Tuesday, October 20, 2020

Ansible Concepts: Run first Command and Playbook on Linux cluster

Ansible is a configuration management and orchestration tool that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs. The open source product is maintained by Ansible Inc. It was first released in 2012.  Red Hat acquired Ansible in 2015. Red Hat Ansible Engine and Red Hat Ansible Tower are commercial products. Ansible can be run directly from the command line without setting up any configuration files.  You only need to install Ansible on the control server or node. It communicates and performs the required tasks using SSH. No other installation is required. This is different from other orchestration tools like Chef and Puppet where you have to install software both on the control and client nodes.It uses no agents and no additional custom security infrastructure, so it's easy to deploy - and most importantly, it uses a very simple language (YAML, in the form of Ansible Playbooks)Ansible uses configuration files called playbooks for a series of tasks. The playbooks are written in YAML syntax. That allow you to describe your automation jobs in a way that approaches plain English.

 

Architecture:


 The Ansible Automation engine consists of:

Control node

Any machine with Ansible installed. You can run commands and playbooks, invoking /usr/bin/ansible or /usr/bin/ansible-playbook, from any control node. You can use any computer that has Python installed on it as a control node - laptops, shared desktops, and servers can all run Ansible. However, you cannot use a Windows machine as a control node. You can have multiple control nodes.



Managed nodes

The network devices (and/or servers) you manage with Ansible. Managed nodes are also sometimes called “hosts”. Ansible is not installed on managed nodes.

Inventory

A list of managed nodes. An inventory file is also sometimes called a “hostfile”. Your inventory can specify information like IP address for each managed node. An inventory can also organize managed nodes, creating and nesting groups for easier scaling. Inventories can be of two types static and dynamic, dynamic inventory can be covered while you go through Ansible thoroughly.

Modules


The units of code Ansible executes. Each module has a particular use, from administering users on a specific type of database to managing VLAN interfaces on a specific type of network device. You can invoke a single module with a task, or invoke several different modules in a playbook.

Tasks

The units of action in Ansible. You can execute a single task once with an ad-hoc command.

Playbooks

Ordered lists of tasks, saved so you can run those tasks in that order repeatedly. Playbooks can include variables as well as tasks. Playbooks are written in YAML and are easy to read, write, share and understand. 

CMDB(Configuration Management Database.) :

It is a repository that acts as a data warehouse for IT installations. It holds data relating to a collection of IT assets (commonly referred to as configuration items (CI)), as well as to describe relationships between such assets.

Cloud:
A network of remote servers on which you can store, manage and process your data, these servers are hosted on internet, storing the data remotely rather than local servers, just launch your resources and instances on cloud, connect them to your servers and you’ve the wisdom of operating your task remotely.

 

Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished.

Your library of modules can reside on any machine, and there are no servers, daemons, or databases required. Typically you'll work with your favorite terminal program, a text editor, and probably a version control system to keep track of changes to your content. Passwords are supported, but SSH keys with ssh-agent are one of the best ways to use Ansible. 

By default, Ansible represents what machines it manages using a very simple INI file that puts all of your managed machines in groups of your own choosing. The Ansible inventory file defines the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate. It resides under the /etc/ansible directory. If necessary, you can also create project-specific inventory files in alternate locations. 

How to install Ansible on RHEL8 machine:

Install instructions for Ansible Engine on RHEL on IBM Power (little endian).
RHEL 8: (POWER8, POWER9)
subscription-manager repos --enable="ansible-2.9-for-rhel-8-ppc64le-rpms"
yum install ansible 

Verify installed version of ansible :

[root@myhost123 example]# ansible --version
ansible 2.10.2
  config file = /root/sachin/example/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /root/.local/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Dec  5 2019, 16:11:43) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]

As explained in above section,  Ansible Engine consists of Inventory, API, Modules and Plugins. A user writes playbooks i.e. set of tasks, then the playbook scans the inventory and matches for the listed hosts or IP addresses where the tasks must be executed. Ansible copies all the modules to the managed node and using Python API calls and plugins.  Ansible completes the given tasks. Once the tasks are completed/executed all the modules are destroyed on the Managed Nodes. Ansible on linux executes the modules on managed hosts using SSH

How to use  ANSIBLE for ad-hoc parallel task execution:
Once you have an instance available, you can talk to it right away, without any additional setup:

ansible 'hosts' -m module_name

Eg:  ansible 'localhost' -m shell -a 'id'

ansible all -m ping
ansible hostname.com -m yum -a "name=httpd state=installed"
ansible hostname.com -a "/usr/sbin/reboot"

Examples:

CASE 1:[root@myhost123 example]# ansible all -m ping
myhost123 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}

---------------------
CASE 2: # ansible 'localhost' -m shell -a 'id'
localhost | CHANGED | rc=0 >>
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

-----------------------------
CASE 3: # ansible myhost123 -m yum -a "name=httpd state=installed"

myhost123 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: mod_http2-1.11.3-3.module+el8.2.0+7758+84b4ca3e.1.ppc64le",
        "Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.ppc64le",
        "Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch",
        "Installed: apr-util-1.6.1-6.el8.ppc64le",
        "Installed: apr-util-openssl-1.6.1-6.el8.ppc64le",
        "Installed: apr-1.6.3-9.el8.ppc64le",
        "Installed: redhat-logos-httpd-81.1-1.el8.noarch",
        "Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.ppc64le",
        "Installed: apr-util-bdb-1.6.1-6.el8.ppc64le"
    ]
}

--------------------------------------------------------------

How To Setup Ansible Master-Slave and Install Apache Web Server
Let’s see the capabilities of Ansible in this example of simple web server setup. We will have the following components:

  1. Control Node – It is the node that will have Ansible installed and it will control the other nodes.
  2. Load Balancer  – A nginx based load balancer will be installed on this node.
  3. Web Server 1 and Server 2  – These nodes will have Apache installed with a simple hello world web page. The load balancer will alternate traffic between these two nodes.

We will first install Ansible on the control node. Then, we will use the control node to set up the load balancer and application nodes.

--------------------------------------------------------------

How to  create playbooks ?   Example Hello world

 [root@myhost123 example]# cat HelloWorld.yml
---
- name: This is a hello-world example
  hosts: all
  tasks:
    - name: Create a file called '/tmp/output.txt' with the content 'hello world'.
      copy:
        content: hello world
        dest: /tmp/output.txt

...
[root@myhost123 example]#
---------------------------------------------------------------

Run Playbook:

[root@myhost123 example]# ansible-playbook  HelloWorld.yml
PLAY [This is a hello-world example] ********************************************************************
TASK [Gathering Facts] **********************************************************************************
ok: [myhost123]
TASK [Create a file called '/tmp/output.txt' with the content 'hello world'.] *************************
ok: [myhost123]
PLAY RECAP **********************************************************************************************
myhost123                   : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
[root@myhost123 example]#

Verify  output:

[root@myhost123 example]# cat /tmp/output.txt
hello world

----------------------------------------------------------------------------------

 All YAML files (regardless of their association with Ansible or not) can optionally begin with --- and end with ...  This is part of the YAML format and indicates the start and end of a document.

Reference:
https://docs.ansible.com/index.html
https://linuxhint.com/ansible-tutorial-beginners/