Getting started with Ansible

Image for post
Image for post

Ansible, huh?

Ansible is a simple to use agent-less IaC(Infrastructure as a Code) tool used for configuration management, software provisioning, intra-service orchestration, and app deployment.

Architecture

Unlike most configuration-management software, Ansible does not require a single controlling machine where orchestration begins.[12] Ansible works against multiple systems in your infrastructure by selecting portions of Ansible’s inventory, stored as edit-able, version-able ASCII text files. Not only is this inventory configurable, but you can also use multiple inventory files at the same time and pull inventory from dynamic or cloud sources or different formats (YAML, INI, etc.).[13] Any machine with Ansible utilities installed can leverage a set of files/directories to orchestrate other nodes. The absence of a central-server requirement greatly simplifies disaster-recovery planning.[12] Nodes are managed by this controlling machine — typically over SSH. The controlling machine describes the location of nodes through its inventory.[13] Sensitive data can be stored in encrypted files using Ansible Vault[14] since 2014.[15] In contrast with other popular configuration-management software — such as Chef, Puppet, and CFEngine — Ansible uses an agentless architecture,[16] with Ansible software not normally running or even installed on the controlled node.[16] Instead, Ansible orchestrates a node by installing and running modules on the node temporarily via SSH. For the duration of an orchestration task, a process running the module communicates with the controlling machine with a JSON-based protocol via its standard input and output.[17] When Ansible is not managing a node, it does not consume resources on the node because no daemons are executing or software installed.[16]

source: Wikipedia

Image for post
Image for post

Shall we start already?

Image for post
Image for post

But wait, before we use Ansible, we need a ‘one-time’ setup done.

For this setup environment I’ll be using:

  • 1 Virtual Machine with Redhat Operating System (RHEL8) for the main controller/master node.
  • 2 RHEL8 VMs, and 1 Ubuntu VM for controlled/managed/worker nodes.
Image for post
Image for post

NOTE: You’re free to choose any OS and any number of managed nodes installed on VM/BareMetal/Container/Cloud.

Setting up Ansible Environment

  • Ansible Installation on ‘yum’ configured Redhat/CentOS/Fedora:

Since Ansible is an agent-less tool, it only needs to be installed in the controller node.

Open your terminal and run the following commands:

sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm -y ; sudo yum repolist
Image for post
Image for post
sudo yum install ansible -y
Image for post
Image for post
ansible --version
Image for post
Image for post

Ansible is now installed successfully!!

  • Setting up passwordless ssh login:
sudo yum install sshpass -y
Image for post
Image for post

In Ubuntu before using SSH you might need to install the openssh-server manually.

sudo apt install openssh-client ; sudo apt install openssh-serverssh-keygen
Image for post
Image for post

This commands generates an ssh key

ssh-copy-id user@hostname

Note: Replace ‘user’ and ‘hostname’ with a suitable user name and the hostname you want to copy your key to.

Image for post
Image for post

After successfully copying the key, you can easily ssh into the given OS.

Copy key to other worker nodes as well.

  • Setting up Ansible Inventory
Image for post
Image for post

This is the default location of the configuration file of ansible, we can create a new one, but I’ll stick to this for now

Image for post
Image for post

Viewing the configuration file gives us the default location of the inventory, which too can be changed, but I’ll be sticking to the default for now.

Image for post
Image for post

Open the file with your favorite text editor and note down your hosts in it, the inventory file should look something like this after the edit.

mail.example.com

[webservers]
foo.example.com
bar.example.com

[dbservers]
one.example.com
two.example.com
three.example.com

NOTE: You can replace hostname with IP if you’re comfortable with IP addresses. for more info on inventory click here.

Image for post
Image for post

You can make different groups by writing the group name between square brackets and writing all the hosts for the desired group, under it.

Note: I created 2 groups, ‘redhat’ having 2 nodes and ‘ubuntu’ with a single node

  • Testing the setup

Ping all the nodes:

ansible -m ping all
Image for post
Image for post

We can ping all the nodes, that means our setup is done correctly!

NOTE: Since, we already divided our nodes into the group, we can avoid pinging ‘all’ and ping only nodes from a particular group.

Image for post
Image for post

Ansible rather than pinging to all the nodes, only pings to the node(s) from the ‘ubuntu’ group.

Image for post
Image for post

This was a very short introduction to Ansible, but once your setup environment is done correctly, you can use Ansible to do way more complex tasks!!!

Image for post
Image for post

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store