Ansible
Ansible is an open source IT Configuration Management, Deployment & Orchestration tool.
Ansible is an open source IT Configuration Management, Deployment & Orchestration tool.
Installation
yum install epel-release
yum update -y
yum install git python openssl python-devel python-pip ansible -y
ansible --version
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
/etc/ansible/hosts
webserver [0] - First server
webserver [1] -Second server
webserver [-2] - second last
webserver [-1]- Last server
Ansible uSer
Password for ansible user
Sudo permissions/privileges to ansible user
SSH connection between servers and groups
delete password
useradd ansible
passwd ansible
vi /etc/sudoers //Addfollowing line anywhere
ansible all=(ALL) NOPASSWD:ALL
ssh-copy-id ansible@host1ip
Other install method:
pip install ansible
useradd ansible
passwd ansible
visudo
ansible all=(ALL) NOPASSWD:ALL
Adhoc - Linux commands (Idempotancy not available)
vi /etc/ansible/hosts //Here we can list the server or groups that we nees to be connected
ansible webservers --list-hosts //List all servers in the hostgroup named webservers
ansible webservers[0] --list-hosts //List first server in the hostgroup named webservers
ansible webservers[-1] --list-hosts //List last server in the hostgroup named webservers
ansible webservers[0:4] --list-hosts //List 1st to forth server in the hostgroup named webservers
ansible webservers -a "ls" // execute ls command at all servers in webservers group
ansible webservers -a "touch saifile"
ansible webservers -b -a "which httpd"
ansible webservers -b -a "yum install httpd -y" // -b enable us
ansible webservers[1] -b -a "yum install httpd -y" // perform the yum install in first server
ansible all -m command -a "ls" //to execute complex commands
Module - Single Modules (Idempotancy available)
ansible webservers -b -m yum -a "pkg httpd state present" //Install httpd with yum
ansible webservers -b -m yum -a "pkg httpd state latest" // Install latest httpd
ansible webservers -b -m yum -a "pkg httpd state absent" //Uninstall httpd
ansible webservers -b -m service -a "name=httpd state=started" // To start httpd in all servers in webservers group
ansible webservers -b -m service -a "name=httpd state=restarted" // To start httpd in all servers in webservers group
ansible webservers -b -m user -a "name=raj state=present" // To create a user
ansible webservers -b -m user -a "name=raj state=absent" // To remove a user
ansible all -m setup -a "filter =_ipv4"
ansible -m file -a "dest=/home/sherin/filename mode=644 owner=sherin group=sherin" --become all
By Defaults:
User - Create
Softwares/pkgs - Install
Service - start
File - create
PlayBook - Greated than one modules
Target section - Tasks has to be executed
Variable Section - Define Variables
Tasks section - List of all modules that we needs to be run
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/yum_module.html
To disable python interpretor warning:
vi /etc/ansible/ansible.cfg
interpreter_python = auto_silent //Addd this line
Idempotancy - DO the working only one time
YAML - Yet Ain't Markup Language
extensions: .yml or .yaml
start with --- end with ..
ansible-playbook test.yaml -b //-b giving root permission.
--------------------------------------------------------
vi test.yaml
--- #this is my first Playbook
- hosts: webservers
tasks:
-name : installing httpd on webservers
action: yum pkg-httpd state=present
-name: Installing Mysql on webservers
action: yum pkg-mysql state=installed
#ansible-playbook test.yaml
--------------------------------------------------------
vi target.yaml
--- #this is my target Playbook
- hosts: webservers
user: ansible
become: yes
connection: ssh
#ansible-playbook target.yaml
--------------------------------------------------------
vi test123.yml
--- #this is a Playbook to install httpd in all servers
- hosts: webservers
user: ansible
become: yes
connection: ssh
tasks:
-name: installing httpd software in wservers at webserversgroup
action yum name=httpd state=installed
ignor_errors: yes //It ignore the above task if there is any errors and move to next
--------------------------------------------------------
vi filecreate.yml
--- #Creating a new file
- host: webservers
user: ansible
become: yes
connection: ssh
tasks:
-name: creating a file named demofile
file:
path: /home/ansible/demofile
state: touch
--------------------------------------------------------
--- #copying a file
- hosts: webservers
user:ansible
become: yes
connection: ssh
tasks:
-name: copying a file
copy:
src: /home/file/location
dest: /home/file/destlocation
--------------------------------------------------------
--- #Installation
- hosts: webservers
name: my playbooks
user:ansible
become: yes
connection: ssh
tasks:
-name: install tree software
yum:
name: tree
state: latest
--------------------------------------------------------
--- #Installation
- hosts: webservers
name: my playbooks
user:ansible
become: yes
connection: ssh
vars:
pkgname: httpd
tasks:
-name: install a package with variable
action: yum name = '{{pkgname}}' state=installed
--------------------------------------------------------
--- #Installation
- hosts: webservers
name: my playbooks
user:ansible
become: yes
connection: ssh
vars:
user: sherin
tasks:
-name: Add a new user
user:
name = '{{user}}'
--------------------------------------------------------
---
- hosts: webservers
name: my test playbooks
user:ansible
become: true
tasks:
-name: installing s/w
yum:
name: httpd
state: installed //For remove replace installed with "absent"
-name: Starting S/w
service:
name: httpd
state: started
--------------------------------------------------------
---
- hosts: webservers
name: install s/w based on OS
