SlideShare a Scribd company logo

Ansible automation tool with modules

M
mohamedmoharam
1 of 18
Download to read offline
Ansible Automation Tool By: Mohamed Moharam System Engineer https://sa.linkedin.com/in/mohamedmoharam
What is Anisble ? Ansible is an open source, powerful automation software for configuring, managing and deploying software applications on the nodes without any downtime just by using SSH. Today, most of the IT Automation tools runs as a agent in remote host, but ansible just need a SSH connection and Python (2.4 or later) to be installed on the remote nodes to perform it’s action.For example, let’s say you need to deploy a single software or multiple software to 100’s of nodes by a single command, here ansible comes into picture just one command do the job How Ansible Works? There are many similar automation tools available like Puppet, Capistrano, Chef, Salt, Space Walk etc, but Ansible categorize into two types of server: controlling machines and nodes. 1- The controller machine, where Ansible is installed and Nodes managed by it 2- The controlling machine (Ansible) deploys modules to nodes using SSH protocol and these modules are stored temporarily on remote nodes and communicate through a JSON 3- Ansible is agent-less, that means no need of any agent installation on remote nodes, 4- Ansible can handle 100’s of nodes by one single command ‘ansible’. 5- Ansible can execute multiple commands for a deployment, we can build using (playbooks) 6- Playbooks are bunch of commands which can perform multiple tasks and each playbooks are in YAML file format. See the below diagram (a) (a)
What is YAML ? YAML (/ˈjæməl/, rhymes with camel) is a human-readable data serialization format that takes concepts from programming languages such as C, Perl, and Python, and ideas from XML and the data format of electronic mail YAML syntax was designed to be easily mapped to data types common to most high-level languages: list, associative array, and scalar.Its familiar indented outline and lean appearance make it especially suited for tasks where humans are likely to view or edit data structures, such as configuration files, dumping during debugging, and document headers For more information refer to the following https://en.wikipedia.org/wiki/YAML --- # Examples --- # Sample document --- # Data structure hierarchy is maintained by outline indentation. receipt: Oz-Ware Purchase Invoice date: 2012-08-06 customer: first_name: Dorothy family_name: Gale items: - part_no: A4786 descrip: Water Bucket (Filled) price: 1.47 quantity: 4 YAML offers an "in-line" style for denoting associative arrays and lists. Here is a sample of the components. Lists: - Conventional block format uses a hyphen+space to begin a new item in list. --- # Favorite movies comment - Casablanca - North by Northwest - The Man Who Wasn't There Optional inline format is delimited by comma+space and enclosed in brackets (similar to JSON) --- # Shopping list comment [milk, pumpkin pie, eggs, juice]
Ansible Documentation: Modules As we are dealing with an array of modules during using Ansible tutorials. Here we show how to use Ansible documentation in order to see what modules are available and how to use them. For more information refer to the following url http://docs.ansible.com/ansible/list_of_packaging_modules.html to know more about available modules [root@mohamedmoharam1 ansible]# ansible --version ansible 1.9.4 configured module search path = None [root@mohamedmoharam1 ansible]# ansible-doc --help Usage: ansible-doc [options] [module...] Show Ansible module documentation Options: --version show program's version number and exit -h, --help show this help message and exit -M MODULE_PATH, --module-path=MODULE_PATH Ansible modules/ directory -l, --list List available modules -s, --snippet Show playbook snippet for specified module(s) -v Show version number and exit System Architecture Diagram (b)
My Environment Setup Controller Machine – Ansible Operating System : Centos 7 IP Address : 172.31.16.71 Host-name : mohamedmoharam1.mylabserver.com User : user Note: in the real implementation nothing defined as controller node any node can be controller and used for automation For ansible other soultions like puppet require a master node to work as controller. Remote Nodes Node 1: mohamedmoharam2.mylabserver.com Node 2: mohamedmoharam3.mylabserver.com Node 3: mohamedmoharam4.mylabserver.com Step 1: Installing Controlling Machine – Ansible Fedora users can directly install Ansible through default repository, but if you are using RHEL/CentOS 6, 7, you have to enable EPEL repo.After configuring epel repository, you can install Ansible using following command. $ sudo yum install ansible -y After installed successfully, you can verify the version by executing below command. # ansible --version Step 2: Preparing SSH Keys to Remote Hosts 4. To perform any deployment or management from the localhost to remote host first we need to create and copy the ssh keys to the remote host. In every remote host there will be a user account test First let we create a SSH key using below command and copy the key to remote hosts. # ssh-keygen -t rsa 5. After creating SSH Key successfully, now copy the created key to all three remote server’s. # ssh-copy-id user@mohamedmoharam2.mylabserver.com # ssh-copy-id user@mohamedmoharam3.mylabserver.com # ssh-copy-id user@mohamedmoharam4.mylabserver.com
