What is Ansible?
Ansible is an
open-source IT engine that automates application deployment, cloud
provisioning, intra service orchestration, and other IT tools.
Ansible is designed for
multi-tier deployment and easy to deploy
because it does not use any agents or custom security infrastructure
on the client-side, and by pushing modules to the clients. These modules are
executed locally on the client-side, and the output is pushed back to the
Ansible server.
It can easily connect to clients using SSH-Keys, simplifying though the whole process. Client details, such as hostnames or IP addresses and SSH ports, are stored in the files, which are called inventory files.
Benefits :-
- Ansible
is free to use by everyone.
- Ansible
is very consistent and lightweight, and no constraints regarding the
operating system or underlying hardware are present.
- It
is very secure due to its agentless capabilities and open SSH security
features.
- Ansible
does not need any special system administrator skills to install and use it.
- Ansible
has a smooth learning curve determined by the comprehensive documentation
and easy to learn structure and configuration.
- Its modularity regarding plugins, inventories, modules, and playbooks make Ansible perfect companion orchestrate large environments.
Ansible Architecture.
1. Inventory file.
Inventory is a kind of files which contains the records of manage node IP
address/HostName/Password/Groups. There are two type of inventory.
. Statics inventory
Statics
inventory is kind of statics file. We will use statics inventory when our IP
address are fix means no need to change IP address after making inventory.
. Dynamic inventory
Dynamic
inventory is kind of program that retrieve IP address of new provisioned
machines automatically. This type of inventory will use mainly in case of cloud
infra. Where machine is creating and terminating again and again.
2. Modules
Modules
is basically kind of scripting. Suppose we want to perform any task in our
infra, all information related to that task is written in modules in form of
language. It might be Python, bash, shell, ruby etc. Ansible mainly supporting
two type of modules.
1.
Core
modules :- Which is written in python language
2. Custom modules :- We will write custom modules according to our requirement in python, ruby, bash, shell or in other languages.
3.Playbook
We have preferred playbook where we need
to perform any task on repeat basis means suppose we want to take backup of our
all server, we can write a playbook for that. Playbooks are written in YAML
language.
5.CMDB
CMDB is a type of repository which acts
as a data warehouse for the IT installations.
####### ALL Plugin ####################
all plugin path are :-
# ls -1 /usr/lib/python2.7/site-packages/ansible/plugins
1.Lookup plugin :- pull data from different sources, retrun them to ansible.
2.caching plugin :- store gathered facts or data for re-use and performance.
Jsonfile, memcached, memory, mongodb, pickle, redis, yaml.
3.action_plugins :- Action plugins are a kind of wrappers for modules. Ansible executes them just before corresponding module is executed remotely. They are usually used to preprocess input data or postprocess results.
4.callback_plugins :- Callback plugins enable adding new behaviors to Ansible when responding to events. By default, callback plugins control most of the output you see when running the command line programs, but can also be used to add additional output, integrate with other tools and marshall the events to a storage backend.
# ansible-doc -t callback -l
5.connection_plugins :- Connection plugins allow Ansible to interact with different target systems: ssh – for Unix, winrm – for Windows, docker – to execute modules inside Docker containers. The most used are ssh (the default) and local, which is used to execute modules in local context of Ansible controller.
#ansible-doc -t connection -l
6.filter_plugins :- Filter plugins add custom Jinja2 filters. Jinja2 template engine is used to work with variables in Ansible. You can use built-in or ansible supplied filters. If you need more, just write a filter plugin.
8.shell_plugins :- Shell plugins work to ensure that the basic commands Ansible runs are properly formatted to work with the target machine and allow the user to configure certain behaviors related to how Ansible executes tasks.
#ansible-doc -t shell -l
9.strategy_plugins :- Strategy plugins control the flow of play execution by handling task and host scheduling. Strategy plugins shipped with Ansible are enabled by default.
