Difference between revisions of "OPS435 Ansible"

From CDOT Wiki
Jump to: navigation, search
Line 11: Line 11:
* Install and configure Ansible on a controller Linux machine
* Install and configure Ansible on a controller Linux machine
* Explore Ansible's ad hoc commands
* Explore Ansible's ad hoc commands
* Explore Ansible's built-in modules
* Explore and create Ansible playbooks
* Explore and create Ansible playbooks
* Access online documentation of Ansible's modules
= Introduction to Ansible =
= Introduction to Ansible =

Revision as of 02:30, 22 November 2019


"Ansible is an IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
Ansible was designed for multi-tier deployments since day one, and models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time.
Ansible uses no agents and no additional custom security infrastructure, and it uses a very simple language called 'YAML', to compose an Ansible Playbook which allow you to describe your automation jobs in a very simple way."

For more detail information about ansible, check out the ansible web site at www.ansible.com


  • Install and configure Ansible on a controller Linux machine
  • Explore Ansible's ad hoc commands
  • Explore Ansible's built-in modules
  • Explore and create Ansible playbooks

Introduction to Ansible

In this introduction, we explore the main components of the Ansible configuration management system and its operating environment. we also study a simple playbook for managing the configuration of a CentOS 7.x VM. For more detail information about ansible, check out the ansible web site at https://www.ansible.com

Key Concepts when using Ansible

  • YAML - a human-readable data serialization language & is commonly used for configuration files. To know more, your can check out the wikipedia page here
  • Control machine - (Management node)
  • Remote machine - (managed node)
  • playbook - contains one or multiple plays, each of which define the work to be done for a configuration on a managed server. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines; there are no standard plays.
  • Inventory file - defines the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate.
  • Hosts file - contains information about machines to be managed - click here for sample hosts file
  • Ad hoc commands
    • shell commands
      • ansible -a 'date'
      • ansible -a 'df'
      • ansible -a 'iptables -L -n -v' -u root
    • copy module
      • ansible -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
    • Package management
      • ansible -m yum -a "name=epel-release state=latest"

Sample runs for some of the Ad hoc commands

[rchan@centos7 ansible]$ ansible -m copy -a "src=/home/rchan/ops435/ansible/ansible.txt dest=/tmp/ansible.txt" | SUCCESS => {
    "changed": true, 
    "checksum": "837affc90674fb92cdb0ebac6e49ad31a586b37e", 
    "dest": "/tmp/ansible.txt", 
    "gid": 1001, 
    "group": "rchan", 
    "md5sum": "78ae49d77d28d06173cf2194a3909732", 
    "mode": "0664", 
    "owner": "rchan", 
    "secontext": "unconfined_u:object_r:user_home_t:s0", 
    "size": 106, 
    "src": "/home/rchan/.ansible/tmp/ansible-tmp-1542902119.15-117618539513309/source", 
    "state": "file", 
    "uid": 1001
[rchan@centos7 ansible]$ ansible -m yum -a "name=epel-release state=present" | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "epel-release-7-11.noarch providing epel-release is already installed"
[rchan@centos7 ansible]$ ansible -m yum -a "name=epel-release state=present" -u root | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "epel-release-7-11.noarch providing epel-release is already installed"
[rchan@centos7 ansible]$ ansible -m yum -a "name=epel-release state=latest" -u root | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "All packages providing epel-release are up to date", 

Gather all the information available on remote machine

[rchan@centos7 ansible]$ ansible -m setup | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
        "ansible_all_ipv6_addresses": [
        "ansible_architecture": "x86_64", 
        "ansible_bios_date": "04/01/2014", 
        "ansible_bios_version": "1.9.1-5.el7_3.2", 
        "ansible_cmdline": {
            "BOOT_IMAGE": "/vmlinuz-3.10.0-862.14.4.el7.x86_64", 
            "LANG": "en_CA.UTF-8", 
            "console": "ttyS0", 
        "ansible_userspace_bits": "64", 
        "ansible_virtualization_role": "guest", 
        "ansible_virtualization_type": "kvm", 
        "module_setup": true
    "changed": false

Click here for complete contents of the above

Ansible Playbook

Updating /etc/motd file

Name: motd-play.yml

- hosts:
  user: root
    apache_version: 2.6
    motd_warning: 'WARNING: use by ICT faculty/students only.'
    testserver: yes
    - name: setup a MOTD
        dest: /etc/motd
        content: "{{ motd_warning }}"

Sample Run:

[rchan@centos7 playbooks]$ ansible-playbook motd-play.yml

PLAY [] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: []

TASK [setup a MOTD] ************************************************************
changed: []

PLAY RECAP *********************************************************************             : ok=2    changed=1    unreachable=0    failed=0   

Install and start Apache Server

Name: httpd-play.yml

- hosts:
  user: root
    apache_version: 2.6
    motd_warning: 'WARNING: use by ICT faculty/students only.'
    testserver: yes
    - name: install apache
      action: yum name=httpd state=installed
    - name: restart apache
        name: httpd
        state: restarted

Sample Run:

[rchan@centos7 playbooks]$ ansible-playbook httpd-play.yml

PLAY [] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: []

TASK [install apache] **********************************************************
changed: []

TASK [restart apache] **********************************************************
changed: []

PLAY RECAP *********************************************************************             : ok=3    changed=2    unreachable=0    failed=0   


System requirements

  • You must have at lease two networked machines
    • control node - run ansible to configure remote node - need Ansible 2.x (latest version 2.7)
    • remote nodes - to be managed by the control node
  • You should be to ssh from your control node as a regular user to any of your remote nodes as root user without supplying a login password.
  • Python 2.7+ on all nodes


Pages in Print Edition: 122