Ansible – What is Ansible and How it works (Part-1)

Posted by

What is Ansible?

Ansible is an open-source automation tool used for configuration management, application deployment, and task automation. It simplifies complex tasks and makes it easier to manage a large number of servers.

Config mgmt tool (Configuration Management Tool)

Ansible is primarily a configuration management tool. This means it helps you manage the configuration of your servers and ensure that they are in the desired state.

mgmt (Management)

Ansible is used to manage various aspects of servers including files, directories, packages, users, groups, and services.

Server(S)

Ansible can manage multiple servers simultaneously. This is one of its key strengths, making it highly scalable for large infrastructures.

Config (Configuration)

Ansible can configure different elements of the server. Here are some examples:

  1. file: Managing files
  2. dir: Managing directories
  3. apt: Managing APT packages (Debian-based systems)
  4. yum: Managing YUM packages (Red Hat-based systems)
  5. usr: Managing user accounts
  6. group: Managing user groups
  7. bash: Running bash commands or scripts
  8. package: General package management
  9. services: Managing services

Examples for Each Configuration Item

1. file

  • Description: Manage files on servers.
  • Example: Ensure a specific file exists with the correct content.
- name: Ensure a file is present
  hosts: all
  tasks:
    - name: Create a welcome message file
      ansible.builtin.copy:
        dest: /etc/motd
        content: "Welcome to the server!"

2. dir

  • Description: Manage directories on servers.
  • Example: Ensure a directory exists.
- name: Ensure a directory is present
  hosts: all
  tasks:
    - name: Create a log directory
      ansible.builtin.file:
        path: /var/log/myapp
        state: directory

3. apt

  • Description: Manage APT packages on Debian-based systems.
  • Example: Install a package.
- name: Install nginx
  hosts: all
  tasks:
    - name: Install nginx using apt
      ansible.builtin.apt:
        name: nginx
        state: present

4. yum

  • Description: Manage YUM packages on Red Hat-based systems.
  • Example: Install a package.
- name: Install httpd
  hosts: all
  tasks:
    - name: Install httpd using yum
      ansible.builtin.yum:
        name: httpd
        state: present

5. usr

  • Description: Manage user accounts.
  • Example: Ensure a user exists.
- name: Ensure a user exists
  hosts: all
  tasks:
    - name: Create a user named john
      ansible.builtin.user:
        name: john
        state: present

6. group

  • Description: Manage user groups.
  • Example: Ensure a group exists.
- name: Ensure a group exists
  hosts: all
  tasks:
    - name: Create a group named developers
      ansible.builtin.group:
        name: developers
        state: present

7. bash

  • Description: Run bash commands or scripts.
  • Example: Run a bash script.
- name: Run a bash script
  hosts: all
  tasks:
    - name: Execute a bash script
      ansible.builtin.shell: /path/to/script.sh

8. package

  • Description: General package management.
  • Example: Install a package using the default package manager.
- name: Install a package
  hosts: all
  tasks:
    - name: Install tree package
      ansible.builtin.package:
        name: tree
        state: present

9. services

  • Description: Manage services.
  • Example: Ensure a service is running.
- name: Ensure a service is running
  hosts: all
  tasks:
    - name: Start nginx service
      ansible.builtin.service:
        name: nginx
        state: started

Ansible is a versatile tool that can manage various aspects of server configuration. The examples provided illustrate how Ansible can be used to manage files, directories, packages, users, groups, bash commands, and services across multiple servers. This helps in automating repetitive tasks and ensuring consistency across your infrastructure.

Features

  • Ansible is developed using the Python programming language.
  • Ansible was created by Michael DeHaan and later acquired by Red Hat, a company that provides open-source software solutions.

Release

Ansible has different versions and tools available:

  • Ansible: Command-line interface (CLI) tool.
  • Ansible Tower: A GUI (Graphical User Interface) version of Ansible, which is a paid product and offers support.
  • Ansible AWX: An open-source, free version of Ansible Tower, without official support, but regularly updated and maintained by the community.

Ansible (CLI)

  • Description: The basic command-line interface for Ansible. It’s open-source and free to use.
  • Example
$ ansible-playbook site.yml -i inventory

Ansible Tower

  • Description: An enterprise-level solution with a graphical user interface (GUI) for Ansible. It provides additional features such as role-based access control, job scheduling, and more. This is a paid product with official support from Red Hat.
  • Example: Ansible Tower can be used to visually manage playbooks, inventory, and job schedules. You might use it to schedule a job to run a playbook at a specific time or to control access to certain playbooks.

Ansible AWX

  • Description: The open-source version of Ansible Tower, offering similar features but without official support. It’s updated by the community and serves as the upstream project for Tower.
  • Example: AWX provides a web-based user interface and a REST API endpoint to manage Ansible playbooks. You can install it in your infrastructure and use it similarly to Ansible Tower.

Why Ansible?

