Professional Documents
Culture Documents
What Is Ansible?
What Is Ansible?
Ansible Architecture
In the above diagram:
Advantages of Ansible
Ref - https://www.tecmint.com/install-epel-repo-on-rhel-8/
or
342 subscription-manager register >> Give your username and password for REDHAT
343 subscription-manager list –available
This will give you POOL ID
344 subscription-manager attach --pool=8a85f99a75fb07cc01760049fe693e9d
345 subscription-manager list
346 dnf repolist
347 sudo subscription-manager repos --enable ansible-2.9-for-rhel-8-x86_64-rpms
348 dnf repolist
349 sudo yum install ansible
350 ansible --version
Other method
yum-config-manager --enable epel >> ENABLE Extra Package Enterprise Linux (EPEL) Repo
yum repolist >> Check if it is coming now
Also there are various other method for installing it. Follow below link-
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#
Validate
ansible --version
Configure new Linux user-”ansadmin” for ansible
Add linux user – ansi in sudoers file so that it can login to root with sudo permission and without
password
cp /etc/sudoers /etc/sudoers-orig
vi /etc/sudoers
su – ansadmin
sudo su – or
sudo -i or
sudo su – root
sudo -u root -i
For Ubuntu
Generate Keys
ssh-keygen
One you have launched servers, you will find automatically you re able to connect to those servers
from Ansible Controller.
Inventory File
Here there are 2 Groups – one for server or controller and other for nodes
If not using SSH, then pass pem file which is generated while creating servers
if you don’t want to pass user name, do below in your inventory file
Adhoc command
ip-172-31-0-137
Copy module
Ad hoc commands
Function Command
To check if a package is installed and to update it #ansible <group> -m yum -a ”name=httpd state=latest”
To check if a package is installed but not to #ansible <group> -m yum -a ”name=httpd state=present”
update it
To check if a package is not installed #ansible <group> -m yum -a”name=httpd state= absent
Advanced -
List of dictionaries
This is a LIST of Dictionaries which is key-value pair –
Dictionary in Dictionary -
- Dictionary – we can move name and hosts (up & down)
- but in LIST it is not advisable to change
Ansible Playbook –
Playbooks are Ansible’s configuration, deployment, and orchestration language. They can
describe a policy you want your remote systems to enforce, or a set of steps in a general IT
process.
If Ansible modules are the tools in your workshop, playbooks are your instruction manuals,
and your inventory of hosts are your raw material.
Playbooks
It is the place where all the YAML files are stored and executed. It acts as a to-do list.
A playbook can have more than one play.
A play maps the instructions defined against a particular host.
It is typically written in a text editor such as notepad or notepad++ or visual studio code or
atom or VIM
---
- name: "Play 1- apache configure"
hosts: webservers
become: yes
tasks:
- name: "Install packages"
yum:
name: "{{ item }}"
state: present
with_items:
- httpd
- vim
- wget
- tree
- git
Loops
Loops can do one task on multiple things, such as create a lot of users, install a
lot of packages, or repeat a polling step until a certain result is reached.
- yum:
name: "{{ item }}"
state: present
with_items:
- httpd
- vim
- wget
- tree
Conditionals
tasks:
yum:
name: httpd
state: latest
when: ansible_os_family == "RedHat"
or
tasks:
- name: "shut down CentOS 6 systems"
command: /sbin/shutdown -t now
when:
- ansible_facts['distribution'] == "CentOS"
- ansible_facts['distribution_major_version'] == "6"
Tags
tasks:
- yum:
name: "{{ item }}"
state: latest
with_items:
- httpd
- mod_wsgi
tags:
- packages
- template:
src: templates/httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
tags:
- configuration
---
[ansadmin@ip-172-31-4-13 ansible]$
[ansadmin@ip-172-31-4-13 ansible]$
[ansadmin@ip-172-31-4-13 ansible]$ ansible-playbook git.yml -t service_started
Roles
Like we have roles in real life, similarly we have roles in Ansible which can re-used in multiple
playbooks.
Apache
1. Install Apache
2. Configure Apache
a. Copying httpd.conf from Template which will have timeout 150 secs
b. Copy test code – lb-health-check.html to document root
3. Service start
Let’s do it
Creating a directory structure
ansible-galaxy init /etc/ansible/roles/apache
cd /etc/ansible/roles/apache
tasks/:
total 16
-rw-r--r-- 1 root root 133 Jan 31 04:31 main.yml
-rw-r--r-- 1 root root 57 Jan 31 04:32 install.yml
-rw-r--r-- 1 root root 88 Jan 31 04:34 service.yml
-rw-r--r-- 1 root root 224 Jan 31 04:35 configure.yml
files/:
total 40
-rw-r--r-- 1 root root 34498 Jan 31 04:35 httpd.original
-rw-r--r-- 1 root root 16 Jan 31 04:36 index.html
handlers/:
total 4
-rw-r--r-- 1 root root 111 Jan 31 04:38 main.yml
vars/
main.yml
cntrl $ pwd
/etc/ansible/roles/apache/tasks
Update Handlers
/etc/ansible/roles/apache/handlers
Update meta/main.yml
Create 2 Ansible Playbooks calling generic roles and some customization for their 2 separate
Business
Sample playbook -
Now RUN IT
Cheat SHEET
https://intellipaat.com/mediaFiles/2019/03/Ansible-cheat-sheet.pdf