ANSIBLE

What is Ansible?
Ansible is an open source IT Configuration Management, Deployment &
Orchestration tool. It aims to provide large productivity gains to a wide variety of
automation challenges. This tool is very simple to use yet powerful enough to automate
complex multi-tier IT application environments

Why we need Ansible?

We now use Ansible for any task or project that requires repeatable
processes and a consistent environment, such as provisioning IoT devices and
server infrastructure, installation and configuration of applications, and
application deployment

When introduced Ansible?

 It is introduced in the year October 2015 the original author is
Michael DeHaan
 But it is started in 1966
 It is written in python language
Chef – When there is a failure on the primary server i.e. chef server, it has a
backup server to take the place of the primary server.

Puppet – It has multi-master architecture, if the active master goes down, the
other master takes the active master place.

Ansible – It runs with a single active node, called the Primary instance. If
primary goes down, there is a Secondary instance to take its place.

Salt stack – It can have multiple masters configured. If one master is down,
agents connect with the other master in the list. Therefore it has multiple
masters to configure salt minions.

Ease of Setup

Chef – Chef has a master-agent architecture.

Puppet – Puppet also has a master-agent architecture.

Ansible – It has only master running on the server machine, but no agents
running on the client machine.

Salt stack – Here Server is called as salt master and clients are called as
salt minions which run as agents in the client machine.

Configuration Language

Chef – Chef uses Ruby Domain Specific Language (Ruby DSL). It has a steep
Learning Curve and its developer oriented.

Puppet

Puppet uses its own puppet Domain Specific Language (Puppet DSL). It is not
very easy to learn and its system administrator oriented .

Ansible

Ansible uses YAML i.e yet another mark-up Language (Python). It is quite easy
to learn and its administrator oriented. Python is inbuilt into most Unix and
Linux deployments nowadays, so setting the tool up and running is quicker.
Salt stack

Salt stack also uses YAML (Python). It is again easy to learn and administrator
oriented.

Machine should be

Chef – Chef Server works only on Linux/Unix but Chef Client and Workstation
can be on windows as well.

Puppet – Puppet Master works only on Linux/Unix but Puppet Agent also works
on windows.

Ansible – Ansible supports windows machines as well but the Ansible server has
to be on Linux/Unix machine.

Salt stack – Salt Master works only on Linux/Unix but Salt minions can work on
windows as well.

Chef - push

Puppet-pull
Ansible-push
Salt stack-push & pull

Ansible topics
 Ad hoc command
 Play books
 Roles
 Vault
Ad hoc command is used to install a single task
Play books is used to install and doing multiple task using YAML lag
Roles is dividing a complex playbooks into a structural format
Vault is used to hide the your secret files

In this we going to see ansible

Step 1: ANSIBLE INSTALLATION

Launch the EC2 instance

Step 2: User data:

#! /bin/bash
yum install python-pip -y
pip install ansible
Step 3: Download Pageagent and load your ppk file.
Using this Url
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
And goto this page
Using right click add the ppk file in the Pageagent

Step 4: In putty ssh session enable allow agent forwarding option- Otherwise
while connecting to node instance you will get permission denied error
Logon to ec2-user

Step 5: Ansible adhoc command: Practice the command below with ec2-user
and not with root user

Step 6: Create one text file for e.g. slaves.txt and add node instance private IP
Example:
[Web]
IP 1
IP 2
Step 7: Now you need ansible.cfg file and u can get it from
Using this Url
https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg

Vi ansible.cfg

Step 8:
ansible all -i slaves.txt -m ping
 ansible web -i slaves.txt -m ping

Step 9:
Ansible web –i slaves.txt –m yum –a “name=httpd state=present” –b

Step 10:
Ansible web –i slaves.txt –m service –a “name=httpd state=started” –b
Step 11:
Transferring the file to many servers/machines
ansible all -i slaves.txt -m copy -a "src=./slaves.txt dest=/tmp/slaves.txt"

Setp 12:
Deleting whole directory and files
Ansible abc -m file -a "dest = /path/user1/new state = absent"

Step 13: (for Ubuntu machine)

For installation and management of applications
ansible webservers -m apt -a 'name=python state=present'

Step 14:
User: To add and delete users
ansible webservers -m user -a 'name=nishanth password=admin123' -b
ansible webservers -m user -a 'name=nishanth state=absent' (to delete
user) -b
Task: use Ubuntu machine and without using -i
Step 15:
Deploy your webapp straight from git:
ansible webservers -m git -a "repo=https://foo.example.org/repo.git
dest=/srv/myapp version=HEAD"
ansible webservers -m service -a "name=httpd state=restarted"
ansible all -i slaves.txt --list-host
ansible <specific ip> -i slaves.txt -a "uname -a"
ansible all -i slaves.txt -a "uname -a" -u ec2-user
ansible all -i slaves.txt -a "uname -a" -u ec2-user –b
ansible jenkins -i slaves.txt -a "grep -i JENKINS_PORT
/etc/sysconfig/jenkins" -b

