Ansible Quick Start

By

Stephen Efange

08/14/2021
Table of Contents
Overview.....................................................................................................................................................3
Introduction and Architecture.....................................................................................................................4
Install and Configure Ansible.......................................................................................................................5
Configure Ansible....................................................................................................................................5
Ansible SSH Considerations.....................................................................................................................7
How to get ansible documentation...........................................................................................................12
Ad-hoc Ansible commands........................................................................................................................15
Ansible Playbooks......................................................................................................................................18
The structure of playbooks....................................................................................................................18
Playbook Format....................................................................................................................................19
More notes on playbooks......................................................................................................................22
Ansible Variables.......................................................................................................................................22
How to use Ansible Facts...........................................................................................................................24
Troubleshooting and Debugging Ansible...................................................................................................27
Ansible Handler.........................................................................................................................................28
Whats next with Ansible............................................................................................................................29
Overview
Introduction and Architecture

What is ansible?

With ansible, you can create files, install software, manipulate configurations etc. on local or remote
servers via ssh.

You can run ansible in adhoc mode or create a playbook which is like a script – a yml script

Adhoc mode example:

A module called setup is used to return a bunch of system information.

Playbooks come in handy for large scale deployments. You can easily have a couple of steps in your
playbook to help build a webserver, email server, database server automatically.

You can have pre-configured playbooks to build these servers automatically and consistently. This
prevents the need for manual configuration that might not be consistent due to human error and typos.
Install and Configure Ansible

yum list epel-release

yum install epel-release

You can also use pip for installations and this allows you to pick the versions you want to install or install
later versions. Pip is a little more advanced.

Check to see is ansible is installed on your system:

rpm -qa | grep -i ansible

yum install ansible -y

Once the installation is done you now have an ansible control node.

Consider installing a version control software for keeping track of your yml scripts or playbooks for good
housekeeping or management of your scripts.

yum install git -y

source control – script control is a really good idea when dealing with playbooks.

Configure Ansible
vi /etc/ansible/ansible.cfg

[root@centos02 ~]# vi /etc/ansible/ansible.cfg

[root@centos02 ~]# vi /etc/ansible/hosts

cat /etc/ansible/hosts

you can add more servers to the inventory after the last line:
Sample inventory file:

Create an Inventory for your ansible control node by adding a list of servers you want such as below:

You can give the servers ansible aliases:

Ansible SSH Considerations

You don’t want to be typing passwords for every single host in your inventory even though its possible
with the -k option.

Its best to use a pre-shared key with an ansible user. The key that will be auto generated and stored on
the server will allow you to use password less login.

Create a user to use for your ansible purposes and many people just call the user ansible. The user name
does not have to be ansible but it just makes sense and its for simplicity.

Create the ansible user on all your nodes including the control node.

The user on the control node does not need a password per say but all other nodes need a user with a
password.
I added a user and password on my control node. Eventhough like I mentioned you don’t need the
password on the control node if you are not going to be using ssh to connect to the control node from
other servers. So it’s a security best practice.

[root@centos02 ~]# useradd ansible

[root@centos02 ~]# passwd ansible

Changing password for user ansible.

New password:

Retype new password:

passwd: all authentication tokens updated successfully.

[root@centos02 ~]#

On the control node, create a pre-shared key:

[root@centos02 ~]# sudo su - ansible

[ansible@centos02 ~]$

Make an ssh key for the ansible user – make a private key

[root@centos02 ~]# sudo su - ansible

[ansible@centos02 ~]$ ssh-keygen

Copy the puplic key to any other server you want to log in that’s on your inventory or list of servers in
order for the ssh password-less authentication to work.

Copy the public key to the desired servers using ssh-copy-id

ssh-copy-id hostname-of-the-server

you will need the ansible password for the server you are connecting /copying the public key to.
Add ansible user to the sudoers file: on your nodes on non-control nodes.

sudo visudo

This will give the ansible user the ability to perform any action as root.

Now ansible user can now do anything they want including becoming the root user: sudo su –
How to get ansible documentation

https://docs.ansible.com/
-S gives the condensed version of the documentation. Provide a module name such as lineinfile

ansible-doc -s lineinfile

ansible-doc lineinfile

man ansible-doc
The -l or list option of man ansible-doc will list all the available plugins/modules

Modules is really how ansible dos things.

To get details on a specific module user the modules name after ansible-doc

ansible-doc file

we get details of the file module.

Ad-hoc Ansible commands

The setup module can be used to test your connection and get some few facts or information about
your host or group of hosts.
The ping module can be used to test success of a connection test. You get ping pong.

A list of common modules:

With the last 3 modules, you can install software, check the state of services and copy files from a
source to destination.
ansible centos02 -m yum -a "name=httpd state=latest"

some times the command might fail as ansible might not know when to execute a command as root. In
that case use the -b flag which means become root.

ansible centos02 -b --become-user=ansible -m yum -a "name=httpd state=latest"

ansible centos02 -b --become-user=ansible -m service -a "name=httpd state=started"

State is the desired state you want the system to be in. If you run the statement again and the system is
already in a desired state then ansible will not do anything because the system is in the desired state.
Ansible will give a false message as in I didn’t do anything because the system is already in the state you
want be to put it in.

Ansible Playbooks

The structure of playbooks

The ansible-playbook command takes the playbook(script) as its parameter.

A play is a series of steps to be performed on a host or group of hosts.

Playbook Format
You can create and use or include inventory files that are the default /etc/ansible/hosts inventory file.
The modules are indented the same.

Gathering facts is the default behavior.

More notes on playbooks

The check mode that you call with - - check is used to do a dry run and does not change anything.

Ansible Variables
Defining variables within a playbook:
How to use Ansible Facts
ansible centos02 -m setup -a filter=*ipv4*
ansible centos02 -m setup -a filter=*hostname*

if you don’t want to gather fact properties then:

Troubleshooting and Debugging Ansible

Register saves your info or contents. The output of the cat command here will be saved or registered or
captured in motd_contents
Ansible Handler
Whats next with Ansible