user:ansible
become: true
connection: ssh
tasks:
-name: install apache for debian
command: apt-get install apache2 -y
when: ansible_os_family == "Debian"
-name: install apache for Redhat
command: yum install httpd
when: ansible_os_family == "RedHat"
--------------------------------------------------------
--- #My conditional playbooks
- name: My conditional playbooks
hosts: all
become: true
tasks:
-name: install apache for debian
apt:
name: apache2
state: present
when: ansible_os_family == "Debian"
-name: Start apache for Debian
name: apache2
state: started
when: ansible_os_family == "Debian"
-name: install apache for RedHat
yum:
name: httpd
state: installed
when: ansible_os_family == "RedHat"
-name: Start apache for Redhat
name: httpd
state: started
when: ansible_os_family == "RedHat"
-name: copy Index.html
copy:
src: /home/index.html
dest: /var/www/html
owner: sherin
mode: 0644
--------------------------------------------------------
--- #install multiple packages
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: installpackages
yum:
name: ['git', 'which', 'httpd', 'java', 'docker', 'mysql', 'wget', 'tree']
state: installed
--------------------------------------------------------
--------------------------------------------------------
--- #install multiple packages another method
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: install packages
yum: name='{{item}}' state=installed
with _items:
-httpd
-mysql
-git
-docker
-ansible
--------------------------------------------------------
vi user.yml
#add following users
miqdad
aydin
vi createusersfromlist.yml
---
-name: variable playbook
hosts: all
become: true
connection: ssh
variable_file:
-user.yml
tasks:
-name: create user accounts from the lists in users.yml
user:
name: "{{user1}}"
----------------------Multiple user creation----------------------------------
--- #Create multiple user accounts
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: create multiple users
user: name='{{item}}' state=present
with _items:
-innu
-appu
-mikku
-farsu
--------------------Sample file creation------------------------------------
--- #Create multiple user accounts
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: creating a sample file with ansible
file: path=/tmp/testfile.txt state=file
-name: creating a sample directory with ansible
file: path=/tmp/rajdir state=directory
-name: copy a sample file with ansible
copy: src=/tmp/testfile dest:/home/user/
--------------------Execute shell script with Playbook------------------------------------
--- #Execute shell script with Playbook
- hosts: webservers
become: true
user: ansible
connection: ssh
# Vault - Storing secrets, sensitive data
ansible-vault create hari.yml //It will ask for Password
ansible-vault edit hari.yml // now we can edit the encrypted yml file
ansible-vault rekey hari.yml // to reset the password
ansible-vault decrypt hari.yml //to decrypt the encrypted file
ansible-vault encrypt hari.yml //to encrypt the normal file
# While creating playbook we can encrypt
#existing playbook also can encrypt
# Roles = Dividing Playbook into multiple folders
Main playbook: Target sections
Other Playbooks
Child playbooks
--------------------HTTPD installation sample with ansible playbook------------------------------------
mkdir -p /playbook/roles/testrole/tasks
touch /playbook/roles/testrole/tasks/main.yml
touch /playbook/master.yml
vi /playbook/roles/testrole/tasks/main.yml
-name: istalling HTTPD
yum: pkg=httpd state:latest
vi /playbook/master.yml
--- #HTTPD install using playbook roles
- hosts: webservers
become: true
user: ansible
connection: ssh
roles:
-testrole
--------------------------------------------------------
# ansible-playbook master.yml
to execute:
# ansible-playbook createusersfromlist.yml
# ansible-playbook createusersfromlist.yml --extra-vars "user1=farsana"
ansible-playbook target.yaml --check //To check whether the synctacs are correct.
state: directory - To create directory
state: adsent - Delete the directory
------------------------------------Tomcat Installation using Ansible------------------------------------
vi install-java-tomcat.yml
--- #Tomcat Installation using Ansible
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: Install java on CentOS
yum:
name: java
state: installed
when: ansible_os_family == "RedHat"
-name: install java on Debian
apt:
name: default-jdk
state: present
when: ansible_os_family == "Debian"
-name: Download tomcat
get_url:
URL: https://dlcdn.apache.org/tomcat/tomcat-8/v8.5.82/bin/apache-tomcat-8.5.82.tar.gz
dest: /backup/downloads
-name: extract tomcat
unarchive:
src: /backup/downloads/apache-tomcat-8.5.82.tar.gz
dest: /backup/downloads/
remote_src: yes //optional, this is to confirm that in source location file is available
-name: providing executable permission
file:
path:/backup/downloads/apache-tomcat-8.5.82/bin/startup.sh
mode: 0755
-name: starting tomcat
shell: nohup ./startup.sh //nohup Makesure that the service will be running always
args:
chdir: /backup/downloads/
------------------------------------DOne------------------------------------
vi install-java-jenkins.yml
--- #Java and Jnkins Installation using Ansible
- hosts: webservers
become: true
user: ansible
connection: ssh
tasks:
-name: Install java on CentOS
yum:
name: java
state: present
-name: install wget command
yum:
name: wget
state: installed
-name: Download jenkins
URL: https://pkg.jenkins.io/redhat/jenkins.repo
dest: /etc/yum.repos.d/
-name: Download jenkins key
rpm_key:
state: present
key: https://pkg.jenkins.io/redhat/jenkins.io.key
-name: install Jenkins
yum:
name: jenkins
state: installed
-name: start jenkins
service:
name: jenkins
state: started
enabled: yes