Dynamic Inventory:
Step 1:
You can find sample python script for dynamic inventory in this URL
https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/ec2.py
 chmod 777 ec2-py

Check ls –lrt

Step 2:
 Using IAM full admin access

Install boto in control machine to work with dynamic inventory with the
below command.
Pip install boto

Step 3:
Create IAM role in AWS with full administrative access and attach role to
your control machine
Step 4:
Dynamic Inventory example
ansible all -i ec2.py -a "uname -a"

Playbooks
Step 1:
Install visual studio code
https://code.visualstudio.com/docs/?dv=win64user

Step 2:
Install ansible plugins in visual studio code which will make our job easy
Step 3:
playbook file should be with .yaml format
vi filename.yaml

To run
ansible-playbook –I slaves.txt filename.yaml
Task 1:

- hosts: all
remote_user: ec2-user
become: yes

tasks:
- name: install httpd server
package:
name: httpd
state: present

- name: Start service httpd, if not running

service:
name: httpd
state: started

- template:
src: /home/ec2-user/index.html.j2
dest: /var/www/html/index.html
To run this file
Task 2:
Create the (vi file name.yaml)
- hosts: all
remote_user: ec2-user
become: yes
tasks:
- name: im going to install apache
yum:
name: "{{ item }}"
state: present
with_items:
- mysql
- php
- unzip
Run this (ansible-playbook -i slaves.txt filename.yaml)

Task 3:
- hosts: web
remote_user: ec2-user
become: yes
tasks:
- name: Add jenkins repo install
yum_repository:
name: jenkins
description: jenkins YUM repo
baseurl: https://pkg.jenkins.io/redhat-stable
gpgkey: https://pkg.jenkins.io/redhat-stable/jenkins.io.key
- name: jenkins java install
yum:
name: "{{ item }}"
state: present
loop:
- java
- jenkins
 - name: jenkins start
service:
name: jenkins
state: started

Change the port num for jenkins

- hosts: web
remote_user: ec2-user
become: yes
vars:
port:8000
tasks:
 - name: Add jenkins repo install
yum_repository:
name: jenkins
description: jenkins YUM repo
baseurl: https://pkg.jenkins.io/redhat-stable
gpgkey: https://pkg.jenkins.io/redhat-stable/jenkins.io.key
- name: jenkins java install
yum:
name: "{{ item }}"
state: present
loop:
- java
- jenkins
- name: going to change port
lineinfile:
path: /etc/sysconfig/jenkins
regexp: '^jeankins-port='
line: "jenkins-port-{{port}}"
notify:
-restart jenkins
- name: jenkins start
service:
name: jenkins
state: started
handlers:
- name: restart jenkins
 service:
name: jenkins
state:restarted
Task 4:
- hosts: jenkins
remote_user: ec2-user
become: yes
vars:
jenkins_port: 9006
tasks:
- name: jenkins installation from yum
yum_repository:
name: jenkins
description: jenkins
baseurl: http://pkg.jenkins.io/redhat
gpgkey: https://jenkins-ci.org/redhat/jenkins-ci.org.key

- name : Install jenkins and Java

package:
name: "{{item}}"
state: present
loop:
- java
- jenkins
- httpd
 - name: we are going to start the service
service:
name: jenkins # required. Name of the service.
enabled: yes # not required. Whether the service should start on boot.
B(At least one of state and enabled are required.)
state: started
- name: change default port number
lineinfile:
path: /etc/sysconfig/jenkins
regexp: '^JENKINS_PORT='
line: "JENKINS_PORT={{ jenkins_port }}"
notify:
- restart jenkins
- name: validate port change
command: "grep -i JENKINS_PORT /etc/sysconfig/jenkins"
register: grep_results
- name: debug grep results
debug:
msg: "{{ hostvars['172.31.21.72'] }}"
when: grep_results.rc != 0
handlers:
- name: restart jenkins
service:
name: jenkins # required. Name of the service.
state: restarted
Task 5: Run playbook:
ansible-playbook -i slaves.txt jenkins.yml
Example to pass variable in run time
ansible-playbook -i slaves.txt jenkins.yml -e "jenkins_port=8001"

Roles:
Step 1:
Sudo yum install tree –y

Now create new file

Now log into file

Cd task/
Using vi main,yml
Check it current dictory
pwd

Using cd
come back path
vi role.yml