ansible.md

Ansible

---

🌐 Resources 🔗

• User Guide - Ansible Community Documentation
• jdauphant/awesome-ansible: A collaborative curated list of awesome Ansible resources
• ansible-community/awesome-ansible: Awesome Ansible List
• Semaphore UI

Blogs:

• An Introduction to Configuration Management with Ansible | DigitalOcean
• How to Use Ansible: A Reference Guide | DigitalOcean
• Ansible Tutorial for Beginners: Playbook & Examples

---

Ansible Intro

• Open-source tool for automation and configuration management
• Agentless: Uses SSH or WinRM for communication
• YAML-based playbooks for defining configurations
• Idempotent: Applies changes without unintended side effects
• Modular: Offers built-in modules for various tasks
• Roles: Organizes tasks for better reuse and collaboration
• Strong community support and extensive documentation

Terminology

• Control Node: The system running Ansible, typically on Linux/Unix
• Managed Nodes: Target systems controlled by Ansible, requiring SSH and Python (2.6+/3.5+). Supports various OS types, including Windows
• Inventory: A file listing managed hosts. Can be static (.ini) or dynamic (JSON output) for project-specific management
• Tasks: Units of work executed on managed nodes, either ad-hoc or within playbooks
• Playbook: An ordered list of tasks specifying target hosts and execution details, written in YAML
• Handlers: Special tasks for managing services, triggered by other tasks and run after all tasks are completed
• Roles: Structured collections of playbooks and files for reusable automation packages, streamlining specific deployments

---

Ansible Install

pipx install --include-deps ansible

pipx ensurepath

# pipx upgrade --include-injected ansible

• Generate ansible.cfg file

ansible-config init --disabled > ansible.cfg

Inventory

• Even if you do not define any groups in your inventory file, Ansible creates two default groups: all and ungrouped. The all group contains every host. The ungrouped group contains all hosts that don’t have another group aside from all.

sudo mkdir -p /etc/ansible
sudo nano /etc/ansible/hosts

[servers]
ubuntu-srv.local

[all:vars]
ansible_python_interpreter=/usr/bin/python3

Commands

ansible --version
ansible-community --version

ansible-inventory --list -y

# module
ansible all -m ping
ansible all -m setup

# Get info about IPv4 and IPv6 network intefaces
ansible all -m setup -a "filter=*ipv*"

# ad-hoc command
ansible all -a "df -h"
ansible all -a "sudo /bin/apt update"
ansible all -a "uptime"
ansible all -a "tail /var/log/nginx/error.log" --become

# Install latest version of vim, as suoder
ansible all -m apt -a "name=vim state=latest" --become

ansible all -m apt -a "name=tree"

# install asking for password
ansible all -m apt -a "name=nginx" --become -K

ansible all -a "systemctl restart nginx" --become

Labs

Playbooks

mkdir -p $HOME/ansible/playbooks
cd $HOME/ansible/playbooks

nano intro_playbook.yml

---
- hosts: all
  become: true
  tasks:
    - name: Install Packages
      apt: name={{ item }} update_cache=yes state=latest
      loop: [ 'nginx', 'vim' ]
      tags: [ 'setup' ]

    - name: Copy index page
      copy:
        src: index.html
        dest: /var/www/html/index.html
        owner: www-data
        group: www-data
        mode: '0644'
      tags: [ 'update', 'sync' ]

nano index.html

<html>
	<head>
		<title>Testing Ansible Playbooks</title>
	</head>
	<body>
		<h1>Testing Ansible Playbooks</h1>
		<p>This server was set up using an Nginx playbook.</p>
	</body>
</html>

ansible-playbook ./intro_playbook.yml --list-tasks

# Execute the playbook, prompting for sudo password
ansible-playbook ./intro_playbook.yml -K -v

# This will use the current system user as remote SSH user, and the current system user’s SSH key to authenticate to the nodes.

---