  • You can change CONFIG of Server(S) – Parallel
    • Ansible allows you to change the configuration of multiple servers in parallel, making it efficient for managing large infrastructures.
  • Easy to learn – share – extend – debug – test
    • Ansible is user-friendly and straightforward to learn.
    • It is easy to share playbooks (sets of Ansible instructions) and extend their functionality.
    • Debugging and testing configurations are simplified due to its straightforward syntax.
  • Idempotent
    • Ansible ensures that applying the same configuration multiple times will not change the system after the first application if it is already in the desired state. This is known as idempotency.

Example Scenarios

  • 10 servers:
    • The first run takes 1 minute per server, totaling 10 minutes.
    • Subsequent runs take only 1 minute total for all servers because the configurations are already in the desired state.
  • 2 servers:
    • The first run takes 1 minute per server, totaling 2 minutes.
    • Subsequent runs take only 1 minute total for all servers.

Ansible is a powerful, Python-based automation tool developed by Red Hat. It offers different tools, including a command-line interface (CLI), a paid GUI version (Ansible Tower), and a free GUI version (Ansible AWX). It is chosen for its ability to manage multiple servers in parallel, ease of learning and use, extendibility, and idempotency. This makes it a preferred tool for managing configurations in a consistent and repeatable manner.

How Ansible Works?

1. Overview

  • HUMAN –> ACS –> ARS (S)
    • HUMAN: Represents the user or administrator.
    • ACS (Ansible Control Server): The machine where Ansible is installed and from which commands are executed.
    • ARS (Ansible Remote Servers): The target servers that Ansible will manage.

Components and Requirements

2. ACS (Ansible Control Server)

  • Operating System: Linux (64-bit)
    • Ansible is installed on a Linux machine.
  • Software: Ansible
    • The Ansible software itself is required on the control machine.

3. ARS (Ansible Remote Servers)

  • Operating System: ANY
    • Ansible can manage any operating system, whether Linux or Windows.
  • Software: NONE (for Linux), WinRM (for Windows)
    • No additional software is required on Linux remote servers as Ansible uses SSH.
    • For Windows, WinRM (Windows Remote Management) is needed.

Communication

4. Communication Protocols

  • Linux: SSH (port 22)
    • Ansible communicates with Linux servers over SSH, which typically runs on port 22.
  • Windows: WinRM (HTTP ports 5985, 5986)
    • Ansible communicates with Windows servers using WinRM, which typically runs on ports 5985 and 5986.

5. Scripting Languages

  • Linux: Python 3.x
    • Ansible relies on Python installed on the control machine and the managed Linux servers.
  • Windows: PowerShell (via Ps3, .NET 4.5)
    • On Windows, Ansible uses PowerShell for task execution.

Detailed Explanation and Examples

1. Human –> ACS –> ARS(S)

  • Example Workflow: A user writes an Ansible playbook and executes it from the ACS to configure or manage ARS(S).
- name: Update web servers
  hosts: webservers
  tasks:
    - name: Ensure Apache is installed
      ansible.builtin.yum:
        name: httpd
        state: present
    - name: Ensure Apache is started
      ansible.builtin.service:
        name: httpd
        state: started

    2. ACS (Ansible Control Server)

    • Example Installation on Linux:
    $ sudo apt update
    $ sudo apt install ansible
    

    Example Configuration File: /etc/ansible/hosts

    [webservers]
    webserver1.example.com
    webserver2.example.com
    

    3. ARS (Ansible Remote Servers)

    • Linux: No additional software needed if SSH is set up.
    • Example Setup for SSH Access:
    $ ssh-keygen -t rsa
    $ ssh-copy-id user@webserver1.example.com
    
    • Windows: WinRM needs to be configured.
    • Example WinRM Setup on Windows
    winrm quickconfig
    winrm set winrm/config/service/auth '@{Basic="true"}'
    winrm set winrm/config/service '@{AllowUnencrypted="true"}'
    

    4. Communication Protocols

    • Linux (SSH):
      • Ansible uses SSH to connect and manage Linux servers
    $ ansible -m ping all
    
    • This command checks connectivity to all hosts defined in the inventory.
    • Windows (WinRM):
      • Example configuration for Windows hosts in the inventory file:
    [windows]
    windows1.example.com
    windows2.example.com
    
    [windows:vars]
    ansible_user=your_username
    ansible_password=your_password
    ansible_connection=winrm
    ansible_winrm_server_cert_validation=ignore
    

    5. Scripting Languages

    • Linux:
      • Ansible uses Python for its operations.
      • Ensure Python is installed
    $ python3 --version
    

    Windows:

    • Ansible uses PowerShell.
    • Ensure PowerShell is installed and configured:
    $ powershell -version
    

    Ansible works by allowing a user (HUMAN) to manage remote servers (ARS) via an Ansible Control Server (ACS). The control server requires Ansible installed and uses SSH to communicate with Linux servers and WinRM for Windows servers. This setup allows for efficient, scalable, and repeatable configuration management across diverse environments.

    guest
    0 Comments
    Inline Feedbacks
    View all comments
    0
    Would love your thoughts, please comment.x
    ()
    x