Difference between revisions of "hidden:Ansible on hpa"

From Lsdf
m
m
 
(19 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
The ansible configuration system uses '''playbooks''' at the top level. Playbooks contain plays, plays consist of tasks and tasks call modules. The modules are the core of ansible. These are ready made functions that can setup the network, copy files, install software etc. You can find the catalog of modules [http://docs.ansible.com/ansible/modules_by_category.html here]. Everything runs strict step by step except handlers. Tasks can trigger handlers. Handlers run at the end, once.
 
The ansible configuration system uses '''playbooks''' at the top level. Playbooks contain plays, plays consist of tasks and tasks call modules. The modules are the core of ansible. These are ready made functions that can setup the network, copy files, install software etc. You can find the catalog of modules [http://docs.ansible.com/ansible/modules_by_category.html here]. Everything runs strict step by step except handlers. Tasks can trigger handlers. Handlers run at the end, once.
   
  +
==Intro==
To become familiar with ansible here are a few examples.
 
  +
To become familiar with ansible here are a few command examples.
   
  +
* '''Ping a list of hosts'''
* 1
 
  +
Ping every host listed in the inventory. The inventory is a list with hostnames or ip adresses. Default is 'hosts' but in this example the -i flag is used to tell Ansible which inventory file to use. The argument ''all'' can be replaced by a single entry from the inventory in order to run the command one one single host.
* 2
 
  +
# ansible -i test.inv all -m ping
  +
172.18.95.51 | SUCCESS => {
  +
"changed": false,
  +
"ping": "pong"
  +
}
  +
172.18.95.50 | UNREACHABLE => {
  +
"changed": false,
  +
"msg": "Failed to connect to the host via ssh.",
  +
"unreachable": true
  +
}
  +
You see 172.18.95.50 does not respond. This command is nice to check connectivity.
   
  +
* '''See the date on all hosts'''
The following playbooks are available on '''hpa'''
 
  +
The ping command above is actually builtin to Ansible. Ansible calls a module with the name ''ping'' that automatically provides the internal ping with each of the hosts. The module is selected with the -m flag. If you want to execute a live command using the ''shell'' module give the command as argument to the shell module
  +
# ansible -i test.inv all -m shell -a date
  +
172.18.95.51 | SUCCESS | rc=0 >>
  +
Sun Jun 19 22:27:36 CEST 2016
  +
172.18.95.50 | SUCCESS | rc=0 >>
  +
Sun Jun 19 22:27:36 CEST 2016
   
  +
* '''info extracted on the target hosts'''
* update automount files
 
  +
Each time Ansible is run, it gathers all sorts of information. This information is used during Ansible Playbook runs. For example to see all gathered info on hpdt
* update rsyslog.conf files
 
  +
# ansible -i test.inv hpdt-a -m setup
  +
  +
[https://galaxy.ansible.com/ Ansible Galaxy] is the official community hub for sharing Ansible roles. Look [https://galaxy.ansible.com/ here] for ready made 'roles' that can be downloaded.
  +
  +
==Playbooks==
  +
To run a playbook that actually installs something you run the ansible-playbook command:
  +
  +
# ansible-playbook -i <inventory.inv> roles.yml
  +
  +
The '''inventory''' is a list with host names. The file '''roles.yml''' is a ''yaml'' script that contains plays. If you want to try a playbook use the ''check'' [ -C ] option.
  +
  +
# ansible-playbook -i production.inv all_roles.yml
  +
  +
Look here for the current set of [[hidden:plays and playbooks|plays and playbooks]].
   