6. After copying all SSH Keys to remote host, now perform a ssh key authentication on all remote hosts to check whether authentication working or not. $ ssh test@mohamedmoharam2.mylabserver.com $ ssh test@mohamedmoharam3.mylabserver.com $ ssh test@mohamedmoharam4.mylabserver.com Note : you have to add sudo privilege to the ansible normal user so it will not prompt you for the password when you execute the ansible command “ user ALL=(ALL) NOPASSWD: ALL” >> using visudo command Ansible Configuration File Here we explore The various settings within the Ansible configuration file as you see in the following under /etc/ansible/ansible.cfg
Step 3: Creating Inventory File for Remote Hosts 7. Add these three hosts to inventory file. This file hold the host information’s like which host we need to get connect from local to remote under /etc/ansible/hosts. # sudo vim /etc/ansible/hosts Add the following three hosts IP address.. [webservers] mohamedmoharam2.mylabserver.com mohamedmoharam3.mylabserver.com [DBservers] mohamedmoharam4.mylabserver.com Note: The ‘webservers‘ in the brackets indicates as group names, it is used in classifying systems and deciding which systems you are going to controlling at what times and for what reason. Now time to check our all 3 doing ping from my localhost. To perform the action we need to use the command ‘ansible‘ with options ‘-m‘ (module) and ‘-all‘ (group of servers). ‘WE ARE HERE USING MODULE PING ’ # ansible -m ping webservers mohamedmoharam2.mylabserver.com | success >> { "changed": false, "ping": "pong" } mohamedmoharam3.mylabserver.com | success >> { "changed": false, "ping": "pong" }
Ansible Command Line Now, here we are using another module called ‘command‘, which is used to execute list of commands (like, df, free, uptim, etc.) on all selected remote hosts at one go, for example watch out few examples shown below. To check the partitions on all remote hosts # ansible -m command -a "df -h" webservers mohamedmoharam2.mylabserver.com | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/xvda1 20G 4.7G 16G 24% / devtmpfs 477M 0 477M 0% /dev tmpfs 497M 84K 496M 1% /dev/shm tmpfs 497M 13M 484M 3% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup mohamedmoharam3.mylabserver.com | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/xvda1 20G 4.7G 16G 24% / devtmpfs 477M 0 477M 0% /dev tmpfs 497M 0 497M 0% /dev/shm tmpfs 497M 13M 484M 3% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup Installing a package remotely using friendly ansible yum module feature for installing the package httpd on a remote group of servers [user@mohamedmoharam1 ansible]$ ansible webservers -s -m yum -a 'pkg=httpd state=installed update_cache=true' mohamedmoharam3.mylabserver.com | success >> { "changed": true, "msg": "", "rc": 0, "results": [ mohamedmoharam3.mylabserver.com | success >> { "changed": true, "msg": "", "rc": 0, "results": [
To install package remotely on a group of servers over shell using yum command package telent
System Facts Using Ansible discovers various system information on remote systems using setup ansible module [user@mohamedmoharam1 ansible]$ ansible -m setup webservers mohamedmoharam2.mylabserver.com | success >> { "ansible_facts": { "ansible_all_ipv4_addresses": [ "172.31.103.160" ], "ansible_all_ipv6_addresses": [ "fe80::1042:b8ff:fef2:99" ], "ansible_architecture": "x86_64", "ansible_bios_date": "12/07/2015", "ansible_bios_version": "4.2.amazon", "ansible_cmdline": { "BOOT_IMAGE": "/boot/vmlinuz-3.10.0-229.14.1.el7.x86_64", "LANG": "en_US.UTF-8", "console": "ttyS0,115200n8", "crashkernel": "auto", "ro": true, "root": "UUID=0f790447-ebef-4ca0-b229-d0aa1985d57f", "vconsole.font": "latarcyrheb-sun16", "vconsole.keymap": "us" }, "ansible_date_time": { "date": "2015-12-15", "day": "15", "epoch": "1450215305", "hour": "21", "iso8601": "2015-12-15T21:35:05Z", "iso8601_micro": "2015-12-15T21:35:05.565977Z", "minute": "35", "month": "12", "second": "05", "time": "21:35:05", "tz": "UTC", "tz_offset": "+0000", "weekday": "Tuesday", "year": "2015" }, "ansible_default_ipv4": { "address": "172.31.103.160" "alias": "eth0", "gateway": "172.31.96.1", "interface": "eth0", "macaddress": "12:42:b8:f2:00:99", "mtu": 9001, "netmask": "255.255.240.0", "network": "172.31.96.0",
"type": "ether" }, "ansible_default_ipv6": {}, "ansible_devices": { "xvda": { "holders": [], "host": "", "model": null, "partitions": { "xvda1": { "sectors": "41927602", "sectorsize": 512, "size": "19.99 GB", "start": "2048" } }, "removable": "0", "rotational": "0", "scheduler_mode": "deadline", "sectors": "41943040", "sectorsize": "512", "size": "20.00 GB", "support_discard": "0", "vendor": null } }, "ansible_distribution": "CentOS", "ansible_distribution_major_version": "7", "ansible_distribution_release": "Core", "ansible_distribution_version": "7.1.1503", "ansible_domain": "mylabserver.com",
