VIDEO
HIGHLIGHT
Log InSign up
Day-15 | Ansible Zero to Hero | #ansible #devops
SummaryTranscriptChat

Day-15 | Ansible Zero to Hero | #ansible #devops

Introduction to Ansible and Configuration Management

Overview of Previous Class

  • Abhishek introduces the session as Day 15 of the complete DevOps course, following a theoretical discussion on configuration management from Day 14.
  • The previous class covered why Ansible is a key player in configuration management and compared it with Puppet.

Today's Focus: Practical Knowledge of Ansible

  • The current session aims to provide practical knowledge about using Ansible, starting from the basics.
  • Abhishek recommends using a Linux machine for learning Ansible, stating that it simplifies the process compared to Windows or Mac.

Installing Ansible

Installation Steps

  • The first step in using any tool is its installation; Abhishek will demonstrate how to install Ansible.
  • He suggests referring to official documentation for installation guidance but emphasizes using package managers specific to your distribution (e.g., apt for Ubuntu).

Using Package Managers

  • For Ubuntu users, he advises running sudo apt update to refresh package lists before installation.
  • After updating, users can install Ansible with sudo apt install ansible, which should be straightforward if followed correctly.

Verifying Installation and Setting Up Servers

Verification Process

  • To verify successful installation, run ansible --version, which confirms that Ansible is properly installed.

Server Setup Requirements

  • To effectively use Ansible, at least two servers are needed: one server running Ansible and another target server for configuration tasks.
  • Both servers should ideally be Ubuntu machines; however, any system can work as long as passwordless authentication is set up between them.

Configuring Passwordless Authentication

Importance of Passwordless Authentication

  • Abhishek explains that passwordless authentication allows Ansible to communicate with target servers without needing passwords each time.

Steps for Configuration

How to Set Up Passwordless SSH Authentication on AWS

Introduction to SSH and Passwordless Authentication

  • The speaker discusses using a private IP address for SSH access, emphasizing the ease of this method.
  • There are multiple methods for configuring passwordless authentication; however, the easiest is highlighted as ssh-copy-id.

Using ssh-copy-id for Key Generation

  • While ssh-copy-id is straightforward, it may lack sufficient permissions in some cases. The speaker proposes an alternative method.
  • To generate a key pair, the command ssh-keygen is introduced. This creates both a public and private key.

Understanding Key Files

  • Upon running ssh-keygen, files such as public keys and known hosts are created in the directory /home/ubuntu/.ssh.
  • The generated private key should remain confidential, while the public key can be shared for communication.

Setting Up Passwordless Authentication

  • The process involves copying the public key from one server to another to enable passwordless login.
  • After logging into the target server, users must create or edit the authorized_keys file to include their public key.

Testing Passwordless SSH Connection

  • Once configured correctly, executing an SSH command will allow access without entering a password.
  • This setup is crucial for Ansible operations since it requires passwordless authentication between servers.

Summary of Steps Taken

  • The speaker summarizes that they copied the Ansible server's public IP address into the target server's authorized keys.
  • For additional servers (e.g., CentOS), similar steps apply: copy and paste the existing public key into their respective authorized keys.

Conclusion on Setup Process

  • With Ansible installed and passwordless authentication set up, half of the configuration process is complete.

Understanding Ansible Playbooks and Ad Hoc Commands

What are Ansible Playbooks?

  • Ansible files are commonly referred to as playbooks, which serve as the primary means of executing tasks in Ansible.
  • Writing playbooks is not mandatory for every task; simpler commands can often suffice.

Running Basic Shell Commands

  • Just like shell scripts, basic shell commands can be executed directly without creating a script file. For example, using ls -ldr directly in the terminal.
  • Python scripts also do not need to be written for every command; you can execute commands directly using python3.

Using Ansible Ad Hoc Commands

  • For simple tasks, such as creating files on a target server, you can use Ansible ad hoc commands instead of writing a full playbook. This approach is more efficient for straightforward operations.
  • The term "ad hoc commands" refers to running one-off tasks without the overhead of creating a playbook. This is particularly useful when dealing with single or few tasks.

Inventory Files in Ansible

  • The inventory file contains IP addresses of target servers and is essential for executing any Ansible command. It can be stored anywhere but defaults to /etc/ansible/hosts.
  • You can specify the location of your inventory file when running ad hoc commands by using the -i option followed by the path or name of the inventory file.

Executing an Example Command

  • To create a file on a target server using an ad hoc command:
  • Use ansible -i <inventory_file> all -m <module_name> -a "<arguments>".
  • In this case, touch testfile creates a new file named 'testfile'. The output indicates success if it shows "changed" in yellow text.
  • After executing the command, you should verify that the file was created successfully on the target server by listing files with ls -ltr.

Conclusion on Task Execution

  • For simple tasks requiring only one or two actions, utilizing ad hoc commands is recommended over writing extensive playbooks.

