m yum -a "name = demo-tomcat-1 state = absent"

 The following command checks the latest version of the package is installed.

 $ Ansible abc -m yum -a "name = demo-tomcat-1 state = latest"

Gathering Facts

Facts can be used for implementing conditional statements in playbook. 

You can find adhoc information of all your facts through the following Ad-hoc command −

 $ Ansible all -m setup