5 Things you need to know about Ansible!

Photo by Markus Spiske on Unsplash

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.

Ansible’s main goals are simplicity and ease-of-use. It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with other transports and pull modes as alternatives), and a language that is designed for even those who are not familiar with the program.

Ansible mainly uses push approach.

Ansible is agentless.

USE CASES

• Provisioning
• Configuration Management
• App Deployment
• Continuous Delivery
• Security & Compliance
• Orchestration

INTEGRATIONS

• Infrastructure
• Networks
• Containers
• Cloud
• DevOps Tools

5 Things you need to know in Ansible

1. Playbooks in Ansible

Playbooks are the files where Ansible code is written. Playbooks are written in YAML format. YAML stands for“YAML Ain’t Markup Language” . Playbooks are one of the core features of Ansible and tell Ansible what to execute. They are like a to-do list for Ansible that contains a list of tasks.

The Different YAML Tags in a playbook

1. Name

2. Hosts

3. Vars

4. Tasks

Sample playbook

---
- name: Install nginx web server 
  hosts: AppServer

  become: yes

  tasks:

  - name: Installs nginx web server

    apt:

      name: nginx

      state: present

2. Modules in Ansible

Modules (also referred to as “task plugins” or “library plugins”) are discrete units of code that can be used from the command line or in a playbook task. Ansible executes each module, usually on the remote target node, and collects return values . Ansible executes each modules on the target machine.

You can execute modules from the command line:

ansible webservers -m service -a "name=nginx state=started"

Another way to pass arguments to a module is using YAML

- name: restart webserver
  service:
    name: nginx
    state: restarted

Example modules are:

1. Command module

2. Script module

3. Shell module

4. Copy module

3. Variables in Ansible

Variable in playbooks are very similar to using variables in any programming language. It helps you to use and assign a value to a variable and use that anywhere in the playbook. One can put conditions around the value of the variables and accordingly use them in the playbook.

1. Variables can be defined within the playbook.

2. Variables can be defined in an external file.

3. Variables can be defined in an host inventory file.

Example:

---
- hosts: all
  become: true
  vars:
    doc_root: /var/www/example
  tasks:
    - name: Update apt
      apt: update_cache=yes
    - name: Install Apache
      apt: name=apache2 state=latest
    - name: Create custom document root
      file: path={{ doc_root }} state=directory owner=www-data
 

4. Roles in Ansible

In Ansible, the role is the primary mechanism for breaking a playbook into multiple files. This simplifies writing complex playbooks, and it makes them easier to reuse. The breaking of playbook allows you to logically break the playbook into reusable components.

Each role is basically limited to a particular functionality or desired output.

Creating a new role:

$ ansible-galaxy init manojrole

$ tree manojrole/ 
manojrole/ 
├── defaults 
│   └── main.yml 
├── files ├── handlers 
│   └── main.yml 
├── meta 
│   └── main.yml 
├── README.md ├── tasks 
│   └── main.yml 
├── templates ├── tests │   ├── inventory 
│   └── test.yml 
└── vars 
    └── main.yml

5. Vault in Ansible

Ansible Vault is a feature of ansible that allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plaintext in playbooks or roles. These vault files can then be distributed or placed in source control.

Creating Encrypted Files

ansible-vault create nginx_vault.yml

Editing Encrypted Files

ansible-vault edit nginx_vault.yml

Encrypting Unencrypted Files

ansible-vault encrypt nginx_vault.yml

Decrypting Encrypted Files

ansible-vault decrypt nginx_vault.yml

Viewing Encrypted Files

ansible-vault view nginx_vault.yml

Conclusion:

So these are the few things that you should start using in your day to day ansible playbook. Learning and using Ansible can be great fun. There is a lot more to it but hopefully this will get you started.

Hope you liked it!

References

• https://docs.ansible.com/ansible/2.5/user_guide/playbooks_best_practices.html
• https://docs.ansible.com/ansible/2.5/dev_guide/overview_architecture.html
• https://www.digitalocean.com/community/tutorials/how-to-create-ansible-playbooks-to-automate-system-configuration-on-ubuntu
• https://www.tutorialspoint.com/ansible/ansible_introduction.htm