Shashikant shah

Thursday, 15 October 2020

What is Ansible and install, Ad-hoc command part-1

 

What is Ansible?

Ansible is an open-source IT engine that automates application deployment, cloud provisioning, intra service orchestration, and other IT tools.

Ansible is designed for multi-tier deployment and  easy to deploy because it does not use any agents or custom security infrastructure on the client-side, and by pushing modules to the clients. These modules are executed locally on the client-side, and the output is pushed back to the Ansible server.

It can easily connect to clients using SSH-Keys, simplifying though the whole process. Client details, such as hostnames or IP addresses and SSH ports, are stored in the files, which are called inventory files.

Benefits :-

  • Ansible is free to use by everyone.
  • Ansible is very consistent and lightweight, and no constraints regarding the operating system or underlying hardware are present.
  • It is very secure due to its agentless capabilities and open SSH security features.
  • Ansible does not need any special system administrator skills to install and use it.
  • Ansible has a smooth learning curve determined by the comprehensive documentation and easy to learn structure and configuration.
  • Its modularity regarding plugins, inventories, modules, and playbooks make Ansible perfect companion orchestrate large environments.

    Ansible Architecture.


1. Inventory file.

Inventory is a kind of files which contains the records of manage node IP address/HostName/Password/Groups. There are two type of inventory.

  • .       Statics inventory

Statics inventory is kind of statics file. We will use statics inventory when our IP address are fix means no need to change IP address after making inventory.

  • .      Dynamic inventory

Dynamic inventory is kind of program that retrieve IP address of new provisioned machines automatically. This type of inventory will use mainly in case of cloud infra. Where machine is creating and terminating again and again.

2. Modules

Modules is basically kind of scripting. Suppose we want to perform any task in our infra, all information related to that task is written in modules in form of language. It might be Python, bash, shell, ruby etc. Ansible mainly supporting two type of modules.

1.    Core modules :- Which is written in python language

2.    Custom modules :- We will write custom modules according to our requirement in python, ruby, bash, shell or in other languages.

3.Playbook

We have preferred playbook where we need to perform any task on repeat basis means suppose we want to take backup of our all server, we can write a playbook for that. Playbooks are written in YAML language. 

4.Plugins

Plugins is a piece of code that expends the core functionality of Ansible. There are many useful plugins, and you also can write your own.

5.CMDB

CMDB is a type of repository which acts as a data warehouse for the IT installations.

####### ALL Plugin ####################

all plugin path are :-

# ls -1 /usr/lib/python2.7/site-packages/ansible/plugins


1.Lookup plugin :- pull data from different sources, retrun them to ansible.


2.caching plugin :- store gathered facts or data for re-use and performance.

Jsonfile, memcached, memory, mongodb, pickle, redis, yaml.


3.action_plugins :- Action plugins are a kind of wrappers for modules. Ansible executes them just before corresponding module is executed remotely. They are usually used to preprocess input data or postprocess results.


4.callback_plugins :- Callback plugins enable adding new behaviors to Ansible when responding to events. By default, callback plugins control most of the output you see when running the command line programs, but can also be used to add additional output, integrate with other tools and marshall the events to a storage backend.


# ansible-doc -t callback -l
5.connection_plugins :- Connection plugins allow Ansible to interact with different target systems: ssh – for Unix, winrm – for Windows, docker – to execute modules inside Docker containers. The most used are ssh (the default) and local, which is used to execute modules in local context of Ansible controller.

#ansible-doc -t connection -l
6.filter_plugins :- Filter plugins add custom Jinja2 filters. Jinja2 template engine is used to work with variables in Ansible. You can use built-in or ansible supplied filters. If you need more, just write a filter plugin.
8.shell_plugins :- Shell plugins work to ensure that the basic commands Ansible runs are properly formatted to work with the target machine and allow the user to configure certain behaviors related to how Ansible executes tasks.


#ansible-doc -t shell -l
9.strategy_plugins :- Strategy plugins control the flow of play execution by handling task and host scheduling. Strategy plugins shipped with Ansible are enabled by default.
#ansible-doc -t strategy -l
or in the ansible.cfg file:
[defaults]
strategy=linear
##########
- hosts: all
strategy: debug
tasks:
- copy: src=myhosts dest=/etc/hosts
notify: restart_tomcat
- package: name=tomcat state=present
handlers:
- name: restart_tomcat
service: name=tomcat state=restarted
10.Httpapi Plugins :- Httpapi plugins tell Ansible how to interact with a remote device’s HTTP-based API and execute tasks on the device.
# ansible-doc -t httpapi -l

- hosts: leaf01
connection: httpapi
gather_facts: false
tasks:
- name: type a simple arista command
eos_command:
commands:
- show version | json
register: command_output
- name: print command output to terminal window
debug:
var: command_output.stdout[0]["version"]

11.Inventory Plugins :- Inventory plugins allow users to point at data sources to compile the inventory of hosts that Ansible uses to target tasks, either using the -i /path/to/file and/or -i 'host1, host2' command line parameters or from other configuration sources.