Understanding Ansible: Ad-Hoc Commands vs. Playbooks

Key Differences Between Ansible Ad-Hoc Commands and Playbooks

  • The primary distinction is that Ansible ad-hoc commands are used for executing single or a few tasks, while Ansible Playbooks are designed for running multiple commands in a structured manner.

Overview of Initial Setup and Execution

  • The session began with the installation of Ansible, followed by configuring passwordless authentication, allowing seamless execution of tasks on target servers.
  • It’s common to have questions about specific modules like "shell" in Ansible; users can easily find answers by searching online for Ansible modules.

Utilizing Documentation for Module Information

  • Ansible's documentation is frequently updated due to ongoing contributions, making it essential to refer to it when looking for module functionalities.
  • For example, the shell module allows users to execute shell commands on target servers, which can be verified through documentation examples.

Executing Shell Commands with Ad-Hoc Commands

  • Users can run shell commands directly using ad-hoc commands; an example includes checking CPU information with nproc or disk usage with DF.
  • Modifying ad-hoc command arguments enables various operations such as copying files between servers using the appropriate modules found in the documentation.

Grouping Servers in Inventory Files

  • When managing multiple servers, grouping them in an inventory file is crucial. This allows targeted execution of playbooks based on server roles (e.g., database vs. web servers).
  • By defining groups like DB servers and web servers, users can specify which group to execute commands against, enhancing operational efficiency.

Practical Application of Grouped Server Management

  • To execute commands only on web servers, one would reference the group name instead of all available hosts in the inventory file.

How to Write an Ansible Playbook

Introduction to Ansible Playbooks

  • Ansible Playbooks are essential for executing multiple tasks on servers, such as installing and starting services.
  • The example scenario involves installing and starting Nginx, which necessitates writing a playbook.

Structure of an Ansible Playbook

  • Begin the YAML file with three hyphens (---), indicating it is a YAML document.
  • Define the playbook's name, e.g., "Install and Start Nginx," followed by specifying the list of hosts from the inventory file. Using "all" executes on all listed servers.

User Permissions in Playbooks

  • Decide whether to execute the playbook as a regular user or as root; some tasks require elevated permissions.
  • Use sudo for commands needing root access; similarly, in Ansible, use become: true to run tasks as root.

Writing Tasks in YAML Format

  • Each task begins with a hyphen (-), indicating it's part of a list. The first task should be named descriptively.
  • For example, the first task could be "Install Nginx," using either shell commands or specific modules like apt.

Installing Packages with Ansible Modules

  • You can use shell commands (e.g., shell: apt install nginx) or utilize Ansible's built-in modules for package management (e.g., apt: name=nginx state=present).
  • Using modules is preferred for reliability and consistency across different environments compared to raw shell commands.

Starting Services After Installation

How to Start Services in Linux Using Ansible

Starting Services with System Commands and Ansible

  • To start a service in Linux, you can use either the shell command systemctl start <service_name> or leverage Ansible's service module.
  • The Ansible playbook is structured using YAML, starting with three hyphens (---) to indicate the beginning of the file.
  • Each task within the playbook is defined with a hyphen, allowing for multiple tasks to be listed sequentially.

Writing Your First Playbook

  • The become: root directive allows switching to the root user for executing commands that require elevated privileges.
  • Tasks are defined clearly; for example, installing Nginx as the first task followed by starting it.
  • After defining tasks, save your playbook file before execution.

Executing the Playbook

  • Use ansible-playbook <playbook_name>.yaml to run your playbooks, distinguishing it from ad-hoc commands executed via ansible.
  • Ensure that you provide the correct inventory file location; if it's in default settings (like /etc/ansible/hosts), no additional input is needed.

Understanding Task Execution

  • Upon execution, tasks such as gathering facts about target servers occur first. This step checks authentication and gathers necessary details.
  • The sequence of tasks includes gathering facts, installing Nginx, and then starting it on the server.

Verifying Service Status and Practicing Examples

  • To check if Nginx is running after installation, use sudo systemctl status nginx.
  • Viewers are encouraged to practice writing and executing similar playbooks while following along with examples provided in the video.

Enhancing Debugging with Verbosity

  • Adding verbosity flags (e.g., -v, -vv, or -vvv) during execution provides detailed logs of what Ansible is doing at each step.
  • Verbose mode helps understand internal processes like SSH connections and fact-gathering operations performed by Ansible.

Ansible Basics and Advanced Concepts

Understanding Ansible's Functionality

  • Ansible utilizes Python by default, establishing SSH connections to target servers and checking for necessary Python dependencies before executing tasks.
  • The process of gathering facts includes generating a JSON file that details actions taken, such as installing the Nginx package using the apt package manager without forcing installations.
  • To enhance learning, using the verbose option in Ansible is recommended; it provides insights into internal operations, which is crucial for writing custom modules.

Next Steps After Basic Playbook Execution

  • Completing a basic playbook installation does not signify full mastery of Ansible; understanding its application in more complex scenarios, like configuring Kubernetes clusters, is essential.
  • A common task involves creating three EC2 instances on AWS: one as a master and two as workers. This illustrates how real-world organizations utilize both Terraform and Ansible for infrastructure management.