 
== Installation log==
 
== Installation log==
Add the epel repo to the list of repos
+
Add the epel repo to the list of repos, run an update check and install ansible from epel
  +
 
# rpm -iUvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epelrelease-7-5.noarch.rpm
 
# rpm -iUvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epelrelease-7-5.noarch.rpm
Run an update check
 
 
# yum update
 
# yum update
  +
# yum install ansible
Install Ansible (on hpa this installed ansible and 12 dependencies most notable a bunch of python packages
 
  +
# yum install ansible
 
  +
On hpa (stock RHL 7) yum installed ansible and 12 dependencies most notably a bunch of python packages
 
Ansible normally lives out of /etc. I have changed the location of the ansible files to /root/Ansible using a symlink in /etc/
 
Ansible normally lives out of /etc. I have changed the location of the ansible files to /root/Ansible using a symlink in /etc/
  +
  +
  +
Updated Ansible on 19.6.2016
  +
(1/1): ansible-2.1.0.0-1.el7.noarch.rpm | 3.4 MB 00:00
  +
Old: 2.0.2.0-1
  +
New: 2.1.0.0-1

Latest revision as of 19:47, 28 March 2017

Ansible (on github) is a configuration manager that requires no software installation on the target hosts and can run along side existing configuration programs like puppet, cfengine etc... Only ssh access from server to client is required. RedHat has adopted Ansible as its configuration egine.

The Ansible directory on hpa is: /root/Ansible.

The ansible configuration system uses playbooks at the top level. Playbooks contain plays, plays consist of tasks and tasks call modules. The modules are the core of ansible. These are ready made functions that can setup the network, copy files, install software etc. You can find the catalog of modules here. Everything runs strict step by step except handlers. Tasks can trigger handlers. Handlers run at the end, once.

Intro

To become familiar with ansible here are a few command examples.

  • Ping a list of hosts

Ping every host listed in the inventory. The inventory is a list with hostnames or ip adresses. Default is 'hosts' but in this example the -i flag is used to tell Ansible which inventory file to use. The argument all can be replaced by a single entry from the inventory in order to run the command one one single host.

 # ansible -i test.inv all -m ping
 172.18.95.51 | SUCCESS => {
     "changed": false,
     "ping": "pong"
 }
 172.18.95.50 | UNREACHABLE => {
     "changed": false,
     "msg": "Failed to connect to the host via ssh.",
     "unreachable": true
 }

You see 172.18.95.50 does not respond. This command is nice to check connectivity.

  • See the date on all hosts

The ping command above is actually builtin to Ansible. Ansible calls a module with the name ping that automatically provides the internal ping with each of the hosts. The module is selected with the -m flag. If you want to execute a live command using the shell module give the command as argument to the shell module

 # ansible -i test.inv all -m shell -a date
 172.18.95.51 | SUCCESS | rc=0 >>
 Sun Jun 19 22:27:36 CEST 2016
 172.18.95.50 | SUCCESS | rc=0 >>
 Sun Jun 19 22:27:36 CEST 2016
  • info extracted on the target hosts

Each time Ansible is run, it gathers all sorts of information. This information is used during Ansible Playbook runs. For example to see all gathered info on hpdt

 # ansible -i test.inv hpdt-a -m setup

Ansible Galaxy is the official community hub for sharing Ansible roles. Look here for ready made 'roles' that can be downloaded.

Playbooks

To run a playbook that actually installs something you run the ansible-playbook command:

 # ansible-playbook -i <inventory.inv> roles.yml

The inventory is a list with host names. The file roles.yml is a yaml script that contains plays. If you want to try a playbook use the check [ -C ] option.

 # ansible-playbook -i production.inv all_roles.yml

Look here for the current set of plays and playbooks.

Installation log

Add the epel repo to the list of repos, run an update check and install ansible from epel

 # rpm -iUvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epelrelease-7-5.noarch.rpm
 # yum update
 # yum install ansible

On hpa (stock RHL 7) yum installed ansible and 12 dependencies most notably a bunch of python packages Ansible normally lives out of /etc. I have changed the location of the ansible files to /root/Ansible using a symlink in /etc/


Updated Ansible on 19.6.2016

  (1/1): ansible-2.1.0.0-1.el7.noarch.rpm                    | 3.4 MB   00:00
  Old: 2.0.2.0-1
  New: 2.1.0.0-1