UNIT - IV

UNIT IV CONFIGURATION MANAGEMENT USING ANSIBLE

Ansible Introduction, Installation, Ansible master/slave configuration, YAML basics, Ansible modules, Ansible

Inventory files, Ansible playbooks, Ansible Roles, adhoc commands in ansible

UNIT - IV

Common Tools Used in Configuration Management

Ansible: An automation tool that enables configuration management, application deployment, and orchestration.

Puppet: An open-source configuration management tool that helps automate the provisioning, configuration, and

management of systems.

Chef: A configuration management tool used for infrastructure automation and management.

Kubernetes: An open-source container orchestration platform that helps manage and automate the deployment,

scaling, and operation of containerized applications.

SaltStack: A configuration management and remote execution tool that aids in managing and controlling

infrastructure.
UNIT - III

Ansible: (Ansible is written in Python)

Ansible is a leading orchestration platform that allows for automation, host configuration management, and the
deployment of applications and virtual machines. Ansible can automate a range of IT infrastructure features,
from simple, daily, and repetitive tasks to machine provisioning or the continuous integration and deployment
of DevOps applications. It is very flexible and can cover bare-metal machines, virtual machines and platforms,
and public or private cloud environments. Ansible can also manage network devices from switches, routers, and
firewalls. It can also cover the setup of applications, the configuration and behavior of database management
systems, package managers, and simple user applications:
UNIT - III

Ansible Introduction:

• It aims to provide large productivity gains to a wide variety of automation challenges.

Ansible offers its users the following features:

• System Configuration Management

• Application Deployment

• Continuous Delivery & Continuous Integration

• Provisioning

• Simplified Orchestration and Automation (Organization and Management)

• Support for cloud-native applications

• Security and Compliance policy in automated tasks

• Support multi tier deployment

• Support IaaS, PaaS

• Support for push and pull models for task execution

• Configuration for a variety of network devices

• Management and monitoring of storage devices

UNIT - III

Configuration Management

• Using the power of playbooks and inventory, IT administrators can use Ansible to execute an update, patch, or configuration
modification on a number of hosts, network devices, and applications.

Playbooks describe the infrastructure:

• Human-readable terms for other people to use, and machine-parsable code that can be used on any machine running Ansible.

Application Deployment

• Ansible takes the application package, deploys it to all the production servers, sets it up, and configures and initiates it.

• It can even test the package and report its status. This feature covers multi-tier applications.
UNIT - III

Continuous Delivery & Continuous Integration

• Ansible ensures a stable environment for both developers and IT administrators for the continuous delivery and integration of
applications.

• We can write Playbooks to manage the continuous integration and delivery of applications while ensuring the desired state of
various components, such as load balancers and several server nodes.

Provisioning

• Instance provisioning using Ansible covers the configuration and setup of bare-metal machines and servers.

• It relies on its predefined APIs to create and configure the local virtualized infrastructure. It can also manage hybrid, private, and
public cloud instances, resources, and applications.

• Ansible can automatically install and configure an application and its libraries.

• It uses OS bootstrap and a kickstart script to initiate bare-metal machine provisioning using very simple playbooks and built-in
modules
UNIT - III

Benefits of Ansible

Free & Easy to learn: Ansible is an open-source tool,

Very simple to set up and use: No special coding skills are necessary to use Ansible’s. Ansible tool is programmed in simple
programming language i.e. YAML. YAML is a human-readable language that is good for the configuration files and it is
utilized by various applications across industries. In other words, playbooks in Ansible can be quickly understood by IT guys
and they can edit them accordingly.

Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it
based on your needs.

Agentless: The tool does not use any agents, so how Ansible works exactly? Ansible works by connecting multiple nodes
together and pushes out mini-programs that are named as ‘Ansible Modules’. The tool executes the module over ‘SSH’ and
deletes them when finished.
UNIT - III

Benefits of Ansible

Efficient: There is only limited IT resources are needed to manage the nodes and modules in Ansible, this is the reason why it
is taken as an efficient tool by the industries. Ansible utilizes modules as basic blocks of the software and it can be
customized or edited quickly

Powerful: Ansible is a powerful tool that helps you to model the most complex IT workflows too. It has the capability to
manage services, networks, operating systems, or infrastructure that you are already using with the help of Ansible modules.
In brief, Ansible offers the complete IT orchestration instead of the environment it is deployed and this is how Ansible works.

