-
-
Save Arka111/285c6d4bc71dfb346e707da597db3937 to your computer and use it in GitHub Desktop.
###### Ansible Installation on EC2 machine | |
Launch 2 AWS Ubuntu Instances, allow all traffic | |
## Install Ansible on Master : | |
sudo apt-get update && sudo apt-get install -y software-properties-common | |
sudo apt-add-repository ppa:ansible/ansible -y | |
sudo apt-get update && sudo apt-get install -y ansible | |
sudo apt-get update && sudo apt-get install -y docker.io | |
sudo apt-get update && sudo apt-get install -y maven | |
sudo apt --fix-broken install -y | |
## Install Python on Slaves | |
sudo apt-get update && sudo apt-get install -y python | |
## SSH Access from Master to Slaves | |
ssh ubuntu@<IP of Slaves> won't work | |
## On Master | |
cd .ssh && ls -lrt | |
show known_hosts and authorized keys | |
ssh-keygen | |
ls -lrt | |
id_rsa.pub | |
copy this content to authorized keys of Slave | |
## On Slave | |
cd .ssh | |
Add the key to authorized keys | |
## On Master | |
Try the 1st ssh ubuntu@<IP of Slaves> should work now | |
## Set up Ansible Host and Test Connection | |
/etc/ansible/hosts file | |
Add Ansible Slave details in the file | |
[group name] | |
slave1 ansible_ssh_host=<IP of Slave> | |
Optional | |
[all:vars] | |
ansible_python_interpreter=/usr/bin/python3 | |
$ansible -m ping all | |
$ansible -m ping slave1 | |
$ansible -m ping [group name] | |
Install something on localhost using ansible | |
ansible localhost -m ansible.builtin.sudo -a "name=docker state=latest" -b | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles$ tree apache2 | |
apache2 | |
├── README.md | |
├── defaults | |
│ └── main.yml | |
├── files | |
│ ├── apache2.conf | |
│ └── copy.html | |
├── handlers | |
│ └── main.yml | |
├── meta | |
│ └── main.yml | |
├── tasks | |
│ ├── configure.yml | |
│ ├── install.yml | |
│ ├── main.yml | |
│ └── service.yml | |
├── templates | |
├── tests | |
│ ├── inventory | |
│ └── test.yml | |
└── vars | |
└── main.yml | |
8 directories, 13 files | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ ls -lrt | |
total 16 | |
-rw-r--r-- 1 root root 82 Jun 26 11:46 install.yml | |
-rw-r--r-- 1 root root 79 Jun 26 11:47 service.yml | |
-rw-r--r-- 1 root root 243 Jun 26 11:58 configure.yml | |
-rw-r--r-- 1 root root 118 Jun 26 12:02 main.yml | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat main.yml | |
--- | |
# tasks file for apache2 | |
- include_tasks: install.yml | |
- include_tasks: configure.yml | |
- include_tasks: service.yml | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat install.yml | |
--- | |
- name: install apache2 | |
apt: name=apache2 update_cache=yes state=latest | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat configure.yml | |
--- | |
#configure apache2.conf and send copy.html file | |
- name: apache2.conf file | |
copy: src=apache2.conf dest=/etc/apache2/ | |
notify: | |
- restart apache2 service | |
- name: send copy.html file | |
copy: src=copy.html dest=/var/www/html/ | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat service.yml | |
--- | |
- name: starting apache2 service | |
service: name=apache2 state=started | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/files$ ls -lrt | |
total 12 | |
-rw-r--r-- 1 root root 7224 Jun 26 11:49 apache2.conf | |
-rw-r--r-- 1 root root 88 Jun 26 11:50 copy.html | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/handlers$ ls -lrt | |
total 4 | |
-rw-r--r-- 1 root root 108 Jun 26 11:52 main.yml | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/handlers$ cat main.yml | |
--- | |
# handlers file for apache2 | |
- name: restart apache2 service | |
service: name=apache2 state=restarted | |
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/meta$ ls -lrt | |
total 4 | |
-rw-r--r-- 1 root root 1634 Jun 26 11:54 main.yml | |
ubuntu@ip-172-31-19-63:/etc/ansible$ cat site.yml | |
--- | |
- hosts: prod_group | |
become: true | |
roles: | |
- apache2 | |
ansible-playbook site.yml --syntax-check | |
Ansible Architecture
Push vs Pull based Configuration management systems
Push Based Configuration Management Tool
In this type of configuration management tool, the main server (where the configuration data is stored) pushes the configuration to the node (hence, the name). So, it is the main server that initiates communication, not the nodes. Which means that an agent/client may or may not be installed on each node.
