Ansible Introduction
Nathan Luong | May 19, 2024 |6
What is Ansible
- A tool to automate repetitive IT tasks on multiple running VMs, Containers
- Some example of repetitive tasks:
- When an employee join a team, that employee needs access to all machines that that team is operating
- When admins want to run some cron job (health checks, reporting, and monitoring) on multiple hosts.
- When admin want to update software versions (Docker, Python version) on multiple hosts
Why Ansible
Ansible is agentless
- The only machine that is required to install Ansible is the control machine.
- All the hosts, are not required to download any agents. This allows the control machine to manage the host machines remotely
Powerful Docker Capability
- Ansible can not only control and manage the Docker container, it can also control the host at which docker containers are hosted in, which allows Ansible Control Machine to do the following:
- Managing the network, storage resources of the host
- Managing the overall access of the host, which in turns securing the applications running inside
Ansible can build images for any environments
- When using Dockerfile, it can only build images for docker container
- With Ansible, it has control over the host machines, which allows the capability of building application for any environment (Docker, Vagrant Container, Cloud Instances, Lambda Functions, Bare metal, …).
Managed Ansible Solutions (Ansible Tower)
- Since Ansible is a powerful and mature framework, there are managed Ansible solutions out there that offered exetended functionlity, such as dashboards, monitoring, automation, etc.
- One good example of this would be Red Hat's Ansible Tower, aiming to help developers and operators automate their Ansible workflow.
How to use Ansible
Ansible Plays
- Defining which tasks, which hosts, and which users to execute in
Play example without variables and inventory
- name: Rename table and set owner # Name of the play
hosts: 192.168.0.1
remote_user: root # ssh into root@192.168.0.1 to perform the tasks
tasks:
- name: Remane table foo to bar # Task name
postgresql_table: # Module name
table: foo # Module Arguments
rename: bar # Module Arguments
- name: Set owner to some_user
postgresql_table:
name: foo
owner: some_user
Play example with variables, no inventory
- name: Rename table and set owner # Name of the Play
hosts: 192.168.0.1
remote_user: root # ssh into root@192.168.0.1 to perform the tasks
vars:
tablename: foo
tableowner: someuser
tasks:
- name: Remane table {{ tablename }} to bar
postgresql_table: # Module name
table: {{ tablename }} # Module Arguments
rename: bar # Module Arguments
- name: Set owner to {{ tableowner }}
postgresql_table:
name: {{ tablename }}
owner: {{ tableowner }}
Ansible Playbooks
- List of multiple plays, with multiple hosts, which can be stored in the inventory
Simple Playbook, with no inventory
- name: Start webserver # Start webserver Play
hosts: 192.168.0.10
remote_user: root
tasks:
- name: Create directory for nginx
file:
path: /path/to/nginx/dir
state: directory
- name: Install nginx latest version
yum:
name: nginx
state: latest
- name: Start nginx
service:
name: nginx
state: started
- name: Rename table and set owner # Rename database play
hosts: 192.168.0.1
remote_user: root
tasks:
- name: Remane table foo to bar
postgresql_table:
table: foo
rename: bar
- name: Set owner to some_user
postgresql_table:
name: foo
owner: some_user
Simple Playbook, with inventory
- name: Start webserver # Start webserver Play
hosts: webservers # Resolve webservers with inventory file
remote_user: root
tasks:
- name: Create directory for nginx
file:
path: /path/to/nginx/dir
state: directory
- name: Install nginx latest version
yum:
name: nginx
state: latest
- name: Start nginx
service:
name: nginx
state: started
- name: Rename table and set owner # Rename database play
hosts: databases # Resolve databases with inventory file
remote_user: root
tasks:
- name: Remane table foo to bar
postgresql_table:
table: foo
rename: bar
- name: Set owner to some_user
postgresql_table:
name: foo
owner: some_user
10.24.0.100
[webservers]
10.24.0.1192.168.0.10
web1.myserver.com
[databases]
10.24.0.1
192.168.0.1
web2.myserver.com
ungrouped:
hosts:
10.24.0.100:
webservers:
hosts:
10.24.0.1:
192.168.0.10:
web1.myserver.com:
databases:
hosts:
10.24.0.1:
192.168.0.1:
web2.myserver.com:
Glossary
| Playbooks | A collection of plays, which tells the Ansible control Machine which plays to execute |
|---|---|
| Play | Define which hosts, which tasks and which ssh users to execute the tasks in |
| Host | Defines which machines to execute the tasks in |
| Tasks | A collection of modules, defines which job/modules to execute, and which parameter for each modules |
| Modules | A granular job, that can be executed on the terminal, ig installing docker via yum |
| Variables | A place holder, mapped to a value, that can be reused within a scope |
| Inventory | A list of hosts, that maps their aliases into a domain name, and or an IP address |