Ansible Modules Ansible ships with a number of modules (called the ‘module library’) that can be executed directly on remote hosts or through Playbooks. Users can also write their own modules. These modules can control system resources, like services, packages, or files (anything really), or handle executing system commands. 1- Setup Module Gathers facts about remote hosts related to system information like architecture , domain , distribution kernel , interfaces …etc we can use filter to extract what we need from it .
2- File Module Sets attributes of files, symlinks, and directories, or removes or copy files/symlinks/directories. Many other modules support the same options as the file module - including copy, template, and assemble. In the following example we list the attributes for /etc/fstab for the remote group of servers to see permissions group gid owner uid ...etc In case the remote directory not found it will show error for us as you see in the following In case we would like to create new directory and change ownership & premissions
3- Copy Module The copy module copies a file on the controller node to remote locations. Use the fetch module to copy files from remote locations to the controller node . In the following example we copy the /etc/fstab from the controller node to the remote server mohamedmoharam2.mylabserver.com to /tmp/etc/ directory . In the following example we use the command module to remove the files from remote group of servers 4- YUM Module Installs, upgrade, removes, and lists packages and groups with the yum package manager. As you see in the following example we need to install a package to group of webserver a) List available group of remote servers in the controller node
b) Create new yml playbook and define the group of remote servers we will apply on it , use the yum module And run the new .yml using ansible-playbook command line as you see below on the controller node c) N o w t h e p a c k a g e vsftpd have been installed successfully remotely in all group of webservers . 5- Service Module Controls services on remote hosts. Supported init systems include BSD init, OpenRC, SysV, Solaris SMF, systemd, upstart . Here an example of starting service remotely after installing the package using yum module . a) We create new .yml for service definition and define the remote group of hosts b) Run service.yum using ansible-palybook command line as you see below c) As we see the httpd service have been restarted successfully on all group of servers
6- Copy Module The copy module copies a file on the local box to remote locations. Use the fetch module to copy files from remote locations to the local box. a) First we create new .yml playbook and define group of servers on it we need to copy files to them b) Run the new .yml playbook using ansible-playbook command as you see below c) Now the /etc/fstab file on the controller node have been successfully copied to all group of webservers under /tmp destination 7- Command Module The command module takes the command name followed by a list of space-delimited arguments. The given command will be executed on all selected nodes in the following a) Create new file .yml to define the group of remote hosts and the command that we like to applied remotely on all servers b) Run the new playbook .yml using ansible-playbook command c) The command have been run successfully on all remote servers
8- Cron Module :- This module allows you to create named crontab entries, update, or delete them. The module includes one line with the description of the crontab entry "#Ansible: <name>" corresponding to the “name” passed to the module, which is used by future ansible/module calls to find/check the state a) We have created new playbook .yml file b) Define the group of hosts in the yml playbook and the cron task we need to apply on the remote servers c) Run the playbooks using ansible command line d) Now the cron task have been scheduled successfully on all remote server as you see above 9- User Module Manage user accounts and user attributes ( useradd - userdel – usermod) in the following example we have create a normal user in number of group of servers remotely in this example we created new playbook yml and use user module to apply on group of servers
10-Shell Module The shell module takes the command name followed by a list of space-delimited arguments. It is almost exactly like the command module but runs the command through a shell (/bin/sh) on the remote node. In this example we have executed the uptime command remotely in the group of servers over the shell module and save the result to uptime.log file in the /home/user/ 11-Selinux Module Configures the SELinux mode and policy. A reboot may be required after usage. Ansible will not issue this reboot but will let you know when it is required. In the following example we have created new yml playbook file and define on it the group of hosts that we need to apply selinux policy on them and run the playbook using ansible-playbook command line

