hidden:Ansible on hpa
Ansible (on github) is a configuration manager that requires no software installation on the target hosts and can run along side existing configuration programs like puppet, cfengine etc... Only ssh access from server to client is required. RedHat has adopted Ansible as its configuration egine.
The Ansible directory on hpa is: /root/Ansible.
The ansible configuration system uses playbooks at the top level. Playbooks contain plays, plays consist of tasks and tasks call modules. The modules are the core of ansible. These are ready made functions that can setup the network, copy files, install software etc. You can find the catalog of modules here. Everything runs strict step by step except handlers. Tasks can trigger handlers. Handlers run at the end, once.
Intro
To become familiar with ansible here are a few command examples.
- Ping a list of hosts
Ping every host listed in the inventory. The inventory is a list with hostnames or ip adresses. Default is 'hosts' but in this example the -i flag is used to tell Ansible which inventory file to use. The argument all is can be replaced by a single entry from the inventory in order to run the command one one single host.
# ansible -i test.inv all -m ping 172.18.95.51 | SUCCESS => { "changed": false, "ping": "pong" } 172.18.95.50 | UNREACHABLE => { "changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true }
You see 172.18.95.50 does not respond. This command is nice to check connectivity.
- See the date on all hosts
The ping command above is actually builtin to Ansible. Ansible calls a module with the name ping that automatically provides the internal ping with each of the hosts. The module is selected with the -m flag. If you want to execute a live command using the shell module give the command as argument to the shell module
# ansible -i test.inv all -m shell -a date 172.18.95.51 | SUCCESS | rc=0 >> Sun Jun 19 22:27:36 CEST 2016 172.18.95.50 | SUCCESS | rc=0 >> Sun Jun 19 22:27:36 CEST 2016
- info extracted on the target hosts
Each time Ansible is run, it gathers all sorts of information. This information is used during Ansible Playbook runs. For example to see all gathered info on hpdt
# ansible -i test.inv hpdt-a -m setup
Ansible Galaxy is the official community hub for sharing Ansible roles. Look here for ready made 'roles' that can be downloaded.
Playbooks
To run a playbook that actually installs something you run the ansible-playbook command:
# ansible-playbook -i <inventory.inv> roles.yml
The <key>inventory</key> is a list with host names. The file <key>roles.yml/</key> is a yaml script that contains plays. If you want to try a playbook use the check option.
# ansible-playbook -i production.inv all_roles.yml
Look here for the current set of plays and playbooks.
Installation log
Add the epel repo to the list of repos, run an update check and install ansible from epel
# rpm -iUvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epelrelease-7-5.noarch.rpm # yum update # yum install ansible
On hpa (stock RHL 7) this installed ansible and 12 dependencies most notable a bunch of python packages Ansible normally lives out of /etc. I have changed the location of the ansible files to /root/Ansible using a symlink in /etc/
Updated Ansible on 19.6.2016
(1/1): ansible-2.1.0.0-1.el7.noarch.rpm | 3.4 MB 00:00 Old: 2.0.2.0-1 New: 2.1.0.0-1