Ansible & DevOps – How well they fit together?

DevOps is used to integrate the development and operational tasks together and we all know how important integration is
for test-driven apps. Ansible fulfills this objective by providing a stable environment for integration that ultimately results in
improved orchestration.
UNIT - III

Shell Script Vs Ansible Playbook

UNIT - III

Ansible Workflow:
UNIT - III

Ansible Support Platforms:

UNIT - III

Important Terms:

Playbooks – They are written in YAML programming language with minimal syntax and it is generally used to automate the
tasks when required.

Host – In Ansible, a host is a remote machine that is assigned to individual variables and they are further grouped together.
Each host has a dedicated name or unique IP address to make its identification easy and quick. They can be given simple port
number too if you don’t have to access them over SSH connection.

Task – Every instruction defined in the playbook is termed as the task that will be executed further to perform an action.

Facts – They are inferred from the remote nodes automatically when executing modules on the remote nodes.

Group – This is a combination of hosts that are assigned to a pool and variables can also be shared together.

Inventory – Inventory is an important component of ansible remote engine that describes hosts, groups, etc through IP
address or port number, etc. So, you can define all the hosts in a single file for easy access.
UNIT - III

Important Terms:

APIs – These are the transportation medium for different cloud services either private or public.

Modules – With the help of a playbook, modules can be executed on remote nodes directly. Further, it can be used to
manage services, resources, packages, files or commands, etc. Modules are the main components that help to install
packages, allow APIs to interact together and plan actions for system files too. There are a variety of modules in Ansible that
are programmed to automate almost everything inside the tool.

Plug-ins – They are the special pieces of code that help to write code quickly. Plug-ins automate the development tasks and
help to speed up the deployment work to the maximum level. Ansible is featured with various handy plug-ins that can be
used when needed to make the things much easier for you.

Orchestration – This is a common term that is used in the technical world frequently. Why is this important in Ansible as
well? For different software products, the meaning of orchestration could be different. Ansible is using it as a conductor to
conduct the orchestra.
UNIT - III

Ansible Installation :

Ansible is primarily designed for Unix-based systems. To install Ansible on Ubuntu, you can use the package manager.

Step 1: Update the Package Repository

First, update your system's package repository to ensure you're installing the latest version of Ansible:

sudo apt update

Step 2: Install Ansible

After updating the package repository, you can install Ansible using the apt package manager:

sudo apt install ansible

Step 3: Verify the Installation

After the installation is complete, you can verify that Ansible has been successfully installed:

ansible --version
UNIT - III

Ansible Architecture :

The Ansible Automation Engine consists of:

UNIT - III

Inventories: Ansible reads information about the machines you manage from the inventory. Inventory is listed in the file
which contains IP addresses, databases, and servers. Ansible then takes action via a transport – SSH for UNIX, Linux, or
Networking devices and WinRM for Windows system.

APIs: APIs in Ansible are used as transport for Cloud services, public or private.

Modules: Modules are executed directly on remote hosts through playbooks. The modules can control system resources, like
services, packages, or files (anything really), or execute system commands.

Plugins: Plugins allows to execution of Ansible tasks as a job build step. Plugins are pieces of code that augment Ansible’s
core functionality. Ansible ships with several handy plugins, and you can easily write your own.

Networking: Ansible can also be used to automate different networks. Ansible uses the same simple, powerful, and
agentless automation framework IT operations and development are already using. It uses a data model (a playbook or role)
that is separate from the Ansible automation engine that easily spans different network hardware.
UNIT - III

Hosts: The hosts in the Ansible architecture are just node systems that are getting automated by Ansible. It can be any kind
of machine – Windows, Linux, RedHat, etc.

Playbooks: Playbooks are simple files written in YAML format which describes the tasks to be executed by Ansible. Playbooks
can declare configurations, but they can also orchestrate any manual ordered process steps, even if it contains jump
statements. They can launch tasks synchronously or asynchronously.

CMDB: It is a repository that acts as a data warehouse for IT installations. It holds data relating to a collection of IT assets
(commonly referred to as configuration items (CI)), as well as describes relationships between such assets.

