Ansible // TLDR
Basic Concepts
- Playbooks: YAML files that define automation tasks.
- Modules: Reusable units of automation that perform specific tasks.
- Tasks: Instructions within a playbook that execute modules.
- Hosts: The target systems to be managed.
- Inventory: A file or directory that defines the hosts to be managed.
Playbook Structure
YAML
- name: My Playbook
hosts: all
tasks:
- name: Install a package
apt:
name: httpd
state: present
Common Modules
- apt: Manage Debian/Ubuntu packages
- yum: Manage RPM-based packages
- service: Manage system services
- user: Manage system users
- file: Manage files and directories
- template: Render templates from Jinja2 templates
- script: Execute scripts on remote hosts
- copy: Copy files to remote hosts
- fetch: Fetch files from remote hosts
Ad-hoc Commands
Bash
ansible all -m ping
ansible webservers -m shell -a 'ls -la /var/www'
ansible dbservers -m user -a "name=dbuser state=present"
Variables
-
Inline:
YAML
vars: http_port: 80
-
Vars files:
YAML
vars_files: - vars/main.yml
Templates
YAML
- name: Configure a web server
template:
src: templates/httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
Conditionals
YAML
- name: Install a package (conditional)
apt:
name: httpd
state: present
when: ansible_distribution == "Ubuntu"
Loops
YAML
- name: Create users
user:
name: "{{ item }}"
state: present
with_items:
- user1
- user2
- user3
Handlers
YAML
handlers:
- name: Restart Apache
service:
name: httpd
state: restarted
tasks:
- name: Update the configuration
template:
src: templates/httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
notify: Restart Apache
Roles
- Organize playbooks into reusable units.
- Structure: roles/role_name/tasks/main.yml, templates, handlers, etc.
Ansible-Vault
- Encrypt sensitive data.
- Use
ansible-vault encrypt_file
andansible-vault decrypt_file
.
Additional Tips
- Use
ansible-playbook -i inventory/production.yml -v my_playbook.yml
for verbose output. - Leverage Ansible Galaxy to find and install roles.
- Use Ansible Tower for centralized management and scheduling.
- Write clear and concise playbooks.
- Test your playbooks thoroughly.
Core Concepts:
- Playbook: A YAML file that defines a series of tasks to be executed on one or more hosts.
- Task: A specific action to be performed, such as installing a package, copying a file, or executing a command.
- Module: Reusable pieces of code that perform specific tasks, like handling files, packages, services, and more.
- Inventory: A list of hosts that Ansible can manage, often organized into groups.
- Variable: A named value that can be used within playbooks and templates.
- Template: A file that uses Jinja2 templating language to dynamically generate configuration files.
Additional Terms:
- Control Node: The machine where Ansible is installed and executed.
- Remote Node: The target machine(s) that Ansible manages.
- SSH: The protocol used to securely connect to remote nodes.
- Handlers: Tasks that are triggered by changes made by other tasks.
- Roles: A way to organize playbooks into reusable units, often based on functionality.
- Ansible Galaxy: A repository of shared Ansible roles and modules.
For more in-depth information, refer to the official Ansible documentation: https://docs.ansible.com/