DevOps

Basics of Ansible and Installation

Talentica » Blogs » Basics of Ansible and Installation

Jaideep Pimpale

DevOps Engineer - 24 September 2018 -

What is Ansible?:

Ansible is an open source software that automates software provisioning, configuration management, and application deployment. Ansible connects via SSH, remote PowerShell or via other remote APIs.

How Ansible works?:

Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default) and removes them when finished

Key Features of Ansible:

Models the IT infrastructure around the systems interrelating with each other, thus ensuring faster end results.
Module library can reside on any system, without the requirement of any server, daemons or databases.
No additional setup required, so once you have the instance ready you can work on it straight away.
Easier and faster to deploy as it doesn’t rely on agents or additional custom security infrastructure.
Uses a very simple language structure called playbooks. Playbooks are almost similar to the plain English language for describing automation jobs.
Ansible has the flexibility to allow user-made modules that can be written in any programming language such as Ruby, Python. It also allows adding new server-side behaviours extending Ansible’s connection types through Python APIs.

Terms in Ansible:

1) Playbooks

Playbooks express configurations, deployment, and orchestration in Ansible. The Playbook format is YAML. Each Playbook maps a group of hosts to a set of roles. Each role is represented by calls to Ansible tasks.

2) Ansible Tower

Ansible Tower is a REST API, web service, and web-based console designed to make Ansible more usable for IT teams with members of different technical proficiencies and skill sets. It is a hub for automation tasks. The Tower is a commercial product supported by Red Hat, Inc. Red Hat announced during AnsibleFest 2016 that it would release Tower as open source software

Ansible Architecture:

(On AWS EC2 Linux Free Tier Instance, python and ssh both are already installed)

Python Version — 2.7.13
Three servers
Ansible control Server ( Install ansible using epel repository)- On AWS you have to enable this file
WebServer
DBServer

How to connect between these servers?

To ping these servers(webserver and dbserver) from ansible control server, you have to add one inbound rule “All ICAMP traffic” in both the instances)

Ansible Control Server
Install Ansible on Redhat

wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

rpm -ivh epel-release-latest-7.noarch.rpm

yum repolist

yum — enablerepo=epel install ansible

Install Ansible on AWSLinux

vim /etc/yum.repos.d/epel.repo

or

sudo yum-config-manager --enable epel

yum repolist ( you should see epel)

yum install ansible

Create an entry for all servers in etc/hosts file as shown below

vim etc/hosts

Create one user “ansadm” on all the servers as shown below

After adding you have to do ssh by login as ansadm user. You will get the below error because ssh is not set up yet

How to Setup SSH

Generate ssh key on ansible control server.
https://www.youtube.com/watch?v=5KmQMfEqYxc
ssh-keygen on ansible control server by login on ansadm ( ssh is user specific)
This will create .ssh folder (/home/ansadm/.ssh)
Create an authorized_keys on both the servers and copy the key from ansible control server as shown below

[ansadm@ip-172–31–21–35 ~]$ ssh-copy-id -i ansadm@172.31.19.214
 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/ansadm/.ssh/id_rsa.pub”
 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
  (if you think this is a mistake, you may want to use -f option)

[ansadm@ip-172–31–21–35 ~]$ ssh ansadm@172.31.19.214
 Last login: Thu Jan 11 13:34:31 2018

__| __|_ )
  _| ( / Amazon Linux AMI
  ___|\___|___|

https://aws.amazon.com/amazon-linux-ami/2017.09-release-notes/
 [ansadm@ip-172–31–19–214 ~]$ exit

Now all three servers are configured, ansible control server can do ssh on both the servers

Change the ownership of etc/ansible folder to ansadm

chown -R ansadm:ansadm /etc/ansible

vim etc/ansible/hosts

[webserver]
172.31.19.214
[dbserver]
172.31.26.66

ansible.cfg file ( This is an inventory file)

Ansible commands ( We can run all commands only on the control server and all other servers are managed by it)

To install any package you have to be root. So we are making ansadm of the controller as a root user on all machines (except controller)

vi /etc/sudoers

## ANSIBLE ADMIN USER
ansadm ALL=NOPASSWD: ALL

Now run the same command with -s option

Ansible Roles

Roles are the next level of abstraction of ansible playbook. Roles are the list of commands that ansible will execute on target machines in given order

Playbook — decides which role is for which target machine

[ansadm@ip-172–31–21–35 ansible]$ mkdir roles/basic
[ansadm@ip-172–31–21–35 ansible]$ mkdir roles/basic/tasks
[ansadm@ip-172–31–21–35 ansible]$ cd roles/basic/tasks
[ansadm@ip-172–31–21–35 tasks]$ vi main.yml

[ansadm@ip-172–31–21–35 ansible]$ cat /etc/ansible/roles/basic/tasks/main.yml

- name: Install ntp
 yum: name=ntp state=present
 tags: ntp

[ansadm@ip-172–31–21–35 ansible]$ vi playbook.yml
[ansadm@ip-172–31–21–35 ansible]$ ansible-playbook -K playbook.yml

[ansadm@ip-172–31–21–35 ansible]$ cat playbook.yml
- hosts: all
 roles:
— role: basic

ansible-playbook <playbook> — list-hosts

To check if HTTPd is installed, the easiest way is to ask rpm:

rpm -qa | grep httpd

Verify the playbook for syntax errors:

#ansible-playbook file_name.yml –syntax-check

To see what hosts would be affected by a playbook

#ansible-playbook file_name.yml –list-hosts

Run a playbook

# ansible-playbook file_name.yml

Conclusion:

Ansible is easy to learn. Managing resources using Ansible can be extremely efficient and easy. Here we learn about Ansible basic concept, Installation steps and different features.