Public/Private Cloud: It is a network of remote servers hosted on the Internet to store, manage, and process data, rather
than a local server. You can launch your resources and instances on the cloud and connect to your servers.
UNIT - III

Ansible master/slave configuration:

Ansible does not have a built-in "master/slave" configuration in the traditional sense like some other automation tools.
Ansible follows a more agentless and decentralized approach. Instead of a master/slave architecture, Ansible uses a control
node and remote nodes for automation. Here's how it works:

Control Node: The control node is where you run Ansible commands and playbooks. It's the machine from which you control
and manage remote servers. Ansible does not require a dedicated master server; any machine can be the control node as
long as Ansible is installed on it.

Remote Nodes: These are the servers or machines that you want to manage or automate using Ansible. Ansible
communicates with remote nodes over SSH (by default) or other transport methods to execute tasks and configurations.
UNIT - III

Ansible works by connecting to nodes (clients, servers, or whatever you’re configuring) on a network, and then sending a
small program called an Ansible module to that node. Ansible executes these modules over SSH and removes them when
finished. The only requirement for this interaction is that your Ansible control node has login access to the managed nodes.
SSH keys are the most common way to provide access, but other forms of authentication are also supported.
UNIT - III

YAML basics :
Ansible playbook

• An Ansible playbook is a blueprint of automation tasks—which are complex IT actions executed with limited or no
human involvement.

• Ansible playbooks are executed on a set, group, or classification of hosts that make up an Ansible inventory.

YAML stands for Yet Another Markup Language.

• Ansible uses YAML syntax to express Ansible playbooks. Because compared to other data formats such as XML and
JSON, it is very easy for people to understand, read, and write.

• It is a human-readable data serialization format often used for configuration files and data exchange between languages
with different data structures. It's easy for both humans and machines to read and write.
UNIT - III

Here are some basics of YAML:

Indentation: YAML uses indentation (typically spaces) to represent the structure of data. Indentation should be consistent
throughout the document. Use either spaces or tabs, but not both.

key-value pair to represent data. A key-value pair (KVP) is a set of two related data items:

• Key: A unique identifier for a data item

• Value: The identifiable data or pointer to the location of the data.

Syntax:

<key>: <value>

Example:

name: John

age: 30
UNIT - III

Lists/Arrays: YAML allows you to create lists or arrays by using hyphens followed by a space. Lists are denoted by a sequence of items.
For example:
fruits:
- apple
- banana
- cherry
Nested Data: YAML can represent nested data structures. Indentation is used to indicate nesting.
For example:
person:
name: John
age: 30
Comments: YAML supports comments, which are lines beginning with the # character. Comments are for human readability and are ignored by
parsers.
# This is a comment
key: value # Another comment
UNIT - III

Quoting Strings: Strings in YAML don't require quotes, but you can use single or double quotes if needed.
For example:
Single_quoted: 'This is a single-quoted string’
Double_quoted: "This is a double-quoted string“

Multiline Strings: YAML allows multiline strings using the | or > indicator. | preserves newlines, while > folds newlines.
For example:
multiline: |
This is a
multiline
string
Dictionaries/Objects: YAML can represent dictionaries or objects with key-value pairs.
For example:
person:
name: John
address:
city: New York
zip: '10001'
UNIT - III

Nested Structures: You can nest data structures within each other, using indentation to indicate nesting.
For example:
person:
name: John
address:
city: New York
zip: '10001'
UNIT - III

More complicated data structures are possible, such as lists of dictionaries, dictionaries whose values are lists or a mix of both:
# Employee records
- martin:
name: Martin D'vloper
job: Developer
skills:
- python
- perl
- pascal
- Lalitha:
name: Lalitha Bitumen
job: Developer
skills:
- lisp
- fortran
- erlang
UNIT - III
Here's an example of a simple YAML file for a student record that demonstrates the syntax rules:

#Comment: Student record

#Describes some characteristics and preferences

---

name: Martin D'vloper #key-value

age: 26

hobbies:

- painting #first list item

- playing_music #second list item

- cooking #third list item

programming_languages:

java: Intermediate

python: Advanced

javascript: Beginner

favorite_food:

- vegetables: tomatoes

- fruits:

citrics: oranges

tropical: bananas

nuts: peanuts

sweets: raisins
UNIT - III

Ansible modules:

• Ansible modules are small, reusable units of code that serve as building blocks for Ansible automation.