#ansible-doc -t strategy -l
or in the ansible.cfg file:
[defaults]
strategy=linear
##########
- hosts: all
strategy: debug
tasks:
- copy: src=myhosts dest=/etc/hosts
notify: restart_tomcat
- package: name=tomcat state=present
handlers:
- name: restart_tomcat
service: name=tomcat state=restarted
10.Httpapi Plugins :- Httpapi plugins tell Ansible how to interact with a remote device’s HTTP-based API and execute tasks on the device.
# ansible-doc -t httpapi -l
- hosts: leaf01
connection: httpapi
gather_facts: false
tasks:
- name: type a simple arista command
eos_command:
commands:
- show version | json
register: command_output
- name: print command output to terminal window
debug:
var: command_output.stdout[0]["version"]
11.Inventory Plugins :- Inventory plugins allow users to point at data sources to compile the inventory of hosts that Ansible uses to target tasks, either using the -i /path/to/file and/or -i 'host1, host2' command line parameters or from other configuration sources.
# ansible-doc -t inventory -l
12.vars_plugins
:- Vars plugins inject
additional variable data into Ansible runs that did not come from an
inventory source, playbook, or command line. Playbook constructs like
‘host_vars’ and ‘group_vars’ work using vars plugins.
#
ansible-doc -t vars -l
13.Become Plugins :- Become plugins work to ensure that Ansible can use certain privilege escalation systems when running the basic commands to work with the target machine as well as the modules required to execute the tasks specified in the play.
These utilities (sudo, su, doas, and so on) generally let you ‘become’ another user to execute a command with the permissions of that user.
#ansible-doc -t become -l
14.Netconf
Plugins :- Netconf plugins are
abstractions over the Netconf interface to network devices. They
provide a standard interface for Ansible to execute tasks on those
network devices.
The
netconf plugin to use is determined automatically from the
ansible_network_os variable. There should be no reason to override
this functionality.
Most
netconf plugins can operate without configuration. A few have
additional options that can be set to affect how tasks are translated
into netconf commands. A ncclient device specific handler name can be
set in the netconf plugin or else the value of default is used as per
ncclient device handler.
#
ansible-doc -t netconf -l
1.
How
to use lookup plugin :-
#ansible-doc
-t lookup -l
#
ansible-doc
-t lookup <plugin name>
#
ansible-doc
-t lookup dig
Config |
|
csvfile |
This is used to use data from a CSV |
dict |
This plugin is used to return values in key-value |
dig |
This is used to query DNS by using a library named |
env |
This is used to read the values of env. |
file |
This is used to read the contents of file. |
mini |
This plugin is to read contents from an ini |
inventory_hostnames |
To return the list of matching pattern |
Items |
To return the item’s list |
lines |
To read a line from the command |
list |
To return the same output which is given as |
password |
To generate or retrieve a random |
template |
To return contents of a file after using jinja2 to template |
url |
This is used to get specific content from a |
vars |
This is to lookup the variables which are either templated or declared in Play |
1.
1
create a file for testing.
#cat
/tmp/samplefile
1.2
create a yaml file for lookup task.
#
cat test.yaml
---
- name: check lookup plugin
hosts:
localhost
tasks:
- name:
here we will display contents of tmp/samplefile
debug:
msg:
These are the contents of /tmp/samplefile - {{lookup('file',
'/tmp/samplefile')}}
1.3 running playbook.
# ansible-playbook test.yaml
Terms used in Ansible.
# default Forks value = 5
Details of modules -s (--snippet).
#ansible-doc -s copy
On RHEL/CentOS/Fedora :-
# sudo yum install ansible -y
# ansible --version
# sudo apt-add-repository ppa:ansible/ansible -y
# sudo apt-get update && sudo apt-get install ansible -y
Generate ssh key in ansible server.
# ssh-keygen -t rsa
id_rsa.pub copy to node.
User created on node
# passwd ansadm
PasswordAuthentication yes
# sudo su – ansadm
# mkdir .ssh
# chmod 700 .ssh
# chown ansadm:ansadm .ssh
# vim .ssh/authorized_keys
# chmod 600 authorized_keys
# visudo
ansadm ALL=(ALL) NOPASSWD: ALL
Run ssh command from ansible server.
172.31.42.127
No comments:
Post a Comment