/ansible.md

Ansible

Getting Started with Ansible

Ansible is an open-source automation tool that simplifies IT configuration management, application deployment, and orchestration. It operates agentlessly over SSH and does not require any additional software installation on the target nodes.

Key Concepts in Ansible

1. Control Node

  • The machine where Ansible is installed and from which tasks are executed.
  • Requires Python 3.x installed.
  • Runs Ansible commands, playbooks, and modules.

2. Managed Nodes

  • The remote servers or devices managed by the Ansible control node.
  • Communicated via SSH (or WinRM for Windows).
  • No agent or software installation is required on the managed nodes.

Ansible Installation

On Ubuntu/Debian:

sudo apt update
sudo apt install ansible -y

On RHEL/CentOS:

Enable EPEL repository:

sudo yum install epel-release -y

Install Ansible:

sudo yum install ansible -y

Verifying Installation:

ansible --version

Ansible Inventory

An inventory file defines the hosts and groups of hosts that Ansible manages.

Example: /etc/ansible/hosts

[webservers]
192.168.1.10
192.168.1.11

[dbservers]
192.168.1.20 ansible_user=root ansible_ssh_private_key_file=/path/to/key
  • Groups: [webservers], [dbservers]
  • Variables: ansible_user, ansible_ssh_private_key_file

Ansible Configuration

The primary configuration file is ansible.cfg. It can be located:

  • /etc/ansible/ansible.cfg
  • Current working directory (./ansible.cfg)

Key Settings:

[defaults]
inventory = ./inventory
remote_user = ubuntu
private_key_file = /path/to/private_key
host_key_checking = False

Ad-Hoc Commands

Ansible allows executing single commands without writing a playbook.

Ping All Hosts:

ansible all -m ping

Execute Shell Commands:

ansible webservers -a "uptime"

Install a Package:

ansible dbservers -m apt -a "name=nginx state=present"

Ansible Playbooks

Playbooks are YAML files used to define multiple tasks and configurations.

Sample Playbook: site.yml

---
- name: Configure webservers
  hosts: webservers
  become: true

  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present

    - name: Start and enable Nginx service
      service:
        name: nginx
        state: started
        enabled: true

Run the Playbook:

ansible-playbook site.yml

Modules

Ansible modules are the core tools for executing tasks.

Commonly Used Modules:

  • ping: Checks connectivity.
  • shell / command: Executes commands on remote nodes.
  • apt / yum: Manages packages.
  • copy: Copies files to remote hosts.
  • service: Manages system services.

Example:

ansible webservers -m copy -a "src=/local/file dest=/remote/path"

Types of Nodes in Ansible

1. Control Node

  • The master system where Ansible is installed.
  • Manages multiple managed nodes.

2. Managed Node

  • Any server, device, or system managed by Ansible.
  • Can be grouped logically for better organization.

Best Practices for Ansible

  1. Organize Inventory:

    • Group hosts logically in the inventory file.
    • Use variables to simplify tasks.

  2. Use Roles:

    • Encapsulate playbooks, variables, templates, and tasks.
    • Example folder structure: 
      roles/
  webserver/
    tasks/
    handlers/
    templates/
    vars/
    defaults/

  3. Secure Sensitive Data:

    • Use ansible-vault to encrypt sensitive information. 
      ansible-vault encrypt secrets.yml

  4. Test Playbooks:

    • Always test on a staging environment before deploying to production.

  5. Version Control:

    • Store playbooks and configurations in Git for tracking and collaboration.

Troubleshooting

Debugging:

Use the -vvv flag for detailed output:

ansible-playbook -i inventory site.yml -vvv

Testing Connectivity:

ansible all -m ping

Checking Syntax:

ansible-playbook site.yml --syntax-check