Ansible Quick Start Guide E-Book

Ansible Quick Start Guide

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author(s), nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin GeorgeAcquisition Editor: Reshma RamanContent Development Editor:Mohammed Yusuf ImaratwaleTechnical Editor: Sushmeeta JenaCopy Editor:Safis EditingProject Coordinator: Hardik BhindeProofreader: Safis EditingIndexer:Tejal Daruwale SoniGraphics: Alishon MendonsaProduction Coordinator:Deepika Naik

First published: September 2018

Production reference: 1270918

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78953-293-7

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the author

Mohamed Alibi is a Linux system administrator who works at the European Bioinformatics Institute, EMBL-EBI. His area of specialization is mass virtual machine and container provisioning and infrastructure administration for medium-sized distributed bioinformatics training facilities. He always keeps abreast of the latest innovations and developments in new technologies to solve his daily challenges. He holds an MSc in Networking and Computer Sciences in a collaborative program with the University of Illinois Urbana-Champaign and the IPT of Tunis, where he expanded his expertise in grid computing data management between the NCSA and IGB under the NIH project H3ABioNet. He published his first book in 2015 with Packt, called Mastering CentOS 7 Linux Server.

About the reviewer

Anis Regaieg is an IT infrastructure and cloud computing engineer currently working as a system administrator at the Tunisian Electoral Management Body. With more than five years of experience in Linux system administration, virtualization, and cloud computing, his main expertise is in high availability and performance optimization solutions. Anis is also passionate about new technologies and software programming.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Ansible Quick Start Guide

Packt Upsell

Why subscribe?

Packt.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

What is Ansible?

The IT configuration management market

Ansible: simple, lightweight, and powerful

 Ansible orchestration and automation

Orchestration

Automate everything

Provisioning

Configuration management

Application deployment

Continuous delivery and continuous integration

Ansible project and Ansible Tower

Ansible project

Ansible Tower

Summary

References

Ansible Setup and Configuration

Ansible master node installation

Prerequisites

Red Hat, CentOS, and Fedora package installation

Debian package installation

Ubuntu package installation

macOS X package installation

Python PyPI installation

Source GitHub or tarball installation

Ansible Docker container installation

Ansible instance on AWS

Master node essential configuration

Linux client node configuration

Windows client node configuration

Summary

References

Ansible Inventory and Playbook

Basic Ad hoc commands on Ansible

Ansible inventory

Ansible playbook

Summary

References

Ansible Modules

Ansible modules overview

Ad hoc versus playbook: the ping module

Ad hoc versus playbook: the win_reboot module

ad-hoc versus playbook: the copy module

Ansible module return values

Ansible Linux modules

Linux system modules

The user management module

The group management module

The hostname module

The sysctl control module

The service management module

The systemd module

The kernel blacklist management module

The cron job editing module

The SSH authorized keys management module

The Git usage module

The SELinux control module

Linux commands modules

Running the raw command module

The command execution module 

The shell command module

The script execution module

The expect script module

Linux package modules

Apt package manager module

DNF package manager module

Yum package manager module

Homebrew package manager

PyPI Python package manager module

Cpanm Perl package manager module

Linux file modules

File and folder management modules

Data distribution modules (copy, unarchive, and get_url)

Data collection module (fetch)

File editing modules (lineinfile, replace, and blockinfile)

Linux networking modules

Network interfaces management module

Firewall UFW management module

HAProxy control module

Wake-on-LAN trigger module

Linux storage modules

File system management module

Device mounting module 

Disk partitioning module

GlusterFS control module

Ansible Windows modules

Windows System Modules

Windows user and group management module

Windows register editing module

Windows service management module

Windows updates and feature management modules (win_updates, win_hotfix, and win_feature)

Windows Wake-on-LAN trigger module

Windows firewall management module

Windows package modules

Chocolatey control module

Windows package manager

Windows command modules

Windows command modules (win_shell and win_command)

Windows task scheduling module

Windows file modules

Windows file and folder management module

Windows data sharing module

Windows file editing module

Windows data sending modules (win_copy, win_robocopy, and win_get_url)

Ansible network modules

Network data transfer modules (net_get and network_put)

Cisco IOS command module

Cisco ISO system configuration module

Cisco IOS interface management module

Cisco IOS static route control module

Cisco IOS VLAN management module

Ansible cloud modules

VMware modules

VMware guest management modules (vmware_guest and vsphere_guest)

VMware guest snapshot management module

VMware virtual machine shell execution module

VMware host power state control module

Docker modules

Docker container management module

Docker image management module

Docker login module

Amazon AWS modules

AWS EC2 instance management module

AWS WC2 AMI management module

AWS EC2 key management module

Summary

References

Ansible Automated Infrastructure

Linux infrastructure automation

System management automation

Use case 1 – system update automation

Use case 2 – creating a new user with all its settings

Use case 3 – services (systemd) management

Use case 4 – automated network drive mounting (NFS, SMB)

