Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
Being designed for multi-tier deployments since day one, Ansible models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time.
It uses no agents and no additional custom security infrastructure, so it's easy to deploy - and most importantly, it uses a very simple language (YAML, in the form of Ansible Playbooks) that allow you to describe your automation jobs in a way that approaches plain English.
On this page, we'll give you a really quick overview so you can see things in context. For more detail, hop over to docs.ansible.com
sudo apt-get install software-properties-common sudo apt-add-repository ppa:ansible/ansible sudo apt-get update sudo apt-get install ansible
Ansible uses a simple inventory system to manage your hosts. This allows you to organise hosts into logical groups and negates the need to remember individual IP addresses or domain names.
Let’s create our inventory, but before doing so we need to create a new directory to house our Ansible logic. Anywhere is fine, but I use my home directory.
mkdir ~/apps
Create a new plain text file called hosts in the new directory, with the following contents:
[production] 201.23.11.123 201.23.11.124 201.23.11.125
The first line indicates the group name and the lines that follow are our hosts. Multiple groups can be created using the [group name] syntax and hosts can belong to multiple groups. For example:
[staging] 201.23.11.120 [production] 201.23.11.123 201.23.11.124 201.23.11.125 [db] 201.23.11.129
Now we need to instruct Ansible where our inventory file is located. Create a new file called ansible.cfg with the following contents.
[defaults] inventory = hosts
With our inventory file populated we can start running basic commands on the hosts, but first let’s briefly look at modules . Modules are small plugins that are executed on the host and allow you to interact with the remote system, as if you were logged in via SSH. Common modules include: apt, service, file and lineinfile, but Ansible ships with hundreds of core modules, all of which are maintained by the core development team. Modules greatly simplify the process of running commands on your remote systems, and cut down the need to manually write shell or bash scripts. Generally, most unix commands have an associated module and if not, someone else has probably created one.
Let’s take a look at the ping module, which ensures we can connect to our hosts:
ansible production -m ping -u root
Playbooks allow you to chain commands together, essentially creating a blueprint or set of procedual instructions. Ansible will execute the playbook in sequence and ensure the state of each command is as desired before moving onto the next. This is what makes Ansible idempotent. If you cancel the playbook execution partway through and restart it later, only the commands that haven’t completed previously will execute.
Let’s take a look at how our playbook is organized.
├── ansible.cfg
├── hosts
├── provision.yml
└── roles
└── apps
├── handlers
└── main.yml
├── tasks
└── main.yml
The hosts and ansible.cfg files should be familiar, but let’s take a look at the provision.yml file.
---
- hosts: production
become: yes
remote_user: root
roles:
- apps
let's have a look for ansible Privilege Escalation
Get free ebook mastering-ansible
Get free resource awesome-ansible