Recommended

Ansible intro
Ansible introAnsible intro
Ansible intro
Marcelo Quintiliano da Silva
 
Introducing Ansible
Introducing AnsibleIntroducing Ansible
Introducing Ansible
Francesco Pantano
 
Ansible best practices
Ansible best practicesAnsible best practices
Ansible best practices
StephaneFlotat1
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101
yfauser
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
Manuel de la Peña Peña
 
Introduction to vSphere APIs Using pyVmomi
Introduction to vSphere APIs Using pyVmomiIntroduction to vSphere APIs Using pyVmomi
Introduction to vSphere APIs Using pyVmomi
Michael Rice
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
John Lynch
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
Khizer Naeem
 

Recommended

Ansible intro
Ansible introAnsible intro
Ansible intro
Marcelo Quintiliano da Silva
 
Introducing Ansible
Introducing AnsibleIntroducing Ansible
Introducing Ansible
Francesco Pantano
 
Ansible best practices
Ansible best practicesAnsible best practices
Ansible best practices
StephaneFlotat1
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101
yfauser
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
Manuel de la Peña Peña
 
Introduction to vSphere APIs Using pyVmomi
Introduction to vSphere APIs Using pyVmomiIntroduction to vSphere APIs Using pyVmomi
Introduction to vSphere APIs Using pyVmomi
Michael Rice
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
John Lynch
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
Khizer Naeem
 
Automating the Cloud with Terraform, and Ansible
Automating the Cloud with Terraform, and AnsibleAutomating the Cloud with Terraform, and Ansible
Automating the Cloud with Terraform, and Ansible
Brian Hogan
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Kumar Y
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
Tim Fairweather
 
Ansible for beginners
Ansible for beginnersAnsible for beginners
Ansible for beginners
Kuo-Le Mei
 
Ansible
AnsibleAnsible
Ansible
Raul Leite
 
Introduction to Ansible (Pycon7 2016)
Introduction to Ansible (Pycon7 2016)Introduction to Ansible (Pycon7 2016)
Introduction to Ansible (Pycon7 2016)
Ivan Rossi
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
Alex S
 
Deployment automation
Deployment automationDeployment automation
Deployment automation
Riccardo Lemmi
 
快快樂樂用Homestead
快快樂樂用Homestead快快樂樂用Homestead
快快樂樂用Homestead
Chen Cheng-Wei
 
Httpd.conf
Httpd.confHttpd.conf
Httpd.conf
ayanoaccount
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestration
bcoca
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
Cédric Delgehier
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
Richard Donkin
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
Rayed Alrashed
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Suresh Kumar
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
Anas
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
Jumping Bean
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
Omid Vahdaty
 
Jenkins and ansible reference
Jenkins and ansible referenceJenkins and ansible reference
Jenkins and ansible reference
laonap166
 
Ansible
AnsibleAnsible
Ansible
David Adorons-Dieu
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
Kasun Madura Rathnayaka
 

More Related Content

What's hot

What's hot (20)

Automating the Cloud with Terraform, and Ansible
Automating the Cloud with Terraform, and AnsibleAutomating the Cloud with Terraform, and Ansible
Automating the Cloud with Terraform, and Ansible
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
 
Ansible for beginners
Ansible for beginnersAnsible for beginners
Ansible for beginners
 
Ansible
AnsibleAnsible
Ansible
 
Introduction to Ansible (Pycon7 2016)
Introduction to Ansible (Pycon7 2016)Introduction to Ansible (Pycon7 2016)
Introduction to Ansible (Pycon7 2016)
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
Deployment automation
Deployment automationDeployment automation
Deployment automation
 
快快樂樂用Homestead
快快樂樂用Homestead快快樂樂用Homestead
快快樂樂用Homestead
 
Httpd.conf
Httpd.confHttpd.conf
Httpd.conf
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestration
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
Jenkins and ansible reference
Jenkins and ansible referenceJenkins and ansible reference
Jenkins and ansible reference
 

Viewers also liked

Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)
Tola LENG
 
Java Logging discussion Log4j,Slf4j
Java Logging discussion Log4j,Slf4jJava Logging discussion Log4j,Slf4j
Java Logging discussion Log4j,Slf4j
Rajiv Gupta
 