Use case 5 – automated backup of important documents

Automation of applications and service

Use case 1 – setting up a Linux desktop environment with some pre-installed tools

Use case 2 – LAMP server setup and configuration

Windows infrastructure automation

System management automation

Use case 1 – system update automation

Use case 2 – automated Windows optimization

Application and services automation

Use case 1 – automating Windows application management

Use case 2 – setting up an NSclient Nagios client

Network automation

Use case 1 – automated patching of network devices

Use case 2 – adding a new configuration in network devices

Automation of the cloud and container infrastructure

VMware automation

Use case 1 – creating virtual machines from a template

Use case 2 – ESXi hosts and cluster management

Summary

References

Ansible Coding for Configuration Management

Ansible configuration management coding standards

Playbook and task naming

YAML syntax usage for playbooks

The become feature

Group organization

Using handlers

Password usage in playbooks

Playbook version control

Making Ansible roles where possible

Ansible coding best practices

Using comments in playbooks

Playbook files and folder naming

Avoiding the use of command modules

Avoiding ignoring module errors

Using Ansible conditions

Using Ansible loops

Using template files

Stating task status

Shared storage space for data tasks

Ansible roles

What are Ansible roles?

The tasks folder

The handlers folder

The vars folder

The templates folder

The defaults folder

The files folder

The meta folder

The test folder

The README folder/file

Creating Ansible roles

Using Ansible roles

Summary

References

Ansible Galaxy and Community Roles

Ansible Galaxy

The Ansible Galaxy hub

The Ansible Galaxy command line

Galaxy contribution – role importation

What to do before role submission

Role repository

Ansible Galaxy role management

Ansible Galaxy role search

Ansible Galaxy role installation 

Ansible Galaxy role troubleshooting

Summary

References

Ansible Advanced Features

Ansible Vault

What is Ansible Vault?

Using Ansible Vault

Best practices when using Ansible Vault

Ansible Container

What is Ansible Container?

Using Ansible Container

Example Ansible container

Ansible plugins

What are Ansible plugins?

Developing Ansible plugins

Summary

References

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

This is an Ansible guidebook for beginner systems administrators. It aims to properly introduce Ansible as an automation and configuration management tool. Readers of the book should, by the end, master basic use of Ansible playbooks and modules by learning from real-life sample codes that demonstrate each module's functionality to help achieve infrastructure and task automation and orchestration. The book contains some extra advanced tips for those who want to go the extra mile and learn about and collaborate with the Ansible community.

Who this book is for

This book is for three major audiences. First, systems administrators who work with either Linux, Windows, or Mac OS X. This covers those who work on bare-metal machines, virtual infrastructure, or cloud-based environments. Then, network administrators, those who work on distributed proprietary network equipment. Finally, DevOps. This book offers a good understanding of how the system they are going to deploy their application in will behave, enabling them to code accordingly or suggest modifications that can benefit their applications.

What this book covers

Chapter 1, What is Ansible?, is an introduction to Ansible and compares it with other configuration management tools.

Chapter 2, Ansible Setup and Configuration, explains how to set up and configure Ansible on multiple systems.

Chapter 3, Ansible Inventory and Playbook, is an introduction to and overview of Ansible Inventory and Playbook.

Chapter 4, Ansible Modules, covers Ansible's most often used modules with real-life sample usage code.

Chapter 5, Ansible Automated Infrastructure, enumerates Ansible's use cases for multiple infrastructures.

Chapter 6, Ansible Coding for Configuration Management, contains best practices for coding Ansible playbooks.

Chapter 7, Ansible Galaxy and Community Roles, is an introduction to Ansible community roles, usage, and contribution.

Chapter 8, Ansible Advanced Features, is an overview of some of Ansible's advanced features, such as Vault, plugins, and containers.

To get the most out of this book

Before reading this book, you should have a basic understanding of the Linux shell and some system administration skills in order to be able to follow the practical examples. Also, some basic coding skills will be very handy when dealing with YAML playbooks. As an optional requirement, having some basic knowledge of configuration management will help to simplify many points in the book.

To be able to run most of the code, we recommend having a virtual environment running at least two Linux machines, a Windows machine, and a Mac OS X. For network device testing, you may need a test network device or some virtual network equipment.

Download the example code files

You can download the example code files for this book from your account at www.packt.com. If you purchased this book elsewhere, you can visit www.packt.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packt.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub athttps://github.com/PacktPublishing/Ansible-Quick-Start-Guide. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/9781789532937_ColorImages.pdf.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

What is Ansible?

