Ansible
Ansible
- Ansible is an open source engine that automates application deployment, orchestration, cloud provisioning etc.
- It uses human readable YAML syntax for Ansible Playbooks to describe automation jobs.
- Ansible is agent-less and designed for multi-tier deployment. Connects nodes via ssh by pushing "Ansible modules" which is removed after its execution.
Environment Setup
Types of machines:
- Control machine − a system on which Ansible is installed which manages other machines by executing playbook.
- Remote machine − a remote system managed by control machine.
Installation
apt update
apt upgrade -y
apt install ansible -y
Ansible configuration
ansible.cfg
[default]
inventory = nameOfInventoryFile
private_key_file = ~/.ssh/nameOfSSHKey
Ad-hoc commands
Playbook
Ansible commands
ansible all --key-file ~/.ssh/nameOfSSHKey -i inventory -m ping
ansible all --list-hosts
ansible all -m gather_facts
ansible all -m gather_facts --limit ip.address.of.single.host
# sudo apt update to update package index
ansible all -i hosts -m apt -a update_cache=true --become --ask-become-pass
# install tmux
ansible all -i hosts -m apt -a name=tmux --become --ask-become-pass
ansible all -i hosts -m apt -a "name=tmux state=latest" --become --ask-become-pass
# sudo apt dist-upgrade
ansible all -i hosts -m apt -a upgrade=dist --become --ask-become-pass
ansible-playbook --ask-become-pass playbookFileName.yml
# List tags of a playbook
ansible-playbook -i nameOfInventory --list-tags playbookFileName.yml
ansible-playbook -i nameOfInventory --tags "tag1,tag2,tag3" --ask-become-pass playbookFileName.yml
# Syntax check
ansible-playbook --syntax-check <YAML>
# Ansoble Vaults
ansible-vault create secret.yml
ansible-vault edit secret.yml
# Ansoble Galaxy
ansible-galaxy install -r requirements.yml
Playbook snippets
Ansible Inventory
A list of managed nodes that are logically organized. You create an inventory on the control node to describe host deployments to Ansible.
WSL Playbook
See https://github.com/m19v/dotfiles/blob/main/README.md
Roles
Variables
Advanced execution
Troubleshooting
SSH Overview
SSH Key-Based Authentication
- Install OpenSSH on server
# Ubuntu
sudo apt install openssh-server
- Create an SSH key pair (with a passphrase) for your normal user account and copy it to target server
# -t ed25519 type of algorith
# -C comment to ssh key
ssh-keygen -t ed25519 -C "ansible tutorial key"
# following command will copy the public key to the host under the folder
# .ssh/authorized_keys
ssh-copy-id -i ~/.ssh/id_ed25519.pub 1p.address.of.host
- Create a specific SSH key for Ansible Control Node (without passphrase as ansible can not enter passphrase everytime connecting target servers) and copy it to target server
# with different name e.g. /home/username/.ssh/ansible
ssh-keygen -t ed25519 -C "ansible control node"
Adding SSH Key to SSH Agent
# Check if ssh-agent is running
eval "$(ssh-agent -s)"
# Add ssh key to ssh-agent
ssh-add ~/.ssh/nameOfSSHKey
# Verify Key is added to ssh-agent
ssh-add -l