Last updated on October 20th, 2023 at 02:25 pm.
The following are the notes for this Ansible tutorial. If you are following along, you can copy and paste from the notes below.
Table of Contents
- Where to watch
- Terms and definitions:
- Installing Ansible and setting up nodes
- Ansible configuration – ansible.cfg
- Working with Ansible inventories
- Vagrant – managed nodes
- References:
Where to watch
This free Ansible tutorial will be published on YouTube and Udemy.
- Watch it on this Ansible YouTube playlist.
- Udemy coming soon!
Terms and definitions:
What is Ansible
Agentless tool used to automate the management of remote systems. Can automate cloud provisioning, configuration, deployment and more.
Some definitions
Agentless
Ansible does not need to be installed on the remote system. Only python is required in the remote system for Ansible to work.
Control node
The computer with Ansible installed, where you run all your Ansible commands to manipulate remote systems.
Managed node
This is the remote system controlled by Ansible.
Inventory
A list of managed nodes created on the control node. Inventories are usually grouped.
Installing Ansible and setting up nodes
Setting up the nodes in my setup
– Control node : Use WSL2 on Windows and install Ubuntu
– Managed nodes – Vagrant virtual machines
Install Ansible via the package manager of your Linux distro.
You may install Ansible via your distro’s package manager, or install it using pip(x) as a python3 module.
Ubuntu/Debian:
To get the updated versions, you can add the Ansible PPA.
sudo apt update && sudo apt install software-properties-common && sudo add-apt-repository --yes --update ppa:ansible/ansible
Then install Ansible
sudo apt install ansible
Fedora
sudo dnf install ansible
Install Ansible using pip
Check pip version to verify if it’s installed:
python3 -m pip -V
Install Ansible via pip
python3 -m pip install --user ansible
Confirm installation by checking the version
ansible --version
To upgrade it:
python3 -m pip install --upgrade --user ansible
Ansible configuration – ansible.cfg
ansible.cfg is an ini file used to configure various settings for Ansible.
Precedence of Ansible configuration: – The first one found is applied.
ANSIBLE_CONFIG(environment variable set)ansible.cfg(in the working directory)~/.ansible.cfg(in the home directory)/etc/ansible/ansible.cfg
Generating an ansible.cfg file
Generate a commented-out ansible.cfg. It will be generated in the current working directory.
ansible-config init --disabled > ansible.cfg
Create a complete file that includes all existing plugins:
ansible-config init --disabled -t all > ansible.cfg
For the cfg file to get loaded automatically, it should be in a directory that is not world writable.
Working with Ansible inventories
An inventory is a list or group of the managed nodes controlled by Ansible.
Depending on the method you used in installing Ansible, the default inventory file is located in /etc/ansible/hosts .
An inventory file can be in INI or YAML format. Inventory hosts can be grouped logically. This allows for running playbooks against a group of specific hosts. For instance, you can group hosts as, DB, Web, Mail, Load balancers. You can also group them according to server locations e.g, Chicago, Asia, Europe, London etc.
List all hosts:
ansible all --list-hosts -i inventoryfile
Note : After adding your inventory link in your ansible.cfg file, you don’t have to add -i inventoryfile
List hosts plus groups using built in CLI tool.
ansible-inventory --graph -i inventoryfile
Grouping hosts example
In the INI format, hosts can be grouped using square brackets, i.e [groupname] ).
Sample INI inventory:
mail.example.com [webservers] web1.example.com web2.example.com [dbservers] one.example.com two.example.com three.example.com
Inventory in YAML format:
ungrouped:
hosts:
mail.example.com:
webservers:
hosts:
web1.example.com:
web2.example.com:
dbservers:
hosts:
one.example.com:
two.example.com:
three.example.com:
Default groups created by Ansible: all and ungrouped. All hosts will usually belong to at least 2 groups, all and ungrouped or all and your custom group.
One host can be in multiple groups.
Groups may be categorized based on:
- What : What is it used for? Eg webserver, dbserver, loadbalancer
- Where: Where is the geolocation of the server (Chicago, London, Nairobi)
- When : The stage for use, eg dev, test, production, staging .
Example inventory with the what, where and when grouping .
YML inventory file:
ungrouped:
hosts:
mail.example.com:
webservers:
hosts:
web1.example.com:
web2.example.com:
dbservers:
hosts:
one.example.com:
two.example.com:
three.example.com:
north_america:
hosts:
web1.example.com:
one.example.com:
two.example.com:
asia:
hosts:
web2.example.com:
three.example.com:
prod:
hosts:
web1.example.com:
one.example.com:
two.example.com:
test:
hosts:
web2.example.com:
three.example.com:In INI format, it will look like this:
[ungrouped] mail.example.com [webservers] web1.example.com web2.example.com [dbservers] one.example.com two.example.com three.example.com [north_america] web1.example.com one.example.com two.example.com [asia] web2.example.com three.example.com [prod] web1.example.com one.example.com two.example.com [test] web2.example.com three.example.com
Parent/child groups
You can create groups from other groups of hosts. A parent group will contain child groups. For instance, if you have webservers_london group and webservers_chicago you can create a webservers group from the two child groups.