Following the first industrial revolution, automation was introduced, making the already-efficient machinery that had been developed even more efficient. This led to the introduction of industrial constructions, vehicle steering and stabilization, and indoor environmental control, among many other developments. After this, the information revolution kicked in, initiating a new process of optimization. This phase is working to reduce human intervention in technological processes and raise productivity.

Nowadays, automation has become the norm across all fields. It started with simple administrator scripts, written to simplify and speed up daily tasks, and quickly developed into fully-fledged configuration management tools. The reasons behind this rapid development were the increase in market demand, the expansion of infrastructure and applications, and the emergence of new technologies, such as continuous integration, continuous development, and machine provisioning, that require a much more complicated setup and configuration.

By nature, systems and network administrators tend to want to reduce repetitive tasks, simplify complicated ones, and try to move on to the next task as quickly as possible. At first, there were a few simple scripts, such as Bash or PowerShell, that were able to optimize tasks in a standard environment. After that, longer and more complicated scripts that involved advanced programming languages such as Python or Ruby were developed. These aimed to address tasks across multiple platforms or in complex environments and to manage infrastructure using automation and orchestration tools, enabling businesses to grow dramatically overnight with more demanding and complicated services. The role of administrators is to manage this growth and act accordingly to ensure a seamless user experience. 

This chapter will provide an overview of Ansible. We will demonstrate that Ansible is now a must-have platform for managing a medium to large infrastructure, rather than having a physical, partially virtual or hybrid, private and public cloud. Other automation tools offer different benefits with regard to their installation, usage, speed, and flexibility, so it can be tricky for a first-time user to choose the most appropriate automation tool for their environment. Ansible, Chef, Puppet, and SaltStack are the major configuration management tools available on the market. Each of these follows a different method of deploying, configuring, and managing machines with reduced complexity and increased speed, reliability, and compliance. This chapter will cover the following topics:

Market study of automation tools 

Introduction to Ansible as a configuration management and task orchestration tool

Exploration of Ansible's functionalities across operating systems, architectures, and cloud platforms

Overview of the Ansible project and Tower

The IT configuration management market

The major configuration management tools currently used in the market are Ansible, Chef, Puppet, and SaltStack. Each one of these has their own pros and cons, so finding the right one can be a bit challenging, depending on which features are valued or which programming language is preferred. In this section, we will briefly introduce each of the tools and explain why we have chosen Ansible in this book.

Chef is an open source, client-server configuration management tool. It offers a flexible infrastructure automation framework using Ruby and domain-specific language (DSL) for the administration of hosts. This covers all types of hosts, including bare metal, virtual, or on the cloud. Chef is very common with code developers due to its flexibility, stability, and reliability in large cloud deployments. However, it can be challenging to set up and learn its functionalities, so it might take a new user some time before properly mastering it.

Puppet is a Ruby-based configuration management and orchestration tool. It follows an agent/master architecture, where the hosts to be controlled require a Puppet agent to allow their management. Puppet features a strong automation and reporting capability, via its UI interface, for task submission and host real-time reporting. Like Chef, Puppet can be challenging for new users to set up and configure. A prior knowledge of Ruby and DSL is required to perform personalized and complex tasks.

SaltStack is a Python-coded platform built to allow high-speed, master-agent communication. Its configuration management tasks are coded in Yet Another Markdown Language(YAML). The master (or multiple masters) uses the SSH protocol to control the agents/minions. SaltStack is very scalable, meaning it can respond well to environmental changes, it is easy to use, and it has a strong community. On the other hand, its installation can be difficult for a new user, its UI is not well-developed, it focuses on Linux with an average cover of other operating systems, and its documentation lacks good management.

Ansible is a relatively new tool compared to the others. It was built to simplify the complexity of task automation and orchestration. It is built on Python and uses YAML for scripting its jobs, which is a language that is very simple and close to English. This allows new users to understand it easily and write it themselves. Ansible does not require an agent to be installed in the hosts. It supports both push and pull models to send commands to its Linux nodes via the SSH protocol, and the WinRM protocol to send commands to its Windows nodes. It allows for a seamless deployment and provisioning for both VMs, applications, and containers, and scales easily to match the environment growth. It is simple to install and configure, and it is fairly easy to learn how to use it and code its scripts. Ansible does not require agent installation, which improves its communication speed. It is predominantly advanced in configuration management tasks, but it can also behave as an infrastructure orchestration tool. However, it requires extra permission for the master nodes. Users can easily end up with multiple scripts for multiple tasks, which can get confusing, and it lacks a good GUI and a mature platform when compared to older tools.

Each of these tools is built for a specific audience. They have many well-developed features to cover a user's unique requirements to either simplify their daily tasks, improve productivity, speed up a host configuration, or close the gap in a hybrid environment.