Basic security &amp; info
Basic security &amp; infoBasic security &amp; info
Basic security &amp; info
Tola LENG
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7
Tola LENG
 

Viewers also liked (20)

Ansible
AnsibleAnsible
Ansible
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
Network Diagram
Network DiagramNetwork Diagram
Network Diagram
 
Configure active directory &amp; trust domain
Configure active directory &amp; trust domainConfigure active directory &amp; trust domain
Configure active directory &amp; trust domain
 
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux EnterpriseConfigure Webserver & SSL secure & redirect in SuSE Linux Enterprise
Configure Webserver & SSL secure & redirect in SuSE Linux Enterprise
 
Advance C++notes
Advance C++notesAdvance C++notes
Advance C++notes
 
DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)DNS windows server(2008R2) & linux(SLES 11)
DNS windows server(2008R2) & linux(SLES 11)
 
Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)
 
Map.ppt
Map.pptMap.ppt
Map.ppt
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11
 
Install linux suse(sless11)
Install linux suse(sless11)Install linux suse(sless11)
Install linux suse(sless11)
 
jsf2 Notes
jsf2 Notesjsf2 Notes
jsf2 Notes
 
Tola.leng sa nagios
Tola.leng sa nagiosTola.leng sa nagios
Tola.leng sa nagios
 
Java Logging discussion Log4j,Slf4j
Java Logging discussion Log4j,Slf4jJava Logging discussion Log4j,Slf4j
Java Logging discussion Log4j,Slf4j
 
How to be a good presentor by tola
How to be a good presentor by tolaHow to be a good presentor by tola
How to be a good presentor by tola
 
Basic security &amp; info
Basic security &amp; infoBasic security &amp; info
Basic security &amp; info
 
Struts2 notes
Struts2 notesStruts2 notes
Struts2 notes
 
Jsp Notes
Jsp NotesJsp Notes
Jsp Notes
 
File Share Server, FTP server on Linux SuSE and Windows
File Share Server, FTP server on Linux SuSE and WindowsFile Share Server, FTP server on Linux SuSE and Windows
File Share Server, FTP server on Linux SuSE and Windows
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7
 

Similar to Ansible automation tool with modules

Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
SlideTeam
 
Power point on linux commands,appache,php,mysql,html,css,web 2.0
Power point on linux commands,appache,php,mysql,html,css,web 2.0Power point on linux commands,appache,php,mysql,html,css,web 2.0
Power point on linux commands,appache,php,mysql,html,css,web 2.0
venkatakrishnan k
 
Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19
dvillaco
 

Similar to Ansible automation tool with modules (20)

Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
 
Ansible
AnsibleAnsible
Ansible
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
 
Ansible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonAnsible & Salt - Vincent Boon
Ansible & Salt - Vincent Boon
 
Ansible Hands On
Ansible Hands OnAnsible Hands On
Ansible Hands On
 
Ansible_Basics_ppt.pdf
Ansible_Basics_ppt.pdfAnsible_Basics_ppt.pdf
Ansible_Basics_ppt.pdf
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
 
DevOps for database
DevOps for databaseDevOps for database
DevOps for database
 
Install websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bitsInstall websphere message broker 8 RHEL 6 64 bits
Install websphere message broker 8 RHEL 6 64 bits
 
Power point on linux commands,appache,php,mysql,html,css,web 2.0
Power point on linux commands,appache,php,mysql,html,css,web 2.0Power point on linux commands,appache,php,mysql,html,css,web 2.0
Power point on linux commands,appache,php,mysql,html,css,web 2.0
 
Linux presentation
Linux presentationLinux presentation
Linux presentation
 
Samba
SambaSamba
Samba
 
ansible why ?
ansible why ?ansible why ?
ansible why ?
 
Ansible a tool for dev ops
Ansible a tool for dev opsAnsible a tool for dev ops
Ansible a tool for dev ops
 
linux installation.pdf
linux installation.pdflinux installation.pdf
linux installation.pdf
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19
 