In YML:
ungrouped:
hosts:
Mail.example.com:
webservers_london:
hosts:
web1.example.com:
web2.example.com:
webservers_chicago:
hosts:
web3.example.com:
web4.example.com:
dbservers:
hosts:
one.example.com:
two.example.com:
three.example.com:
webservers:
children:
webservers_london:
webservers_chicago:
Grouping ansible groups in INI format:
[ungrouped] Mail.example.com [webservers_london] web1.example.com web2.example.com [webservers_chicago] web3.example.com web4.example.com [dbservers] one.example.com two.example.com three.example.com [webservers:children] webservers_london webservers_chicago
Host aliases
You can create aliases for your hostnames or host IPs as follows. You will then be able to refer to your hosts using the defined aliases.
Creating aliases in an ini inventory file:
[ungrouped] mail0 ansible_host=mail.example.com [webservers] web1 ansible_host=web1.example.com Web2 ansible_host=web2.example.com
In a YML inventory, hosts can be aliased as follows
Ungrouped:
hosts:
mail0:
ansible_host: mail.example.com
webservers:
hosts:
web1:
ansible_host: web1.example.com
web2:
ansible_host: web2.example.com
Vagrant – managed nodes
Vagrant is a tool by Hashicorp, used for creating and managing virtual machines. You can install virtual machines for different operating systems, called boxes.
Install vagrant :
Mac:
brew install hashicorp/tap/hashicorp-vagrant
Windows:
Download and install the binary file from here.
Ubuntu/debian:
sudo apt install gnupg wget wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list sudo apt update && sudo apt install vagrant
CentOS.RHEL:
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo sudo yum -y install vagrant
Fedora:
sudo dnf install -y dnf-plugins-core sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/fedora/hashicorp.repo sudo dnf -y install vagrant
Vagrantfile for managed nodes
To bring up a machine, navigate to your Vagrantfile location and run :
vagrant up
To deploy with a specific provider eg Hyper-V:
vagrant up --provider=hyperv
Create a file called Vagrantfile and dump the following in the file.
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "debian/bullseye64"
# globally disable the default synced folder
config.vm.synced_folder ".", "/vagrant", disabled: true
# do not create a secure private key per host, we want to use a single key
config.ssh.insert_key = false
# Set provider virtualbox to use GUI, for two reasons:
# 1. More obvious to the user what is running, so they don't consume too much background resource
# 2. To work around an x64 boot issue in Virtualbox when hardware virtualization is disabled in BIOS
config.vm.provider "virtualbox" do |v|
# v.gui = true
v.cpus = 1
end
## If you need multiple machines uncomment these
# # Example web servers
# (1..2).each do |i|
# config.vm.define "web#{i}" do |node|
# node.vm.hostname = "web#{i}"
# node.vm.network "private_network", ip: "192.168.56.11#{i}"
# end
# end
# # Example load balancer
# (1..2).each do |i|
# config.vm.define "lb#{i}" do |node|
# node.vm.hostname = "lb#{i}"
# node.vm.network "private_network", ip: "192.168.56.22#{i}"
# end
# end
# # Example database server
# (1..1).each do |i|
# config.vm.define "db#{i}" do |node|
# node.vm.hostname = "db#{i}"
# node.vm.network "private_network", ip: "192.168.56.23#{i}"
# end
# end
# One machine for my purpose
config.vm.define "sample" do |node|
node.vm.hostname = "sample"
node.vm.network "private_network", ip: "192.168.56.103"
end
# Generic provisioner to ensure we have python available
# This is an ansible requirement for all managed nodes
config.vm.provision "shell", inline: <<-SHELL
# Disable hardware based sha256sum in apt, not ideal - but Windows 10 WSL breaks VirtualBox
# and we can't really ask everyone to disable that
# See: https://askubuntu.com/questions/1235914/hash-sum-mismatch-error-due-to-identical-sha1-and-md5-but-different-sha256/1241893
mkdir /etc/gcrypt
echo all >> /etc/gcrypt/hwf.deny
apt-get update
apt-get install -y python3-minimal python3-apt avahi-daemon tree
rm -f /etc/update-motd.d/*
sed -i "s/^ENABLED=.*/ENABLED=0/" /etc/motd
SHELL
config.vm.boot_timeout = 360
end
Enable Hyper-v on Windows
Hyper-V is supported in Windows Pro and Enterprise editions.
Go to turn Windows features on or off and enable Hyper-v.
Or use powershell:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
Note: This post is the online notes for my free Ansible video tutorial coming soon. Subscribe to YouTube to watch it.
Get alerted when the new Ansible video tutorial is published.
References:
1 Ansible docs : https://docs.ansible.com/
2 Install Ansible via Linux package managers : https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html#installing-ansible-on-ubuntu
3 WSL setup: https://learn.microsoft.com/en-us/windows/wsl/install
4 Manual WSL setup for older versions : https://learn.microsoft.com/en-us/windows/wsl/install-manual
5 Ansible Configuration reference : https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-configuration-settings-locations
6 Intro to inventories : https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html
