Ansible Architecture

Refer  this  Diagram for  Arch:

Note:    Ansible  connection mechanism are :

i)  ssh
ii)  pluggable   ..(10 times more faster than ssh)   ..which ZeroMQ based

===================

We are using  ssh connection

1.  Working  with ansible inventory 

inventory is the file where you are putting all your information  about target nodes

like  below given in diagram

 

 Inventory file will look like this

==============

[test]
cont1  ansible_host=192.168.0.104  ansible_connection=ssh  ansible_user=root
nn ansible_host=172.17.0.2 ansible_port=22 ansibel_user=root
dn1 ansible_host=172.17.0.3 ansible_port=22 ansibel_user=root

[db]
192.168.0.102
192.168.0.100


How to  run  test inventory :

root@adhoc:~# ansible dn1 -a  "date"
dn1 | SUCCESS | rc=0 >>
Fri Apr 14 09:50:04 BST 2017

root@adhoc:~# ansible nn -a  "ip a"
nn | SUCCESS | rc=0 >>
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever

8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:acff:fe11:2/64 scope link

       valid_lft forever preferred_lft forever

Ansible connection  type :

By default  ansible using ssh connection to connect there target hosts 

1.   ssh  
2.   local
3.   docker 
4.   paramiko 
5.   zeromq 
6.  winrm         #    Windows 
7.  jail                #   FreeBSD 

Ansible Configuration file: 

1.    By default configuration file is  /etc/ansible/ansible.conf
2.    when ansible command is run by controller node by default  present working directory (pwd)  is checked for ansible.conf

3.   Ansible configuration file precedence 

$ansible_config > pwd(.ansible.conf) > ~/.ansible.conf >/etc/ansible/ansible.conf 

 




Time for ansible modules and templates 

Modules :

•  Lineinfile 

1.  Adding a line in the last of the file

root@adhoc:~/.ssh# ansible  db -m lineinfile -a  "dest=/etc/data line='127.0.0.100 localhost' state=present"

db | SUCCESS => {

    "backup": "", 

    "changed": true, 

    "msg": "line added"

}

2.   removing  line by matching some keyword

root@adhoc:~/.ssh #  ansible  db  -m lineinfile -a "dest=/etc/data regexp='127.0.0.100' state=absent" 

3.  removing  match from starting  of the line

root@adhoc:~/.ssh #  ansible  db  -m lineinfile -a "dest=/etc/data regexp='^127.0.0.100' state=absent" 

Facts  gathering  :
---------------------

Means gathering  all information about the target host
like :  cpu  , RAM , os version and family , mac address and many more

1.   gather all the info and store into some  directory by its ip or hostname

root@adhoc:~# ansible all -m setup  --tree /tmp/facts

root@adhoc:~# cd   /tmp/facts/

root@adhoc:/tmp/facts# ls
172.17.0.2

2.   Gather only memory related info

root@adhoc:/tmp/facts# ansible all -m setup  -a   "filter=ansible_*_mb"
172.17.0.2 | SUCCESS => {
    "ansible_facts": {
        "ansible_memfree_mb": 211,
        "ansible_memory_mb": {
            "nocache": {
                "free": 2553,
                "used": 3212
            },
            "real": {
                "free": 211,
                "total": 5765,
                "used": 5554
            },
            "swap": {
                "cached": 0,
                "free": 0,
                "total": 0,
                "used": 0
            }
        },
        "ansible_memtotal_mb": 5765,
        "ansible_swapfree_mb": 0,
        "ansible_swaptotal_mb": 0
    },
    "changed": false

 3.  Only  Ip  address gathering

root@adhoc:/tmp/facts# ansible all -m setup  -a   "filter=ansible_*_ip"
172.17.0.2 | SUCCESS => {
    "ansible_facts": {},
    "changed": false
}
root@adhoc:/tmp/facts# ansible all -m setup  -a   "filter=ansible_*_ip*"
172.17.0.2 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "172.17.0.2"
        ],
        "ansible_all_ipv6_addresses": [
            "fe80::42:acff:fe11:2"
        ],
        "ansible_default_ipv4": {
            "address": "172.17.0.2",
            "alias": "eth0",
            "broadcast": "global",
            "gateway": "172.17.0.1",
            "interface": "eth0",
            "macaddress": "02:42:ac:11:00:02",
            "mtu": 1500,
            "netmask": "255.255.0.0",
            "network": "172.17.0.0",
            "type": "ether"
        },
        "ansible_default_ipv6": {}
    },
    "changed": false

