In this article we are going to introduces the Automation tools for System Admin and DevOps.
The tools are Ansible, which is Open Source and it works well Between Ubuntu and Centos.
Introduction
No one likes repetitive tasks. With Ansible, IT admins can begin automating away the drudgery from their daily tasks. Automation frees admins up to focus on efforts that help deliver more value to the business by speeding time to application delivery, and building on a culture of success. Ultimately, Ansible gives teams the one thing they can never get enough of: time. Allowing smart people to focus on smart things.
Ansible is a simple automation language that can perfectly describe an IT application infrastructure. It’s easy-to-learn, self-documenting, and doesn’t require a grad-level computer science degree to read. Automation shouldn’t be more complex than the tasks it’s replacing.
Benefits
Benefits of Ansible are below:
- Save time and be more productive
- Eliminate repetitive tasks
- Fewer mistakes & errors
- Improve collaboration and job satisfaction
How to install ansible into Centos and Ubuntu:
Centos
yum update yum install ansible -y yum install python -y
Ubuntu
apt-get update apt-get upgrade -y apt-get install ansible -y apt-get install python
Right After Installation
After this installation, please run below command to confirm that your ansible in already installed properly.
ansible
You will get a Manual content of ansible, if you get that means that you are successful installed.
The main folder of Ansible are store in /etc/ansible/
and you will saw three thing in the folder itself.
ansible.cfg – this is the config file of ansible, example you can changes the ssh port of ansible in this ansible.cfg
hosts – hosts file are the file that store all the machines hostname and ip address and you can specific the ssh port over here.
roles – this folder will store the powerful thing of ansible. Its is Playbooks.
Ansible need ssh to the client server. So we have to be create a pair of key to make it can accessible into client server.
Create SSH Key
Kindly following this article Step2 to create your pair of the keys.
And now we use below command at your Ansible server for transfer key to the client machine.
ssh-copy-id -i ~/.ssh/id_rsa user@123.123.213.123
Then enter the password and you will see something like below:
Number of key(s) added: 1
Now try logging into the machine, with: “ssh ‘user@123.123.213.123’”
and check to make sure that only the key(s) you wanted were added.
With using the highlighted text of ssh on your ansible server, you may no need to enter password and you are able to remote access to your client.
We will now start using some Ansible command to test is it all the thing working properly.
Ansible Testing
Before we test the command, we have to provide the client host information in the /etc/ansible/hosts
sudo vi /etc/ansible/hosts
add following text in the end of the file:
[client] asbclient ansible_ssh_host=123.123.213.123
Setting like above are the ssh port of client are default, which is 22, if your client ssh port are custom, you can use below setting.
asbclient ansible_ssh_host=123.123.213.123 ansible_port=12345
Save and quit the file.
Explanation of hosts file
[client] this is a group name, so consider as asbclient is under a group client, sometime we may use a same command at multiple host, so we can actually add multiple host under a group, when you fire-up the ansible command , we can use the group name instead of you running multiple time command.
asbclient this is the name of the remote client, which is you assign to that host, so that when we run the command we only enter the name of the hosts instead of using the numberic ip-address.
ansible_ssh_host=213.123.213.123 this is where we tell the ansible what is the ip address of asbclient
ansible_port=12345 this is where we tell the ansible what is the destination host ssh port number.
Now we can testing ping the destination host with below command and check is it working well.
On the Ansible Server run below command:
ansible asbclient -m ping
we are using the ansible ping module to communicate with the client server.
You will saw something like this.
asbclient | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
If you want to ping all the host in your host list you can simply use the command below:
ansible -m ping all
Congratulation, you are done configure your Ansible Server well.
Now we can try to make some of the command to see how the result.
Running a shell command with ansible to remote host.
ansible -m shell -a 'free -m' asbclient
asbclient | SUCCESS | rc=0 >>
total used free shared buff/cache available
Mem: 7882 842 1635 118 5403 6552
Swap: 8088 0 8088
You will get the memory info of your remote client back to your ansible server.
Display gathered facts
ansible asbclient -m setup | less
with this command you can get the client server system info. This will actually help in the future when you know what is the ansible internal facts, it will help you on playbooks.
Filter gathered facts
ansible asbclient -m setup -a "filter=ansible_all_ipv4_addresses"
This command will gather your remote machine ipv4 addresses and show it on the server.
Introduce Ansible Playbook Automation
Playbooks are a completely different way to use ansible than in adhoc task execution mode, and are particularly powerful.
Simply put, playbooks are the basis for a really simple configuration management and multi-machine deployment system, unlike any that already exist, and one that is very well suited to deploying complex applications.
Playbooks can declare configurations, but they can also orchestrate steps of any manual ordered process, even as different steps must bounce back and forth between sets of machines in particular orders. They can launch tasks synchronously or asynchronously.
Different between ansible playbooks and shell scripts
Assume we are going to install httpd on Centos.
Shell scripts
#!/bin/sh yum install httpd -y systemctl enable httpd
and if you want to set the variable of httpd you have to use some editor command like sed, and you have to testing around and make sure it is working properly on every httpd version.
Ansible playbooks
--- - hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: ensure apache is at the latest version yum: name: httpd state: latest - name: write the apache config file template: src: /srv/httpd.j2 dest: /etc/httpd.conf notify: - restart apache - name: ensure apache is running service: name: httpd state: started handlers: - name: restart apache service: name: httpd state: restarted
This is the ansible playbooks install httpd webserver, and it can be running on multiple host at the same time, and if it found any error of it, it will stop the scripts to prevent further command execution automatic.
you can save and name it as mail.yaml under /etc/ansible/roles
and executes the playbooks by using below command.
ansible-playbook main.yaml
and it will be running automatic to the client server, and client server will read the playbooks and do all these thing state in playbooks.
Here the link Example installing Ossec agent by using Ansible-Playbooks
Conclusion
It is easy for SystemAdmin and DevOps to manage their servers in a very automated playbooks.
The best thing is it will avoid a lot of miss configuration of the setup process.
Share this to your if you found this article help you.
Leave a Reply
Want to join the discussion?Feel free to contribute!