# ansible-doc -t inventory -l

12.vars_plugins :- Vars plugins inject additional variable data into Ansible runs that did not come from an inventory source, playbook, or command line. Playbook constructs like ‘host_vars’ and ‘group_vars’ work using vars plugins.

# ansible-doc -t vars -l

13.Become Plugins :- Become plugins work to ensure that Ansible can use certain privilege escalation systems when running the basic commands to work with the target machine as well as the modules required to execute the tasks specified in the play.

These utilities (sudo, su, doas, and so on) generally let you ‘become’ another user to execute a command with the permissions of that user.

#ansible-doc -t become -l

14.Netconf Plugins :- Netconf plugins are abstractions over the Netconf interface to network devices. They provide a standard interface for Ansible to execute tasks on those network devices.
The netconf plugin to use is determined automatically from the ansible_network_os variable. There should be no reason to override this functionality.

Most netconf plugins can operate without configuration. A few have additional options that can be set to affect how tasks are translated into netconf commands. A ncclient device specific handler name can be set in the netconf plugin or else the value of default is used as per ncclient device handler.
# ansible-doc -t netconf -l



1.How to use lookup plugin :-


#ansible-doc -t lookup -l

#ansible-doc -t lookup <plugin name>

#ansible-doc -t lookup dig


Config

This is to lookup the current values from the Ansible Configuration .

csvfile

This is used to use data from a CSV

dict

This plugin is used to return values in key-value

dig

This is used to query DNS by using a library named

env

This is used to read the values of env.

file

This is used to read the contents of file.

mini

This plugin is to read contents from an ini

inventory_hostnames

To return the list of matching pattern

Items

To return the item’s list

lines

To read a line from the command

list

To return the same output which is given as

password

To generate or retrieve a random

template

To return contents of a file after using jinja2 to template

url

This is used to get specific content from a

vars

This is to lookup the variables which are either templated or declared in Play

1.1 create a file for testing.
#cat /tmp/samplefile

1.2 create a yaml file for lookup task.


# cat test.yaml

---

- name: check lookup plugin

hosts: localhost

tasks:

- name: here we will display contents of tmp/samplefile

debug:

msg: These are the contents of /tmp/samplefile - {{lookup('file', '/tmp/samplefile')}}


1.3 running playbook.

# ansible-playbook test.yaml

 


Terms used in Ansible.


The fork is the default parallel number of the process while communicating to remote nodes.
# default Forks value = 5
 
 
List all modules.
#ansible-doc -l

Details of modules -s (--snippet).
#ansible-doc -s copy
 
 
Install Ansible server :-

On RHEL/CentOS/Fedora :-
# sudo yum install ansible -y
# ansible --version

Ubuntu
# sudo apt-add-repository ppa:ansible/ansible -y
# sudo apt-get update && sudo apt-get install ansible -y
 
Generate ssh key in ansible server.
# ssh-keygen -t rsa
id_rsa.pub copy to node.
 
User created on node

# useradd -d /home/ansadm -m ansadm
# passwd ansadm

# vim /etc/ssh/sshd_config
PasswordAuthentication yes

# /etc/init.d/sshd restart
# sudo su – ansadm
# mkdir .ssh
# chmod 700 .ssh
# chown ansadm:ansadm .ssh
# vim .ssh/authorized_keys  
# chmod 600 authorized_keys
 
# visudo
ansadm  ALL=(ALL)       NOPASSWD: ALL

Run ssh command from ansible server.

# ssh ansadm@node.example.com 
 
add user  ansadm in /etc/ansible/ansible.cfg file.
remote_user = ansadm

add host and Ip in /etc/ansible/hosts file.
[client_host]
172.31.42.127

Ad-Hoc commands :-
The Ad-Hoc command is the one-liner ansible command that performs one task on the target host.

# ansible -i ec2.py ec2 -m ping

1.Copy data
# Ansible abc -m copy -a "src = /etc/yum.conf dest = /tmp/yum.conf"

2.create directory
# ansible abc -m file -a "dest = /path/user1/new mode = 777 owner = user1 group = user1 state = directory"

3.delete file
# ansible abc -m file -a "dest = /path/user1/new state = absent"

4.install package
# ansible webservers -m yum -a "name=httpd  state=present"

5.Reboot your company server in 12 parallel forks at time.
# ansible abc -a "/sbin/reboot" -f 12 -u username

6.Ping all servers. 
# ansible -m ping all

7.Ping one server.
# ansible -m ping webservers

8.Run update command in all servers.
# ansible -a "uptime" all

9.Disk check all servers.
# ansible -a "df -Th" all


No comments:

Post a Comment