Conditional statement and loops 

1.  when statement 

sometimes you want to perform some task only in particular condition for example
i)  only  redhat os
ii)  only  ram amount so and so
iii)   this particular software is installed


Example 1:

root@adhoc:/etc/ansible/playbooks# cat  whencondition.yml 
---
 - hosts: dock
   remote_user: root
   vars:
    - x: "hello world"
   tasks:
    - name: running cal  command only in centos / redhat family os
      command: cal
      when: ansible_os_family == "RedHat"


# ansible_os_family == "Debian"


Example 2 :  for any one of the match

root@adhoc:/etc/ansible/playbooks# cat  when1.yml 
---
 - hosts: local
   remote_user: adhoc
   vars:
    - x: "hello world"
   tasks:
    - name: running cal  command only in centos / redhat family os
      command: cal
      when: ( ansible_os_family == "Debian" and ansible_distribution_major_version == "16" and ansible_distribution == "Ubuntu") or
            ( ansible_distribution == "Centos")

Example  3 :    multiple condition that all needs to be true

root@adhoc:/etc/ansible/playbooks# cat  whenmultiple.yml 

---

 - hosts: dock

   remote_user: root

   vars:

    - x: "google"

   tasks:

    - name: creating  directory 

      command: mkdir /root/done

      when:

       - ansible_distribution == "CentOS"

       - ansible_os_family == "RedHat"

       - ansible_distribution_major_version == "6"

Loops :

like general programming language when want to do the same task number of times like :

1. creating multiple users
2. installing  multiple softwares


1 .  Standard  loops 

Adding  users in linux

root@adhoc:/etc/ansible/playbooks# cat  addusers.yml 
---
 - hosts: dock
   remote_user: root
   vars:
    - x: "hello world"
   tasks:
    - name: creating users
      user:
       name: "{{ item }}"
       state: present
       password: $1$34fdf$ExzG4sicGVDVCY0ycAj4e.

      with_items:
       - test1
       - test2
       - test3
       - test4
       

Reading from a file :

---
 - hosts: dock
   remote_user: root
   tasks:
    - debug:Roles in Ansible
       msg: "{{ item }}"
      with_file:
       - /etc/hosts

      

Roles in Ansible :

Roles are the way to manage and right playbook in very easy manner.

Component of  roles:

•  Defaults :    default variables keeping like  http_port=80
•  file :   keep files that want to copy  remotely  , file must be static 
•  Handlers :   based on tasks some actions to be triggered 
•  Meta :   info about the playbook , about author name , platform support  and dependencies 
•  tasks :    the actual code need to perform will be written here
•  template :   dynamic files supported by template 
•  vars :    default and vars both store variables but vars have more priority 
• 
  

Apache roles :

create a role using  ansible-galaxy 

root@adhoc:/etc/ansible/playbooks# cd  /etc/ansible/roles/

root@adhoc:/etc/ansible/roles# ansible-galaxy  init  apache 

root@adhoc:/etc/ansible/roles# ls

apache 

root@adhoc:/etc/ansible/roles# cd  apache/

root@adhoc:/etc/ansible/roles/apache#  ls

defaults  files  handlers  meta  README.md  tasks  templates  tests  vars

oot@adhoc:/etc/ansible/roles# tree  apache/

apache/

├── defaults

│   └── main.yml

├── files

│   └── index.html

├── handlers

│   └── main.yml

├── meta

│   └── main.yml

├── README.md

├── tasks

│   └── main.yml

├── templates

├── tests

│   ├── inventory

│   └── test.yml

└── vars

    └── main.yml