Ansible (Inventory, Playbook & Modules)
Ansible is an open-source automation tool that simplifies configuration management, application deployment, and task automation. It is designed to be simple, easy to use, and agentless, meaning it doesn’t require any additional software to be installed on the managed hosts. Ansible uses a declarative language to define the desired state of a system, and it then automatically brings the system into that desired state.
Intro
Some of the key concepts you are going to learn in this article are Inventory, Playbook and Modules:
- Inventory: An inventory is a list of the managed nodes in an Ansible environment. It typically includes information about the node’s hostname, IP address, and operating system.
- Playbook: A playbook is a YAML file that defines a series of tasks to be executed on managed nodes. Playbooks are the core of Ansible automation, and they can be used to automate a wide range of tasks.
- Modules: Modules are the building blocks of Ansible playbooks. They are small, reusable pieces of code that perform specific tasks on managed nodes. Ansible includes a large library of modules, and there are also many third-party modules available.
If you are following the articles and finished Kubernetes it’s good to understand the relation of Ansible and Kubernetes.
Kubernetes and Ansible are two powerful IT automation tools that can be used together to create and manage complex IT environments. Kubernetes is a container orchestration platform that automates the deployment, scaling, and management of containerized applications. Ansible is an IT automation tool that can be used to provision and configure infrastructure, deploy applications, and manage systems in a consistent and reliable manner.
Ansible Inventory
So Ansible enables you to manage one or multiple systems, making one control node that manages all the others, it’s more focused on infrastructure configure and management.
You can use SSH to set all up, and you can write “code” to tell the machines what to do and when to do it.
It’s agentless, so no need of additional software. In terms of inventory it needs a file to set the target systems and enable automation.
An example of an Inventory file:
server1.company.com
server2.company.com
[mail]
server3.company.com
server4.company.com
When using brackets [] it means that you’re grouping a set of systems..
You can also use alias to make it more easy to understand:
web ansible_host = server1.company.com
Other parameters are:
ansible_connection
ansible_port
ansible_user
ansible_ssh_pass
For security purposes, to avoid having passwords and other credentials exposed you should use Ansible Vault.
The inventory has a ini format. Users can ssh via port 22. In case you want to make local connections instead of ssh you can use ansible_connectors.
Per example, on Windows, ansible_connection parameter=winrim
Ansible Playbooks
Are files with instructions that tell what to do. A playbook is structured on a set of plays (activities that run on a host), execute a command, run a script, install a package, shudown or restart.
The structure of a playbook is:
–
name: ‘testing’
hosts: localhost
become: yes
tasks:
– name: ‘test’
command: ‘cat file.txt’
– name:
script:
Tasks are a list, here the order of execution matters.
Command, script, yum, service, they are all keywords of modules.
To run a playbook you have to type:
ansible_playbook <yaml file> [–check] [–diff] [–syntax-check]
You can you the flags check or diff and more to verify syntax, and that everything it properly set. Also the “ansible_lint” provides a good info about the yaml file, if the return is empty it means all is ok.
Ansible Modules
It’s a way of categorizing many groups based on functionality.
Some of the modules that exist are: System Modules, Commands, Files, Database, Cloud, …
The command provides a free form in which i
nstead of using a structured format with clear parameter names, free form allows you to specify parameters directly after the module name, using a key-value syntax.
While free form may seem simpler at first glance, it can lead to ambiguities and make it harder to debug and maintain Ansible playbooks. Therefore, it’s generally recommended to use the structured format with explicit parameter names.
Example:
name: Install Nginx using free form
ansible.builtin.apt:
name: nginx
state: present
The lineinfile
module is a powerful tool in Ansible’s arsenal for managing text files. It allows you to insert, update, or remove lines in files with ease, ensuring consistent configurations across your managed systems.
The lineinfile
module is designed to be idempotent, meaning it will not make any changes if the specified line already exists in the file. This ensures that your configurations remain consistent even after repeated runs. You can use regular expressions to match and modify lines in files, providing flexibility in handling various patterns and conditions.
Example of updating an existing line in the /etc/nginx/nginx.conf
file:
name: Update server port
ansible.builtin.lineinfile:
path: /etc/nginx/nginx.conf
regex: '^listen\s+80'
line: listen 8080
state: present