Ansible Advantages, Requirements, Installation

February 19, 2022 , ,

 

Summary
The configuration and provisioning of systems is a process that should be automated, especially when we are faced with the administration of a large number of computers. In addition, they are usually repetitive and cumbersome processes in which the introduction of errors is very possible. In this sense, system automation and configuration management tools assist us in these tasks.
Ansible is a configuration management and automation tool. With Ansible we can easily manage tens, hundreds or thousands of systems, and also from anywhere.

Its module-based architecture allows its capabilities to be extended almost indefinitely. We find modules for cloud (Amazon, Azure, Google, OpenStack, …), virtualization (VMware, oVirt), databases, files, monitoring, network, storage, version control, Windows, …). Plus, it's easy to set up, making it quick to get everything up and running for an Ansible project. The Ansible configuration only requires the installation of Python on each of the computers to be managed. The team orchestrating or managing the setup will have Python and Ansible installed.
In this seminar we will introduce the use of Ansible through everyday examples, working with some of the most common modules and presenting Ansible Galaxy to increase productivity in our projects.
objectives
Know the advantages and the power that Ansible brings in the automation of operations and configuration management.
Learn to use roles and playbooks to automate operations.
Know the basic modules of Ansible.
Use Ansible Galaxy for playbook creation.
 

What is Ansible
Ansible is a tool that enables remote and system administration through code. With Ansible we can create recipes for infrastructure creation, resource provisioning and application deployment.
Configuration Management is a way of managing changes in a system following a method that allows it to maintain its integrity over time. The operations carried out are recorded and documented so that it is possible to know when and why a change was carried out. In addition, it allows knowing the exact status of a system at a given time.
Building and managing infrastructure as code, combined with a version control system allows for teamwork, configuration testing, rolling back to previous configurations, and other benefits of using version control systems.

Advantages of Ansible

  • You don't need agents
  • It only requires Python to be installed on the machines to be managed
  • Use of modules to enrich its functionality and facilitate its use

Ansible Requirements
By default, Ansible manages machines using the SSH protocol. It is only necessary to have Ansible installed on one machine (the control machine), which is the one that can centrally manage batteries of remote machines. On remote machines, only Python needs to be installed.

Requirements for the control machine
Ansible can currently be run from any machine running Python 2 (version 2.7) or Python 3 (versions 3.5 and later). The control machine cannot be a Windows machine.

Managed Node Requirements
We need a way to communicate with the managed nodes, and this is usually done via SSH. Python 2 (version 2.7) or Python 3 (versions 3.5 and later) is also required

By default, Ansible uses the Python interpreter located at /usr/bin/pythonto run its modules. However, some Linux distributions only have a Python 3 interpreter by default ( /usr/bin/python3). On those systems an error like this may occur:
"module_stdout": "/bin/sh: /usr/bin/python: No such file or directory\r\n"
you can either set the ansible_python_interpreter inventory variable (see Working with Inventory) to point at your interpreter or you can install a Python 2 interpreter for modules to use. You will still need to set ansible_python_interpreter if the Python 2 interpreter is not installed to /usr/bin/python.

Ansible Installation

Control machine configuration
Python installation
We will start by installing Python. In our case we will install Python 2.7.

$ sudo apt-get update
$ sudo apt-get install -y python-minimal

Installing Ansible

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo apt-add-repository --yes --update ppa:ansible/ansible
$ sudo apt-get install ansible

If we are using OpenStack, we can pass the Python and Ansible installation script in the process of creating the instance that acts as the Ansible control machine. In this way, once the instance is created, it will be ready to act as the Ansible control machine.
#!/bin/bash

echo "Instalando Python"
apt-get update
apt-get install -y python-minimal

echo "Instalando Ansible"
apt-get install -y software-properties-common
apt-add-repository --yes --update ppa:ansible/ansible
apt-get install -y ansible
After the installation we can test that Python and Ansible are working correctly
$ python --version
Python 2.7.12

$ ansible --version
ansible 2.7.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ubuntu/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.12 (default, Nov 12 2018, 14:36:49) [GCC 5.4.0 20160609]

Configuration of managed machines
On managed machines it is enough to install Python.

$ sudo apt-get update
$ sudo apt-get install -y python-minimal

If we are using OpenStack, we can pass in the process of creating the instances that act as Ansible managed machines the Python installation script. In this way, once the instances are created, they will be ready to act as machines managed by Ansible.
#!/bin/bash

echo "Instalando Python"
apt-get update
apt-get install -y python-minimal

Copying SSH keys to managed machines
Communication between the control machine and the managed machines is via SSH. Therefore, the control machine must have the private key and the managed machines the public key (browse the file ~/.ssh/authorized_keysof the managed machines to see the authorized public keys).
To do this, we will copy the key from the control machine to the managed machines with ssh-copy-id.
For example:

ssh-copy-id -i ~/.ssh/id_rsa 20.0.0.27
ssh-copy-id -i ~/.ssh/id_rsa 20.0.0.22

If we have created the Ansible instances in OpenStack, those instances will already have been created with an injected public key. Only clients that your private key pair is on will be able to log in to those instances.
We can create a key pair for the occasion and distribute it from the Ansible control machine to the remote machines. Another option is to copy to the Ansible control machine the private key that matches the public key that the instances already have injected.

Command line tools installed with Ansible
After the installation of Ansible we can verify that there are several command line tools installed:

  • ansible: Allows the direct execution of commands on a set of hosts.
  • ansible-playbook: Run playbooks on a set of hosts.
  • ansible-vault: Encrypts the content of files with sensitive data, such as those containing passwords.
  • ansible-galaxy: Install roles from Ansible Galaxy , a platform for sharing Ansible roles (recipes).
  • ansible-console: Command execution console.
  • ansible-config: Manages the Ansible configuration.
  • ansible-doc: Shows documentation about the installed modules.
  • ansible-inventory: Shows information about the host inventory.
  • ansible-pull: Download playbooks from a version control system and run it on the local system.

Post a Comment

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.