• Modules are used in Ansible playbooks to perform specific tasks on target hosts, such as configuring system settings, managing services,
deploying applications, and more.

• Ansible provides a vast library of built-in modules for various purposes, making it easier to automate a wide range of system
administration tasks.

Here are some commonly used Ansible modules, categorized by their functionality:

System Modules:

• apt, yum, dnf: Package management on Linux systems.

• service, systemd: Managing services.

• user, group: User and group management.

• shell, command, script: Executing shell commands and scripts.

UNIT - III
File Module:
The file module handles operations to files, symlinks, and directories.
• copy, fetch: Copying files to and from remote hosts.
• file, stat: File and directory manipulation.
• template: Generating files using templates.

Networking Modules:
• ios_command, nxos_command: Managing network devices (e.g., Cisco).
• netmiko_send_command: Interacting with network devices using Netmiko.
• ping: Checking host reachability.
• uri: Making HTTP/HTTPS requests.

Database Modules:
• mysql_db, mysql_user: Managing MySQL databases.
• postgresql_db, postgresql_user: Managing PostgreSQL databases.

Windows Modules:
• win_command, win_shell: Executing commands on Windows systems.
• win_copy: Copying files on Windows.
UNIT - III

Container Modules:
• docker_container: Managing Docker containers.
• podman_container: Managing Podman containers.

Cloud Modules:
• ec2: Managing Amazon EC2 instances.
• azure_rm: Managing resources in Microsoft Azure.
• gcp: Handling tasks on Google Cloud Platform.

These modules provide a wide range of capabilities for automating tasks on different types of systems and platforms. Ansible
users can create custom modules if the built-in ones do not meet their specific needs, enabling highly customized
automation solutions.

When writing Ansible playbooks, you specify the module to use, provide the required parameters, and define the desired
state of the target system to achieve the automation goals.
UNIT - III

Ansible Inventory files:

• Ansible inventory are configuration files that specify the hosts and groups of hosts that Ansible can manage.

• These files provide Ansible with information about the target systems it should work on and help organize hosts into
logical groups for easier management.

• An Ansible inventory file is typically written in a plain text format, such as INI-style format or YAML.

• It can be located on the control node where Ansible is executed, and it's specified when running Ansible playbooks or
commands.

• The default location for the inventory file is /etc/ansible/hosts on the control node, but you can use the -i or --inventory
option to specify a different location if needed.
UNIT - III

Here is a brief overview of the common formats for Ansible inventory files:
INI-Style Inventory:
This format uses INI-style sections to define hosts and groups.
Example (inventory.ini):
[web]
webserver1 ansible_host=192.168.1.10
webserver2 ansible_host=192.168.1.11

[db]
dbserver1 ansible_host=192.168.1.20

In the example above, hosts webserver1, webserver2, dbserver1 are organized into the web and db groups.
UNIT - III

YAML Inventory:
YAML-based inventory files are more flexible and provide a hierarchical structure.
Example (inventory.yaml):
all:
children:
web:
hosts:
webserver1:
ansible_host: 192.168.1.10
webserver2:
ansible_host: 192.168.1.11
db:
hosts:
dbserver1:
ansible_host: 192.168.1.20
UNIT - III

YAML inventory files can represent inventory in a more structured and readable way, and they can define variables, groups,
and group variables in a more expressive manner.

Dynamic Inventories:

• Ansible supports dynamic inventories, which generate host information dynamically from external sources such as cloud
providers, databases, or scripts.

• These inventories are often written in executable scripts that output inventory data in JSON, YAML, or other formats.

• Dynamic inventories are useful for managing environments with frequently changing hosts, such as cloud instances.
Ansible can call these scripts to retrieve inventory information on-the-fly.
UNIT - III

Ansible playbooks:

• Ansible playbooks are a powerful and flexible way to define automation, configuration management, and orchestration
tasks in Ansible.

• Playbooks are written in YAML (Yet Another Markup Language) format and contain a set of instructions for Ansible to
execute on target systems.