Ansible is an example of a push based configuration management tool that doesn’t need an agent to be installed on the nodes. SaltStack is an example of a push based configuration management tool that needs an agent (minion) to be installed on the nodes. In both cases, its the main server that starts the communication and sends the configuration data to the nodes without the nodes asking for it.
Pull Based Configuration Management Tool
In this type of configuration management tool, the nodes pull the configuration information from the server (hence, the name).
A small software (called agent or client) is installed on every node. This agent/client will:
at regular intervals, get the configuration from the server
compare the configuration received from the server with the current configuration of the node
if there is any mis-match, take the steps required to match the configuration of the node with the configuration received from the server.
This means that, its always the agent/client that initiates communication, not the main server.
Chef & Puppet are good examples of such configuration management tools.
Ansible Roles
cd /etc/ansible/roles
sudo ansible-galaxy init apache2
cd apache2 && sudo tree apache2
Directory Structure
https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html
ubuntu@ip-172-31-19-63:/etc/ansible/roles$ tree apache2
apache2
├── README.md
├── defaults
│ └── main.yml
├── files
│ ├── apache2.conf
│ └── copy.html
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── tasks
│ ├── configure.yml
│ ├── install.yml
│ ├── main.yml
│ └── service.yml
├── templates
├── tests
│ ├── inventory
│ └── test.yml
└── vars
└── main.yml
8 directories, 13 files
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ ls -lrt
total 16
-rw-r--r-- 1 root root 82 Jun 26 11:46 install.yml
-rw-r--r-- 1 root root 79 Jun 26 11:47 service.yml
-rw-r--r-- 1 root root 243 Jun 26 11:58 configure.yml
-rw-r--r-- 1 root root 118 Jun 26 12:02 main.yml
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat main.yml
tasks file for apache2
- include_tasks: install.yml
- include_tasks: configure.yml
- include_tasks: service.yml
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat install.yml
- name: install apache2
apt: name=apache2 update_cache=yes state=latest
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat configure.yml
#configure apache2.conf and send copy.html file
-
name: apache2.conf file
copy: src=apache2.conf dest=/etc/apache2/
notify:- restart apache2 service
-
name: send copy.html file
copy: src=copy.html dest=/var/www/html/
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/tasks$ cat service.yml
- name: starting apache2 service
service: name=apache2 state=started
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/files$ ls -lrt
total 12
-rw-r--r-- 1 root root 7224 Jun 26 11:49 apache2.conf
-rw-r--r-- 1 root root 88 Jun 26 11:50 copy.html
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/handlers$ ls -lrt
total 4
-rw-r--r-- 1 root root 108 Jun 26 11:52 main.yml
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/handlers$ cat main.yml
handlers file for apache2
- name: restart apache2 service
service: name=apache2 state=restarted
ubuntu@ip-172-31-19-63:/etc/ansible/roles/apache2/meta$ ls -lrt
total 4
-rw-r--r-- 1 root root 1634 Jun 26 11:54 main.yml
ubuntu@ip-172-31-19-63:/etc/ansible$ cat site.yml
- hosts: prod_group
become: true
roles:- apache2
ansible-playbook site.yml --syntax-check
This playbook consists of two plays with following tasks:
Play 1: Execute a command in host1, Execute a script in host1
Play 2: Execute a script in host2, Install nginx in host2
sudo vi first_playbook.yml
sudo: yes
name: Play 1
tasks:
command: date
script: test_script.sh
name: Play 2
sudo: yes
tasks:
script: test_script.sh
apt: name=nginx state=latest
Above will throw errors : sudo is deprecated, become=true
host1 and host2 are actually slave1 and slave2
become: true
name: Play 1
tasks:
command: date
script: test_script.sh
name: Play 2
become: true
tasks:
script: test_script.sh
apt: name=nginx state=latest
Now create test_script1.sh in master
#!/bin/bash
echo Hello World from Apache > /var/www/html/1.html
Now create test_script2.sh in master
#!/bin/bash
echo Hello World from Nginx > /var/www/html/1.html
Rather for Demo, use this playbook
become: true
name: Play 1
tasks:
apt: name=apache2 state=latest
script: test_script1.sh
name: Play 2
become: true
tasks:
apt: name=nginx state=latest
script: test_script2.sh