Terraform vs. Ansible in Infrastructure Management

  • While both tools can create EC2 instances, Terraform is specifically designed for infrastructure provisioning, making it the preferred choice over Ansible for such tasks.
  • Analogies are drawn to purchasing movie tickets through different platforms; while options exist (like using Paytm or BookMyShow), choosing the best tool (Terraform for infrastructure management) is critical.

Managing Complex Playbooks with Roles

  • As playbooks grow in complexity—potentially containing 50 to 60 tasks—managing them becomes challenging. This necessitates structured approaches like roles within Ansible.
  • Roles allow users to efficiently organize playbooks by segregating tasks and variables related to configurations (e.g., certificates and secrets).

Implementing Roles in Ansible

  • The introduction of roles enhances efficiency when writing complex playbooks; they help structure code better than traditional methods.

Ansible Playbook Structure and Roles

Overview of Playbook Components

  • The playbook consists of templates, files, README documentation explaining its rules and responsibilities, tasks, handlers, tests, variables (vars), defaults, and metadata (meta).
  • To create complex playbooks efficiently, the Ansible Galaxy command is used to generate roles that help structure the playbooks better.

GitHub Repository for Examples

  • A GitHub repository named "ansible examples" has been created to provide various Ansible playbook examples. Users are encouraged to follow this repository for updates.
  • The repository will be continuously updated with new examples; currently lacking Kubernetes examples but plans to add them in the future.

Role-Based Playbook Organization

  • Instead of writing all tasks directly in playbook.yaml, roles are utilized to organize tasks more effectively. This allows for a cleaner structure where details can be found in designated role folders.
  • The parent playbook.yaml file specifies hosts and references roles instead of detailing every task within it.

Understanding Role Structure

  • Each role folder contains essential files such as tasks, templates, and handlers. Users can delete unnecessary files like README or default if not needed.
  • Tasks related to specific actions are organized within their respective task files inside the role directory.

Detailed Explanation of Role Files

  • The overall structure includes templates, files, tasks, handlers, tests, vars, defaults, and meta information.

Meta Information

  • The meta folder holds metadata about the playbook including licensing information which is crucial if sharing with the community or for open-source purposes.

Defaults and Variables

  • Defaults store variable values while vars can hold additional variable data. Differences between these will be clarified later during interviews.

Testing and Handlers

  • A test folder is included for unit testing similar to other programming environments. Handlers manage exceptions or errors during execution (e.g., handling failures when starting services).

Ansible Playbooks and Roles Overview

Understanding Ansible Playbooks

  • The speaker emphasizes that viewers are already familiar with tasks and the readme.md file, suggesting they can explain the content of Ansible playbooks stored in the repository.

File Management in Ansible

  • Examples of files that can be managed include certificates or an index.html. These files can be passed to tasks for deployment.

Templating with Ansible

  • The speaker explains that templates are used for basic templating in Ansible, utilizing Jinja for this purpose. Templates should be stored in a designated folder.

Getting Started with Ansible Roles

  • Viewers are encouraged to familiarize themselves with Ansible commands and start writing their first playbooks before exploring roles. They should refer to examples available in the GitHub repository.

Practical Application and Resources

  • The speaker suggests starting with tested examples like JBoss Standalone. They express confidence in the functionality of these playbooks based on personal testing.

Additional Learning Materials

  • A video covering 18 commonly asked interview questions about Ansible is mentioned, which includes topics such as roles and handlers. A link will be provided for further learning.

Community Engagement

  • Viewers are invited to ask questions or request more videos on specific topics related to Ansible if they need clarification or additional information.

Conclusion and Call to Action

Playlists: DEVOPS ZERO TO HERO COURSE
Video description

Join our 24*7 Doubts clearing group (Discord Server) www.youtube.com/abhishekveeramalla/join Udemy Course (End to End DevOps Project) https://www.udemy.com/course/ultimate-devops-project-with-resume-preparation/?referralCode=9F588E43854814744430 --- --- Support my work https://www.buymeacoffee.com/abhishekprd Hi Everyone, Day-15 is about Ansible Zero to Hero. Please like, comment and share the video :) Ansible Examples: https://github.com/ansible/ansible-examples Ansible Interview Questions https://www.youtube.com/watch?v=j5PgN0J3d7M&t=4s Telegram channel =============== https://t.me/abhishekveeramalla About me: ----------------- LinkedIn: https://www.linkedin.com/in/abhishek-veeramalla-77b33996/ GitHub: https://github.com/iam-veeramalla Medium: https://abhishekveeramalla-av.medium.com/ YouTube: https://www.youtube.com/channel/UCnnQ3ybuyFdzvgv2Ky5jnAA?app=desktop . . Disclaimer: Unauthorized copying, reproduction, or distribution of this video content, in whole or in part, is strictly prohibited. Any attempt to upload, share, or use this content for commercial or non-commercial purposes without explicit permission from the owner will be subject to legal action. All rights reserved.