• These instructions define a series of tasks and the order in which they should be performed.

• Ansible playbooks make it easy to automate complex workflows and manage multiple systems consistently.

• Ansible playbooks are a central component of Ansible's automation capabilities.

• They provide a structured and human-readable way to define automation tasks and orchestrate complex workflows on
remote systems. With Ansible playbooks, you can ensure consistency, repeatability, and efficiency in managing your
infrastructure and applications.
UNIT - III

Ansible playbooks:
UNIT - III

Here are some key concepts and components of Ansible playbooks:

YAML Format: Playbooks are written in YAML, a human-readable data serialization format. YAML is easy to read and write,
making it accessible to both technical and non-technical users.

Inventory: Playbooks are executed on target hosts, which are defined in the Ansible inventory. The inventory specifies the
hosts or groups of hosts that should be targeted.

Tasks: A playbook is composed of one or more tasks. Tasks define specific actions to be taken on the target systems. Each
task consists of a module, parameters, and optional conditions.

Modules: Ansible modules are pre-written scripts or programs that perform specific tasks. Tasks within a playbook use
modules to execute operations like installing packages, copying files, restarting services, and more.

Handlers: Handlers are tasks that are only executed when notified. They are typically used to manage service restarts or
other actions that should be triggered when a change occurs.
UNIT - III

Variables: Playbooks can use variables to make them more flexible and dynamic. Variables can be defined in playbooks,
inventory files, or external files. They allow you to customize playbook behavior based on the environment or other factors.

Conditions: Playbooks can include conditional statements that control task execution based on specific criteria. These
criteria can include host properties, variable values, or the results of previous tasks.

Templates: Playbooks can use Jinja2 templates to generate configuration files. This allows you to create dynamic
configuration files that include variables or other data.

Loops: Ansible playbooks support loops, allowing you to iterate over lists or dictionaries and perform tasks multiple times.
Loops are useful for applying the same task to multiple items.

Roles: Roles are a way to organize and structure playbooks. They provide a reusable and modular approach to managing
configuration and automation. Roles encapsulate tasks, handlers, variables, and other related files.

Includes: Playbooks can include other playbooks using the include directive. This enables the reuse of common tasks or the
composition of more complex playbooks from simpler components.
UNIT - III

To execute a playbook, you typically use the ansible-playbook command followed by the playbook filename.

For example:

ansible-playbook myplaybook.yaml

The example below shows one playbook with one play with multiple tasks.
---
name: install and configure DB
hosts: testServer
become: yes
vars:
oracle_db_port_value : 1521
tasks:
-name: Install the Oracle DB
yum: <code to install the DB>
-name: Ensure the installed service is enabled and running
service:
name: <your service name>
UNIT - III

Ansible Roles:

• All the tasks of the Ansible playbook are divided into different modules called Ansible Roles. Roles provide a framework for independent
and interdependent collections of variables, tasks, modules, and templates.

• Ansible Roles helps in modulation, and for a developer, it’s much easier to manage these roles. Ansible roles are reused multiple times
within a playbook, and without a need to update the complete playbook, a developer can only update the specific Ansible Roles.

• Ansible role file structure containing the standard directories such as tasks, handlers, etc.
UNIT - III

Each folder has a specific purpose:

tasks: The task directory contains the list of tasks that a role needs to execute. All the tasks should be defined within
the main.yml file inside the task directory.
handlers: Handlers are like normal tasks in an Ansible playbook, but they run only if the task contains a “notify” directive.
Handlers are used within a particular role or even anywhere outside this role and are defined in the main.yml file.
library: If you need to declare any plugins or modules such as Python code, you must store them in the main.yml file of
the library directory.
files: If you need to copy any files from the Ansible controller host to other nodes, you must place all your files inside
the files folder.
templates: Templates that the role deploys. A template is a file that contains all your configuration parameters, but the
dynamic values are given as variables in the Ansible.
vars: The vars directory contains all the variables you need to use in the main.yml file in the tasks directory. Variables are
also declared in the main.yml file within the vars directory.
defaults: The defaults directory stores the variables that are required by the role to execute.
meta: If there are any role dependencies, then they are declared within the meta directory.
UNIT - III

Finally, run the tree command to verify all of the required folders in the roles directory.