What is Ansible?
Ansible is an open-source automation tool used for configuration management, application deployment, and task automation. It simplifies complex tasks and makes it easier to manage a large number of servers.
Config mgmt tool (Configuration Management Tool)
Ansible is primarily a configuration management tool. This means it helps you manage the configuration of your servers and ensure that they are in the desired state.
mgmt (Management)
Ansible is used to manage various aspects of servers including files, directories, packages, users, groups, and services.
Server(S)
Ansible can manage multiple servers simultaneously. This is one of its key strengths, making it highly scalable for large infrastructures.
Config (Configuration)
Ansible can configure different elements of the server. Here are some examples:
- file: Managing files
- dir: Managing directories
- apt: Managing APT packages (Debian-based systems)
- yum: Managing YUM packages (Red Hat-based systems)
- usr: Managing user accounts
- group: Managing user groups
- bash: Running bash commands or scripts
- package: General package management
- services: Managing services
Examples for Each Configuration Item
1. file
- Description: Manage files on servers.
- Example: Ensure a specific file exists with the correct content.
- name: Ensure a file is present
hosts: all
tasks:
- name: Create a welcome message file
ansible.builtin.copy:
dest: /etc/motd
content: "Welcome to the server!"
2. dir
- Description: Manage directories on servers.
- Example: Ensure a directory exists.
- name: Ensure a directory is present
hosts: all
tasks:
- name: Create a log directory
ansible.builtin.file:
path: /var/log/myapp
state: directory
3. apt
- Description: Manage APT packages on Debian-based systems.
- Example: Install a package.
- name: Install nginx
hosts: all
tasks:
- name: Install nginx using apt
ansible.builtin.apt:
name: nginx
state: present
4. yum
- Description: Manage YUM packages on Red Hat-based systems.
- Example: Install a package.
- name: Install httpd
hosts: all
tasks:
- name: Install httpd using yum
ansible.builtin.yum:
name: httpd
state: present
5. usr
- Description: Manage user accounts.
- Example: Ensure a user exists.
- name: Ensure a user exists
hosts: all
tasks:
- name: Create a user named john
ansible.builtin.user:
name: john
state: present
6. group
- Description: Manage user groups.
- Example: Ensure a group exists.
- name: Ensure a group exists
hosts: all
tasks:
- name: Create a group named developers
ansible.builtin.group:
name: developers
state: present
7. bash
- Description: Run bash commands or scripts.
- Example: Run a bash script.
- name: Run a bash script
hosts: all
tasks:
- name: Execute a bash script
ansible.builtin.shell: /path/to/script.sh
8. package
- Description: General package management.
- Example: Install a package using the default package manager.
- name: Install a package
hosts: all
tasks:
- name: Install tree package
ansible.builtin.package:
name: tree
state: present
9. services
- Description: Manage services.
- Example: Ensure a service is running.
- name: Ensure a service is running
hosts: all
tasks:
- name: Start nginx service
ansible.builtin.service:
name: nginx
state: started
Ansible is a versatile tool that can manage various aspects of server configuration. The examples provided illustrate how Ansible can be used to manage files, directories, packages, users, groups, bash commands, and services across multiple servers. This helps in automating repetitive tasks and ensuring consistency across your infrastructure.
Features
- Ansible is developed using the Python programming language.
- Ansible was created by Michael DeHaan and later acquired by Red Hat, a company that provides open-source software solutions.
Release
Ansible has different versions and tools available:
- Ansible: Command-line interface (CLI) tool.
- Ansible Tower: A GUI (Graphical User Interface) version of Ansible, which is a paid product and offers support.
- Ansible AWX: An open-source, free version of Ansible Tower, without official support, but regularly updated and maintained by the community.
Ansible (CLI)
- Description: The basic command-line interface for Ansible. It’s open-source and free to use.
- Example
$ ansible-playbook site.yml -i inventory
Ansible Tower
- Description: An enterprise-level solution with a graphical user interface (GUI) for Ansible. It provides additional features such as role-based access control, job scheduling, and more. This is a paid product with official support from Red Hat.
- Example: Ansible Tower can be used to visually manage playbooks, inventory, and job schedules. You might use it to schedule a job to run a playbook at a specific time or to control access to certain playbooks.
Ansible AWX
- Description: The open-source version of Ansible Tower, offering similar features but without official support. It’s updated by the community and serves as the upstream project for Tower.
- Example: AWX provides a web-based user interface and a REST API endpoint to manage Ansible playbooks. You can install it in your infrastructure and use it similarly to Ansible Tower.
