Ansible is

  • configuration manager
  • simple
  • extensible via modules
  • written in python
  • broad community
  • many external tools
  • playbook repository
  • used by openstack, openshift & tonns of project

Configuration Manager

Explain infrastructure as code

Advantages

No agents: ansible copies python and all deployment scripts/modules to the target machine via ssh and executes them remotely. Some modules though require that target hosts contain specific python libraries.

Jobs are executed in parallel, but you can configure for serialization using different strategies for speed up, rollout or other purposes: (link)

Authentication can be passwordless (ssh/pki, kerberos) or with password.

Automation jobs (Playbooks) are described via YAML - a very concise and simple language. You can validate and lint files with yamllint and ansible-lint.

this_is:
  a: yaml

file:
- with dict
- a list

Passwords are supported, but SSH keys with ssh-agent are one of the best ways to use Ansible. Though if you want to use Kerberos, that's good too.

You have a lot of options! Root logins are not required, you can login as any user, and then su or sudo to any user.


In [ ]:
cd /notebooks/exercise-00/

In [ ]:
# Let's check our ansible directory
!tree

ansible.cfg

It's the main configuration file. While all ansible are in yaml, ansible.cfg is in .ini format. Eg.

[stanza]
key = value

Let's check the content of a sample ansible.cfg:

  • there's a lot of stuff in there
  • there will be more ;)
  • for now let's check only the uncommented ones.

In [ ]:
!cat ansible.cfg

Inventories

a simple inventory file contains a static list of nodes to contact.

Generally, an inventory can be static or dynamic, as we will see in the following lessons.


In [ ]:
!cat inventory

In [ ]:
# You can have many inventory files
!cat staging

Environment variables

N.B. ansible environment variables are not related with process environment

You defined your host groups in the environment, eg:

  • course
  • ansible
  • staging

Ansible defines two default groups: all and ungrouped.

You can assign variables to all hosts using the all group.


In [ ]:
# group_vars - a directory containing environment files for various host groups.
!tree group_vars

In [ ]:
# I set  env_name in two different files
!grep env_name -r group_vars/

In [ ]:
# The debug module (-m debug) shows variables' content or dumps messages.
#   by default uses the inventory set into ansible.cfg, thus writing
!ansible all -m debug -a 'var=env_name'

Exercise

Dump env_name tied to the staging inventory.

  • which is the expected output?
  • what ties the "staging" inventory file to group_vars/staging?

In [ ]:
# Solution

!ansible all -i staging -m debug -a 'var=env_name'

In [ ]:
# Use this cell for the exercise

Exercise


In [ ]:
#
# Read the inventory and try to predict the output of
#
!ansible course -i staging -m debug -a 'var=proxy_env'