ansible_rhel.pdf
ansible_rhel.pdfansible_rhel.pdf
ansible_rhel.pdf
 

Ansible automation tool with modules

  • 1. Ansible Automation Tool By: Mohamed Moharam System Engineer https://sa.linkedin.com/in/mohamedmoharam
  • 2. What is Anisble ? Ansible is an open source, powerful automation software for configuring, managing and deploying software applications on the nodes without any downtime just by using SSH. Today, most of the IT Automation tools runs as a agent in remote host, but ansible just need a SSH connection and Python (2.4 or later) to be installed on the remote nodes to perform it’s action.For example, let’s say you need to deploy a single software or multiple software to 100’s of nodes by a single command, here ansible comes into picture just one command do the job How Ansible Works? There are many similar automation tools available like Puppet, Capistrano, Chef, Salt, Space Walk etc, but Ansible categorize into two types of server: controlling machines and nodes. 1- The controller machine, where Ansible is installed and Nodes managed by it 2- The controlling machine (Ansible) deploys modules to nodes using SSH protocol and these modules are stored temporarily on remote nodes and communicate through a JSON 3- Ansible is agent-less, that means no need of any agent installation on remote nodes, 4- Ansible can handle 100’s of nodes by one single command ‘ansible’. 5- Ansible can execute multiple commands for a deployment, we can build using (playbooks) 6- Playbooks are bunch of commands which can perform multiple tasks and each playbooks are in YAML file format. See the below diagram (a) (a)
  • 3. What is YAML ? YAML (/ˈjæməl/, rhymes with camel) is a human-readable data serialization format that takes concepts from programming languages such as C, Perl, and Python, and ideas from XML and the data format of electronic mail YAML syntax was designed to be easily mapped to data types common to most high-level languages: list, associative array, and scalar.Its familiar indented outline and lean appearance make it especially suited for tasks where humans are likely to view or edit data structures, such as configuration files, dumping during debugging, and document headers For more information refer to the following https://en.wikipedia.org/wiki/YAML --- # Examples --- # Sample document --- # Data structure hierarchy is maintained by outline indentation. receipt: Oz-Ware Purchase Invoice date: 2012-08-06 customer: first_name: Dorothy family_name: Gale items: - part_no: A4786 descrip: Water Bucket (Filled) price: 1.47 quantity: 4 YAML offers an "in-line" style for denoting associative arrays and lists. Here is a sample of the components. Lists: - Conventional block format uses a hyphen+space to begin a new item in list. --- # Favorite movies comment - Casablanca - North by Northwest - The Man Who Wasn't There Optional inline format is delimited by comma+space and enclosed in brackets (similar to JSON) --- # Shopping list comment [milk, pumpkin pie, eggs, juice]
  • 4. Ansible Documentation: Modules As we are dealing with an array of modules during using Ansible tutorials. Here we show how to use Ansible documentation in order to see what modules are available and how to use them. For more information refer to the following url http://docs.ansible.com/ansible/list_of_packaging_modules.html to know more about available modules [root@mohamedmoharam1 ansible]# ansible --version ansible 1.9.4 configured module search path = None [root@mohamedmoharam1 ansible]# ansible-doc --help Usage: ansible-doc [options] [module...] Show Ansible module documentation Options: --version show program's version number and exit -h, --help show this help message and exit -M MODULE_PATH, --module-path=MODULE_PATH Ansible modules/ directory -l, --list List available modules -s, --snippet Show playbook snippet for specified module(s) -v Show version number and exit System Architecture Diagram (b)
  • 5. My Environment Setup Controller Machine – Ansible Operating System : Centos 7 IP Address : 172.31.16.71 Host-name : mohamedmoharam1.mylabserver.com User : user Note: in the real implementation nothing defined as controller node any node can be controller and used for automation For ansible other soultions like puppet require a master node to work as controller. Remote Nodes Node 1: mohamedmoharam2.mylabserver.com Node 2: mohamedmoharam3.mylabserver.com Node 3: mohamedmoharam4.mylabserver.com Step 1: Installing Controlling Machine – Ansible Fedora users can directly install Ansible through default repository, but if you are using RHEL/CentOS 6, 7, you have to enable EPEL repo.After configuring epel repository, you can install Ansible using following command. $ sudo yum install ansible -y After installed successfully, you can verify the version by executing below command. # ansible --version Step 2: Preparing SSH Keys to Remote Hosts 4. To perform any deployment or management from the localhost to remote host first we need to create and copy the ssh keys to the remote host. In every remote host there will be a user account test First let we create a SSH key using below command and copy the key to remote hosts. # ssh-keygen -t rsa 5. After creating SSH Key successfully, now copy the created key to all three remote server’s. # ssh-copy-id user@mohamedmoharam2.mylabserver.com # ssh-copy-id user@mohamedmoharam3.mylabserver.com # ssh-copy-id user@mohamedmoharam4.mylabserver.com