Why Ansible?
- You can change CONFIG of Server(S) – Parallel
- Ansible allows you to change the configuration of multiple servers in parallel, making it efficient for managing large infrastructures.
- Easy to learn – share – extend – debug – test
- Ansible is user-friendly and straightforward to learn.
- It is easy to share playbooks (sets of Ansible instructions) and extend their functionality.
- Debugging and testing configurations are simplified due to its straightforward syntax.
- Idempotent
- Ansible ensures that applying the same configuration multiple times will not change the system after the first application if it is already in the desired state. This is known as idempotency.
Example Scenarios
- 10 servers:
- The first run takes 1 minute per server, totaling 10 minutes.
- Subsequent runs take only 1 minute total for all servers because the configurations are already in the desired state.
- 2 servers:
- The first run takes 1 minute per server, totaling 2 minutes.
- Subsequent runs take only 1 minute total for all servers.
Ansible is a powerful, Python-based automation tool developed by Red Hat. It offers different tools, including a command-line interface (CLI), a paid GUI version (Ansible Tower), and a free GUI version (Ansible AWX). It is chosen for its ability to manage multiple servers in parallel, ease of learning and use, extendibility, and idempotency. This makes it a preferred tool for managing configurations in a consistent and repeatable manner.
How Ansible Works?
1. Overview
- HUMAN –> ACS –> ARS (S)
- HUMAN: Represents the user or administrator.
- ACS (Ansible Control Server): The machine where Ansible is installed and from which commands are executed.
- ARS (Ansible Remote Servers): The target servers that Ansible will manage.
Components and Requirements
2. ACS (Ansible Control Server)
- Operating System: Linux (64-bit)
- Ansible is installed on a Linux machine.
- Software: Ansible
- The Ansible software itself is required on the control machine.
3. ARS (Ansible Remote Servers)
- Operating System: ANY
- Ansible can manage any operating system, whether Linux or Windows.
- Software: NONE (for Linux), WinRM (for Windows)
- No additional software is required on Linux remote servers as Ansible uses SSH.
- For Windows, WinRM (Windows Remote Management) is needed.
Communication
4. Communication Protocols
- Linux: SSH (port 22)
- Ansible communicates with Linux servers over SSH, which typically runs on port 22.
- Windows: WinRM (HTTP ports 5985, 5986)
- Ansible communicates with Windows servers using WinRM, which typically runs on ports 5985 and 5986.
5. Scripting Languages
- Linux: Python 3.x
- Ansible relies on Python installed on the control machine and the managed Linux servers.
- Windows: PowerShell (via Ps3, .NET 4.5)
- On Windows, Ansible uses PowerShell for task execution.
Detailed Explanation and Examples
1. Human –> ACS –> ARS(S)
- Example Workflow: A user writes an Ansible playbook and executes it from the ACS to configure or manage ARS(S).
- name: Update web servers
hosts: webservers
tasks:
- name: Ensure Apache is installed
ansible.builtin.yum:
name: httpd
state: present
- name: Ensure Apache is started
ansible.builtin.service:
name: httpd
state: started
2. ACS (Ansible Control Server)
- Example Installation on Linux:
$ sudo apt update
$ sudo apt install ansible
Example Configuration File: /etc/ansible/hosts
[webservers]
webserver1.example.com
webserver2.example.com
3. ARS (Ansible Remote Servers)
- Linux: No additional software needed if SSH is set up.
- Example Setup for SSH Access:
$ ssh-keygen -t rsa
$ ssh-copy-id user@webserver1.example.com
- Windows: WinRM needs to be configured.
- Example WinRM Setup on Windows
winrm quickconfig
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
4. Communication Protocols
- Linux (SSH):
- Ansible uses SSH to connect and manage Linux servers
$ ansible -m ping all
- This command checks connectivity to all hosts defined in the inventory.
- Windows (WinRM):
- Example configuration for Windows hosts in the inventory file:
[windows]
windows1.example.com
windows2.example.com
[windows:vars]
ansible_user=your_username
ansible_password=your_password
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
5. Scripting Languages
- Linux:
- Ansible uses Python for its operations.
- Ensure Python is installed
$ python3 --version
Windows:
- Ansible uses PowerShell.
- Ensure PowerShell is installed and configured:
$ powershell -version
Ansible works by allowing a user (HUMAN) to manage remote servers (ARS) via an Ansible Control Server (ACS). The control server requires Ansible installed and uses SSH to communicate with Linux servers and WinRM for Windows servers. This setup allows for efficient, scalable, and repeatable configuration management across diverse environments.