Ansible for Beginners

What is Ansible?

Ansible is a automation used to carry our repetitive task.
ex. of these can be following:

1. provisioning
2. Configuration Management
3. Continout Devlivery
4. Application Deployment
5. Security Compliance

Features of Ansible

1. Simple
2. Powerful
3. Agentless

Ansible configuration File

Default location on linux:

# configuration file default path on linux
/etc/ansible/ansible.cfg

Sections of Configuration file

[defaults]
# default location for inventory files
inventory   = /etc/ansible/hosts
log_path    = /var/log/ansible.log

library     = /usr/share/my_modules/
roles_path  = /etc/ansible/roles
action_plugins  = /usr/share/ansible/plugins/action

gathering  = /implicit

# SSH timeout 
timeout  = 10
forks  = 5

[inventory]

[privilege_escalation]

[paramiko_connection]

[colors]

How to override Default config file

in some complex scenarios we need to override current default config file path for different hosts.

# using Environment variable 
$ANSIBLE_CONFIG=/opt/ansible-web.cfg ansible-playbook playbook.yml

Priority to be used for configuration files

1. file path which is used in environment variables
2. directory where ansible paths are being running from
3. config file which are stored in users home directory
4. default Config file stored at default location

Scenario 2
If there is a case we have to store value value of specific ansible playbook
To achieve this we can set the specific Config variables for the specific ansible playbook

# using variable defination
ANSIBLE_GATHERING=explicit anisble-playbook playbook.yml

# using export method
export ANSIBLE_GATHERING=explicit
ansible-playbook playbook.yml

# by defining the variable in ansible config file
# path : /opt/web-playbooks/ansible.cfg
gathering  = explicit

How to check all the configuration for the file

# this command will list all the configuration
ansible-config list

# shows the current config file
ansible-config view

# shows the current settings
ansible-config dump

How to Write YAML

• YAML Stands for Yet Another Markup Language
• it's a scripting language used to created automation

Thing to learn about yaml

• How to store information using Key value pair
• How to create Arrays/List
• How to create Dictionary/Map

How to create Key value pair

• to create key value pair we use colon sign ex.

key : value

How to create Array/List

• to create array we use hypen(-) in front of and element ex.

Fruits:
- Orange
- Apple
- Banana

Ansible Inventory

Ansible can manage multiple hosts, this is done using existing agents on the systems.
For linux -> SSH
for windows hosts -> Powershell Remoting

To store these Hosts information we use inventory file, if custom inventory file is not created then ansible uses default invetory file stored at

/etc/ansible/hosts

ansible supports 2 types of formats for inventory files:

1. INI format
2. YAML format

Let's look at the sample inventory file in INI format

# list of number of servers
serv1.company.com
serv2.company.com
serv3.company.com

# we can also group server by a common name
[mail]
mail_serv1.company.com
mail_serv2.company.com
mail_serv3.company.com

Inventory Parameters

to connect to a specific host we use can define multiple parameters.
like:

1. host alias
2. ansible connection type
3. ansible connection port
4. ansible user
5. ansible ssh password

example of ansible inventory parameters

web ansible_host=serv1.company.com ansible_connection=ssh ansible_user=root ansible_ssh_pass=root
window_host ansible_host=serv2.company.com ansible_connection=winrm ansible_user=administrator ansible_pass=admin

# to interact with local machine
localhost ansible_connections=localhost

Ansible Variables

variable are used to store information in ansible.to use variables in Ansible we use jinja 2 templating.
in this example all the codes and variables are defined in the same file.

example code

-
   name: Add DNS server to resolve.conf
   hosts: localhost
    vars:
       dns_server: 10.1.250.10
   tasks:
      - lineinfile:
          path: /etc/resolve.conf
          line: 'nameserver {{ dns_server }}'

to organise code in a better way we can define variables in separate file.
ex. variables file

http_port: 8081
snmp_port: 161-162
inter_ip_range: 192.0.2.0

example playbook file to use these variables

-
    name: Set firewall configuration 
    hosts: web
    tasks: 
    - firewalld:
         service: https
         permanent: true
         state: enabled
    - firewalld:
         port: '{{ http_port }}'/tcp
         permanent: true
         state: disabled
    - firewalld:
         port: '{{ snmp_port }}'/udp
         permanent: true
         state: disabled
    - firewalld:
         source: '{{ inter_ip_range }}'/24
         Zone: internal
         state: enabled

Variable Types

1. Number variables: which holds numeric values
2. Boolean variables: which holds boolean values
3. List variables: which holds list of items
4. Dictionary variables

Variable Precedence

when defining variables, some methods of defining variables takes higher precedence then others.
these precedence are defined from higher to lower given below:

1. Extra vars
2. play vars
3. Host vars
4. Group vars

Explanantion:

1. first ansible checks for the variables defined for a group, if there is a specific value defined for a specific hosts, then that value will overwrite the Groups Variables.
2. similarly variables defined at playbook level with overwrite the variables defined at host level.
3. at last variables defined with extra vars keywords will overwrite the playbook variables and have highest precedence.

Registering variables

in some scenarios we want to pass some variables to other commands, this can be done by using registering the variables and storing them.
ex. for the same

- shell: cat /etc/hosts
  register: results
- debug: 
    var: results

Note

1. Output of the variable depends on the type of module which has been used
2. another way to view output of the debug module is to use -v parameter while running the playbook ex.

ansible-playbook -i inventory playbook.yml -v

Variables Scope

1. scope defines the accessiblity and visiblity of a variable to elements in the code.
2. scope depends on the position how and where it has been defined in the given code

we'll talk about various types of scopes

1. Host scope

• host scope is available in the play which is running for the given host

2. Play scope

• play scope is available in while the current play is running

3. Global variables scope

• scope of this variable is visible to all as it passed while running the playbook by the parameter knows as extra-vars ex.

ansible-playbook playbook.yml --extra-vars "ntp_server=10.1.1.1"

Magic Variables

magic variables are used to access the information of the other hosts.
list of mostly used magic variables:

1. hostvars : this return the parameters associated with given host
2. groups: this return list of hosts which comes under the specified group
3. group_names: this return all group names which are associate with specific host
4. inventory_hostname: this gives out the name configured in the inventory file for the given host

Ansible Playbooks

1. ansible playbooks are used to define what actions need to be performed
2. playbooks are YAML scripts which defines the instructions which are needed to be performed
3. tasks are the actions to be performed on the host ex. 1.1 execute a command 1.2 Run a script 1.3 Install a package 1.4 Shutdown/Restart a server