  • 6. 6. After copying all SSH Keys to remote host, now perform a ssh key authentication on all remote hosts to check whether authentication working or not. $ ssh test@mohamedmoharam2.mylabserver.com $ ssh test@mohamedmoharam3.mylabserver.com $ ssh test@mohamedmoharam4.mylabserver.com Note : you have to add sudo privilege to the ansible normal user so it will not prompt you for the password when you execute the ansible command “ user ALL=(ALL) NOPASSWD: ALL” >> using visudo command Ansible Configuration File Here we explore The various settings within the Ansible configuration file as you see in the following under /etc/ansible/ansible.cfg
  • 7. Step 3: Creating Inventory File for Remote Hosts 7. Add these three hosts to inventory file. This file hold the host information’s like which host we need to get connect from local to remote under /etc/ansible/hosts. # sudo vim /etc/ansible/hosts Add the following three hosts IP address.. [webservers] mohamedmoharam2.mylabserver.com mohamedmoharam3.mylabserver.com [DBservers] mohamedmoharam4.mylabserver.com Note: The ‘webservers‘ in the brackets indicates as group names, it is used in classifying systems and deciding which systems you are going to controlling at what times and for what reason. Now time to check our all 3 doing ping from my localhost. To perform the action we need to use the command ‘ansible‘ with options ‘-m‘ (module) and ‘-all‘ (group of servers). ‘WE ARE HERE USING MODULE PING ’ # ansible -m ping webservers mohamedmoharam2.mylabserver.com | success >> { "changed": false, "ping": "pong" } mohamedmoharam3.mylabserver.com | success >> { "changed": false, "ping": "pong" }
  • 8. Ansible Command Line Now, here we are using another module called ‘command‘, which is used to execute list of commands (like, df, free, uptim, etc.) on all selected remote hosts at one go, for example watch out few examples shown below. To check the partitions on all remote hosts # ansible -m command -a "df -h" webservers mohamedmoharam2.mylabserver.com | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/xvda1 20G 4.7G 16G 24% / devtmpfs 477M 0 477M 0% /dev tmpfs 497M 84K 496M 1% /dev/shm tmpfs 497M 13M 484M 3% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup mohamedmoharam3.mylabserver.com | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/xvda1 20G 4.7G 16G 24% / devtmpfs 477M 0 477M 0% /dev tmpfs 497M 0 497M 0% /dev/shm tmpfs 497M 13M 484M 3% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup Installing a package remotely using friendly ansible yum module feature for installing the package httpd on a remote group of servers [user@mohamedmoharam1 ansible]$ ansible webservers -s -m yum -a 'pkg=httpd state=installed update_cache=true' mohamedmoharam3.mylabserver.com | success >> { "changed": true, "msg": "", "rc": 0, "results": [ mohamedmoharam3.mylabserver.com | success >> { "changed": true, "msg": "", "rc": 0, "results": [
  • 9. To install package remotely on a group of servers over shell using yum command package telent
  • 10. System Facts Using Ansible discovers various system information on remote systems using setup ansible module [user@mohamedmoharam1 ansible]$ ansible -m setup webservers mohamedmoharam2.mylabserver.com | success >> { "ansible_facts": { "ansible_all_ipv4_addresses": [ "172.31.103.160" ], "ansible_all_ipv6_addresses": [ "fe80::1042:b8ff:fef2:99" ], "ansible_architecture": "x86_64", "ansible_bios_date": "12/07/2015", "ansible_bios_version": "4.2.amazon", "ansible_cmdline": { "BOOT_IMAGE": "/boot/vmlinuz-3.10.0-229.14.1.el7.x86_64", "LANG": "en_US.UTF-8", "console": "ttyS0,115200n8", "crashkernel": "auto", "ro": true, "root": "UUID=0f790447-ebef-4ca0-b229-d0aa1985d57f", "vconsole.font": "latarcyrheb-sun16", "vconsole.keymap": "us" }, "ansible_date_time": { "date": "2015-12-15", "day": "15", "epoch": "1450215305", "hour": "21", "iso8601": "2015-12-15T21:35:05Z", "iso8601_micro": "2015-12-15T21:35:05.565977Z", "minute": "35", "month": "12", "second": "05", "time": "21:35:05", "tz": "UTC", "tz_offset": "+0000", "weekday": "Tuesday", "year": "2015" }, "ansible_default_ipv4": { "address": "172.31.103.160" "alias": "eth0", "gateway": "172.31.96.1", "interface": "eth0", "macaddress": "12:42:b8:f2:00:99", "mtu": 9001, "netmask": "255.255.240.0", "network": "172.31.96.0",
  • 11. "type": "ether" }, "ansible_default_ipv6": {}, "ansible_devices": { "xvda": { "holders": [], "host": "", "model": null, "partitions": { "xvda1": { "sectors": "41927602", "sectorsize": 512, "size": "19.99 GB", "start": "2048" } }, "removable": "0", "rotational": "0", "scheduler_mode": "deadline", "sectors": "41943040", "sectorsize": "512", "size": "20.00 GB", "support_discard": "0", "vendor": null } }, "ansible_distribution": "CentOS", "ansible_distribution_major_version": "7", "ansible_distribution_release": "Core", "ansible_distribution_version": "7.1.1503", "ansible_domain": "mylabserver.com",
