In this article we are going to introduces the Automation tools for System Admin and DevOps.

The tools are Ansible, which is Open Source and it works well Between Ubuntu and Centos.

Introduction

No one likes repetitive tasks. With Ansible, IT admins can begin automating away the drudgery from their daily tasks. Automation frees admins up to focus on efforts that help deliver more value to the business by speeding time to application delivery, and building on a culture of success. Ultimately, Ansible gives teams the one thing they can never get enough of: time. Allowing smart people to focus on smart things.

Ansible is a simple automation language that can perfectly describe an IT application infrastructure. It’s easy-to-learn, self-documenting, and doesn’t require a grad-level computer science degree to read. Automation shouldn’t be more complex than the tasks it’s replacing.

Benefits

Benefits of Ansible are below:

  • Save time and be more productive
  • Eliminate repetitive tasks
  • Fewer mistakes & errors
  • Improve collaboration and job satisfaction

How to install ansible into Centos and Ubuntu:

Centos

yum update
yum install ansible -y
yum install python -y

Ubuntu

apt-get update
apt-get upgrade -y
apt-get install ansible -y
apt-get install python

Right After Installation

After this installation, please run below command to confirm that your ansible in already installed properly.

ansible

You will get a Manual content of ansible, if you get that means that you are successful installed.

The main folder of Ansible are store in /etc/ansible/

and you will saw three thing in the folder itself.

ansible.cfg – this is the config file of ansible, example you can changes the ssh port of ansible in this ansible.cfg

hosts – hosts file are the file that store all the machines hostname and ip address and you can specific the ssh port over here.

roles – this folder will store the powerful thing of ansible. Its is Playbooks.

Ansible need ssh to the client server. So we have to be create a pair of key to make it can accessible into client server.

Create SSH Key

Kindly following this article Step2 to create your pair of the keys.

And now we use below command at your Ansible server for transfer key to the client machine.

ssh-copy-id -i ~/.ssh/id_rsa user@123.123.213.123

Then enter the password and you will see something like below:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘user@123.123.213.123’
and check to make sure that only the key(s) you wanted were added.

With using the highlighted text of ssh on your ansible server, you may no need to enter password and you are able to remote access to your client.

We will now start using some Ansible command to test is it all the thing working properly.

Ansible Testing

Before we test the command, we have to provide the client host information in the /etc/ansible/hosts

sudo vi /etc/ansible/hosts

add following text in the end of the file:

[client]
asbclient ansible_ssh_host=123.123.213.123

Setting like above are the ssh port of client are default, which is 22, if your client ssh port are custom, you can use below setting.

asbclient ansible_ssh_host=123.123.213.123 ansible_port=12345

Save and quit the file.

Explanation of hosts file

[client] this is a group name, so consider as asbclient is under a group client, sometime we may use a same command at multiple host, so we can actually add multiple host under a group, when you fire-up the ansible command , we can use the group name instead of you running multiple time command.

asbclient this is the name of the remote client, which is you assign to that host, so that when we run the command we only enter the name of the hosts instead of using the numberic ip-address.

ansible_ssh_host=213.123.213.123 this is where we tell the ansible what is the ip address of asbclient

ansible_port=12345 this is where we tell the ansible what is the destination host ssh port number.

Now we can testing ping the destination host with below command and check is it working well.

On the Ansible Server run below command:

ansible asbclient -m ping

we are using the ansible ping module to communicate with the client server.

You will saw something like this.

asbclient | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

If you want to ping all the host in your host list you can simply use the command below:

ansible -m ping all

Congratulation, you are done configure your Ansible Server well.

Now we can try to make some of the command to see how the result.

Running a shell command with ansible to remote host.

ansible -m shell -a 'free -m' asbclient

asbclient | SUCCESS | rc=0 >>
total used free shared buff/cache available
Mem: 7882 842 1635 118 5403 6552
Swap: 8088 0 8088

You will get the memory info of your remote client back to your ansible server.

Display gathered facts

ansible asbclient -m setup | less

with this command you can get the client server system info. This will actually help in the future when you know what is the ansible internal facts, it will help you on playbooks.

Filter gathered facts

ansible asbclient -m setup -a "filter=ansible_all_ipv4_addresses"

This command will gather your remote machine  ipv4 addresses and show it on the server.

Introduce Ansible Playbook Automation

Playbooks are a completely different way to use ansible than in adhoc task execution mode, and are particularly powerful.

Simply put, playbooks are the basis for a really simple configuration management and multi-machine deployment system, unlike any that already exist, and one that is very well suited to deploying complex applications.

Playbooks can declare configurations, but they can also orchestrate steps of any manual ordered process, even as different steps must bounce back and forth between sets of machines in particular orders. They can launch tasks synchronously or asynchronously.

Different between ansible playbooks and shell scripts

Assume we are going to install httpd on Centos.

Shell scripts

#!/bin/sh

yum install httpd -y

systemctl enable httpd

and if you want to set the variable of httpd you have to use some editor command like sed, and you have to testing around and make sure it is working properly on every httpd version.

Ansible playbooks

---
- hosts: webservers
 vars:
 http_port: 80
 max_clients: 200
 remote_user: root
 tasks:
 - name: ensure apache is at the latest version
 yum:
 name: httpd
 state: latest
 - name: write the apache config file
 template:
 src: /srv/httpd.j2
 dest: /etc/httpd.conf
 notify:
 - restart apache
 - name: ensure apache is running
 service:
 name: httpd
 state: started
 handlers:
 - name: restart apache
 service:
 name: httpd
 state: restarted

This is the ansible playbooks install httpd webserver, and it can be running on multiple host at the same time, and if it found any error of it, it will stop the scripts to prevent further command execution automatic.

you can save and name it as mail.yaml under /etc/ansible/roles

and executes the playbooks by using below command.

ansible-playbook main.yaml

and it will be running automatic to the client server, and client server will read the playbooks and do all these thing state in playbooks.

Here the link Example installing Ossec agent by using Ansible-Playbooks

Conclusion

It is easy for SystemAdmin and DevOps to manage their servers in a very automated playbooks.

The best thing is it will avoid a lot of miss configuration of the setup process.

Share this to your if you found this article help you.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *