Difference between revisions of "Ansible"

From Ever changing code
Jump to navigation Jump to search
Line 68: Line 68:
  ssh-copy-id localhost.localdomain
  ssh-copy-id localhost.localdomain


= Variables used within playbooks =
= Variables used within playbooks - TARGET SECTION =
Specific to a playbook by adding a section:
Specific to a playbook by adding a section:
  - hosts: awsweb
  - hosts: awsweb
Line 91: Line 91:
   tasks:
   tasks:
     - name: Task1
     - name: Task1
= Handlers section =
In the example below handler 'Restart Apache' will be called only on change status of 'Install apache web server' task
tasks:
      - name: Install apache web server
        action: apt pkg=apache2 state=installed
        <span style="color: blue">notify: '''Restart Apache'''</span>        #notification matches the name of the handler
<span style="color: blue">handlers:
      - name: '''Restart Apache'''
        action: service name=apache2 state=restarted</span>


= Reference =
= Reference =
*[http://docs.ansible.com/ansible/intro_installation.html#getting-ansible Ansible installation]
*[http://docs.ansible.com/ansible/intro_installation.html#getting-ansible Ansible installation]
*[https://gitlab.com/pio2pio/ansible-training.git My GitLab repository] Linux Academy - Ansible training examples
*[https://gitlab.com/pio2pio/ansible-training.git My GitLab repository] Linux Academy - Ansible training examples

Revision as of 13:45, 25 March 2016

Ansible - management and configuration system

... watch the space :j

Install

apt-cache policy ansible | grep -A1 Installed # check version it will install
sudo apt-get install ansible

Install dependencies manually 

sudo apt-get install python python-setuptools python-crypto python-jinja2 python-paramiko python-pkg-resources python-yaml python python-httplib2 python-netaddr

Download a version from Ansible git repository you need 

wget https://releases.ansible.com/ansible/ansible-1.9.4.tar.gz
tar -xzvf ansible-1.9.4.tar.gz 
cd ansible-1.9.4/
sudo  make
sudo python setup.py install

Build VM with Vagrant

sudo apt-get install virtualbox

Then install Vagrant

Adhoc commands reference

                                                               --options
ansible*  host/-i hostfile -m modulename -a 'module arguments' -b (become) --ask-become-pass (-K in short)
                                                               
ansible local -m setup -a 'filter=ans*ipv4*'   #filter facts
ansible appsrv -m shell -a 'apt-get -y install lynx' -b --ask-become-pass  #-s deprecated replaced by -b 'become'
ansible appsrv -m apt -a 'pkg=lynx state=installed update_cache=true' -b -K
ansible appsrv -m file -a 'path=/tmp/etc state=directory mode=0700 owner=root' #create directory
ansible appsrv -m copy -a 'src=/etc/fstab dest=/tmp/etc/fstab'     #copy a file to a remote system
ansible appsrv -m command -a 'rm -rf /tmp/etc/fstab'               #delete a file
ansible appsrv -m service -a 'name=apache2 state=stopped' -u user -b -K #stop Ubuntu apache
ansible appsrv -m apt -a 'name=apache2 state=absent' -b --ask-become-pass #removes package

Specify a user that ansible control server should connect as, a key also can be specified but not necessary 

$ ansible centos -m ping -u username --private-key=~/.ssh/id_rsa

Copy a user ssh public key to remote server, if you do not specify a username, the current user will be used 

ssh-copy-id username@server.com

Modules

shell is not interactive, therefore 'apt-get install' requires -y flag. STDOUT is displayed on your terminal. The pipe and all redirections do work. Executes commands on a remote node.
copy - copies files from a local control server to remote node
fetch - copies files from remote node to the local box

Get facts

Examples of the most common facts. It requires Python to be installed on a remote node 

ansible awsweb -m setup -a 'filter=ansible_distr*' -u user --become --ask-become-pass
ansible awsweb -m setup -a 'filter=ansible_fqdn'
ansible awsweb -m setup -a 'filter=ansible_interfaces'
ansible awsweb -m setup -a 'filter=ansible_kernel'
ansible awsweb -m setup -a 'filter=ansible_mem*'
ansible awsweb -m setup -a 'filter=ansible_proc*'

Prepare environment for automation

Make an ansible_service user to run sudo without password asked 

sudo visudo
piotr ALL=(ALL)    NOPASSWD: ALL    #user can run as root without password
sudo -l    #check your rules, last rule take precedence

Stop Ansible to require sudo password at each run 

sudo vi /etc/ansible/ansible.cfg
#ask_sudo_pass = True         #needs to be commented out, otherwise works like --ask-become-pass

Install ansible_service user ssh_keys on local host 

ssh-copy-id localhost
ssh-copy-id localhost.localdomain

Variables used within playbooks - TARGET SECTION

Specific to a playbook by adding a section: 

- hosts: awsweb
  vars: 
    controls_server: localhost
    web_root: /var/wwwroot
  tasks:
    - name: Task1

Include variables from files 

- hosts: awsweb                                                #Example of variables file content:
  vars_files:                 cat ./vars.yml	
   - vars.yml   --------->    --- # YAML file
  tasks:                      controls_server: localhost
   - name: Task1              web_root: /var/wwwroot

Prompt a user to provide a value to the variable 

- hosts: awsweb
  vars_prompt: 
    - name: controls_server     #variable name
      prompt: Provide Controls Serve name
  tasks:
    - name: Task1

Handlers section

In the example below handler 'Restart Apache' will be called only on change status of 'Install apache web server' task 

tasks:
     - name: Install apache web server
       action: apt pkg=apache2 state=installed
       notify: Restart Apache         #notification matches the name of the handler
handlers:
     - name: Restart Apache
       action: service name=apache2 state=restarted

Reference

Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Ansible&oldid=1951