  • 12. Ansible Modules Ansible ships with a number of modules (called the ‘module library’) that can be executed directly on remote hosts or through Playbooks. Users can also write their own modules. These modules can control system resources, like services, packages, or files (anything really), or handle executing system commands. 1- Setup Module Gathers facts about remote hosts related to system information like architecture , domain , distribution kernel , interfaces …etc we can use filter to extract what we need from it .
  • 13. 2- File Module Sets attributes of files, symlinks, and directories, or removes or copy files/symlinks/directories. Many other modules support the same options as the file module - including copy, template, and assemble. In the following example we list the attributes for /etc/fstab for the remote group of servers to see permissions group gid owner uid ...etc In case the remote directory not found it will show error for us as you see in the following In case we would like to create new directory and change ownership & premissions
  • 14. 3- Copy Module The copy module copies a file on the controller node to remote locations. Use the fetch module to copy files from remote locations to the controller node . In the following example we copy the /etc/fstab from the controller node to the remote server mohamedmoharam2.mylabserver.com to /tmp/etc/ directory . In the following example we use the command module to remove the files from remote group of servers 4- YUM Module Installs, upgrade, removes, and lists packages and groups with the yum package manager. As you see in the following example we need to install a package to group of webserver a) List available group of remote servers in the controller node
  • 15. b) Create new yml playbook and define the group of remote servers we will apply on it , use the yum module And run the new .yml using ansible-playbook command line as you see below on the controller node c) N o w t h e p a c k a g e vsftpd have been installed successfully remotely in all group of webservers . 5- Service Module Controls services on remote hosts. Supported init systems include BSD init, OpenRC, SysV, Solaris SMF, systemd, upstart . Here an example of starting service remotely after installing the package using yum module . a) We create new .yml for service definition and define the remote group of hosts b) Run service.yum using ansible-palybook command line as you see below c) As we see the httpd service have been restarted successfully on all group of servers
  • 16. 6- Copy Module The copy module copies a file on the local box to remote locations. Use the fetch module to copy files from remote locations to the local box. a) First we create new .yml playbook and define group of servers on it we need to copy files to them b) Run the new .yml playbook using ansible-playbook command as you see below c) Now the /etc/fstab file on the controller node have been successfully copied to all group of webservers under /tmp destination 7- Command Module The command module takes the command name followed by a list of space-delimited arguments. The given command will be executed on all selected nodes in the following a) Create new file .yml to define the group of remote hosts and the command that we like to applied remotely on all servers b) Run the new playbook .yml using ansible-playbook command c) The command have been run successfully on all remote servers
  • 17. 8- Cron Module :- This module allows you to create named crontab entries, update, or delete them. The module includes one line with the description of the crontab entry "#Ansible: <name>" corresponding to the “name” passed to the module, which is used by future ansible/module calls to find/check the state a) We have created new playbook .yml file b) Define the group of hosts in the yml playbook and the cron task we need to apply on the remote servers c) Run the playbooks using ansible command line d) Now the cron task have been scheduled successfully on all remote server as you see above 9- User Module Manage user accounts and user attributes ( useradd - userdel – usermod) in the following example we have create a normal user in number of group of servers remotely in this example we created new playbook yml and use user module to apply on group of servers
  • 18. 10-Shell Module The shell module takes the command name followed by a list of space-delimited arguments. It is almost exactly like the command module but runs the command through a shell (/bin/sh) on the remote node. In this example we have executed the uptime command remotely in the group of servers over the shell module and save the result to uptime.log file in the /home/user/ 11-Selinux Module Configures the SELinux mode and policy. A reboot may be required after usage. Ansible will not issue this reboot but will let you know when it is required. In the following example we have created new yml playbook file and define on it the group of hosts that we need to apply selinux policy on them and run the playbook using ansible-playbook command line