Day 56: Ansible Hands-on
🛠️ Step 1: Install Ansible
First, we need to install Ansible on your control machine.
Update your package manager:
shCopy codesudo apt updateInstall Ansible:
shCopy codesudo apt install ansibleVerify the installation:
shCopy codeansible --versionYou should see the Ansible version and configuration details.
📂 Step 2: Set Up Your Inventory
An inventory file defines the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate.
Create an inventory file:
shCopy codenano ~/inventoryAdd your hosts:
iniCopy code[webservers] webserver1 ansible_host=192.168.1.101 [dbservers] dbserver1 ansible_host=192.168.1.102
🔑 Step 3: Configure SSH Access
Ensure you can SSH into your hosts from the control machine without a password.
Generate an SSH key:
shCopy codessh-keygenCopy the SSH key to your hosts:
shCopy codessh-copy-id user@webserver1 ssh-copy-id user@dbserver1
📜 Step 4: Write Your First Playbook
Ansible playbooks are written in YAML. Let's create a playbook to install NGINX on web servers.
Create a playbook file:
shCopy codenano install_nginx.ymlAdd the playbook content:
yamlCopy code--- - name: Install NGINX on web servers hosts: webservers become: yes tasks: - name: Install NGINX apt: name: nginx state: present
▶️ Step 5: Run the Playbook
Execute the playbook to apply the desired configurations on the target hosts.
Run the playbook:
shCopy codeansible-playbook -i ~/inventory install_nginx.ymlCheck the status: Ansible will show you the tasks being executed and their status.
🧪 Step 6: Verify the Changes
Verify that NGINX has been installed and is running on your web server.
SSH into the web server:
shCopy codessh user@webserver1Check the NGINX status:
shCopy codesudo systemctl status nginx
You should see that NGINX is active and running.
📋 Step 7: Using Variables
Variables make your playbooks more flexible and reusable.
Update the playbook to use variables:
yamlCopy code--- - name: Install NGINX on web servers hosts: webservers become: yes vars: nginx_package: nginx tasks: - name: Install NGINX apt: name: "{{ nginx_package }}" state: present
📦 Step 8: Modularize with Roles
Roles allow you to organize tasks, variables, files, and handlers in a structured way.
Create a role directory structure:
shCopy codemkdir -p roles/nginx/{tasks,handlers,files,templates,vars,defaults,meta}Move your tasks to a role:
shCopy codenano roles/nginx/tasks/main.ymlAdd the task content:
yamlCopy code--- - name: Install NGINX apt: name: "{{ nginx_package }}" state: presentUpdate the playbook to use the role:
yamlCopy code--- - name: Install NGINX on web servers hosts: webservers become: yes vars: nginx_package: nginx roles: - nginx
📝 Step 9: Documentation and Comments
Add comments to your playbooks and roles for better readability and maintenance.
yamlCopy code---
- name: Install NGINX on web servers
hosts: webservers
become: yes
# Variables used in the playbook
vars:
nginx_package: nginx
# Define roles to be executed
roles:
- nginx
📈 Step 10: Testing and Validation
Regularly test your playbooks to ensure they work as expected. Use tools like Molecule for role testing.
Install Molecule:
shCopy codepip install molecule dockerInitialize a Molecule scenario:
shCopy codemolecule init scenario -r nginx -d dockerRun the tests:
shCopy codemolecule test
🔐 Step 11: Secure Your Secrets
Use Ansible Vault to encrypt sensitive data like passwords and API keys.
Create an encrypted variable file:
shCopy codeansible-vault create secrets.ymlInclude the encrypted file in your playbook:
yamlCopy code--- - name: Install NGINX on web servers hosts: webservers become: yes vars_files: - secrets.yml roles: - nginxEdit the encrypted file:
shCopy codeansible-vault edit secrets.yml
💡 Conclusion
By following these steps, you have learned how to set up Ansible, write and run playbooks, use variables, modularize with roles, document your code, test your configurations, and handle secrets securely. Ansible makes IT automation simple, efficient, and powerful. Happy automating! 🚀
