Ansible tutorial

Ansible tutorial

Throughout this tutorial, practice with few simple step to get basic understanding what is ansible.

  • Install ansible
  • Install vagrant (for create servers)
  • Use ansible communicate with remove server
  • Install nginx

Install Ansible

  • Mac OS X
  • Terminal

1, cd to directory [path]\workspace\

2, create virtual environment folder

MacBook-Air:workspace mingch$ virtualenv ansible_env
New python executable in ansible_env/bin/python
Installing setuptools, pip...done.

3, activate python virtual environment

MacBook-Air:workspace mingch$ cd ansible_env/

MacBook-Air:ansible_env mingch$ source bin/activate
(ansible_env)MacBook-Air:ansible_env mingch$ 

4, install ansible

(ansible_env)MacBook-Air:ansible_env mingch$ pip install ansible
Downloading/unpacking ansible
  Downloading ansible-2.0.0.1.tar.gz (1.5MB): 1.5MB downloaded
  Running setup.py (path:/Users/workspace/ansible_env/build/ansible/setup.py) egg_info for package ansible
....
Successfully installed ansible paramiko jinja2 PyYAML pycrypto ecdsa MarkupSafe
Cleaning up...
(ansible_env)MacBook-Air:ansible_env mingch$ 

5, If working with docker, install docker-py boto

(ansible_env)MacBook-Air:ansible_env mingch$ pip install docker-py boto
Downloading/unpacking docker-py
  Downloading docker-py-1.6.0.tar.gz (63kB): 63kB downloaded

 

Install Vagrant

1, create a directory playbooks

(ansible_env)MacBook-Air:ansible_env mingch$ mkdir playbooks
(ansible_env)MacBook-Air:ansible_env mingch$ cd playbooks/

2, initialize vagrant

(ansible_env)MacBook-Air:playbooks mingch$ vagrant init ubuntu/trusty64
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.

3, vagrant up and running

(ansible_env)MacBook-Air:playbooks mingch$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'ubuntu/trusty64' could not be found. 
    Attempting to find and install...
....
==> default: Mounting shared folders...
    default: /vagrant => /Users/mingch/Documents/workspace/ansible_env/playbooks

4, Access to vagrant virtual machines by using vagrant ssh client

(ansible_env)MacBook-Air:playbooks mingch$ vagrant ssh
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-74-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

 System information disabled due to load higher than 1.0

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud
_____________________________________________________________________

5, To show vagrant ssh details which display the information like private key that you can use regular ssh client.

(ansible_env) MacBook-Air:playbooks mingch$ vagrant ssh-config
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2200
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile "/Users/mingch/Documents/python-workspace/ansible_env/playbooks/.vagrant/machines/default/virtualbox/private_key"
  IdentitiesOnly yes
  LogLevel FATAL

6. Testing ssh, user=vagrant, host=127.0.0.1, port=2222, identity /Users/mingch/….virtualbox/private_key

(ansible_env)MacBook-Air:playbooks mingch$ ssh [email protected] -p 2200 -i /Users/mingch/Documents/python-workspace/ansible_env/playbooks/.vagrant/machines/default/virtualbox/private_key

The authenticity of host '[127.0.0.1]:2200 ([127.0.0.1]:2200)' can't be established.
ECDSA key fingerprint is SHA256:NwzXLwhH1eU1Zt0J1AnAw6Nr+mCwaq/iSkmIegZELiI.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:2200' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-74-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Jan 16 07:54:24 UTC 2016

  System load:  0.92              Processes:           83
  Usage of /:   3.4% of 39.34GB   Users logged in:     0
  Memory usage: 28%               IP address for eth0: 10.0.2.15
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

 

Troubleshooting

If you get the follow error, meaning that you may have added recently, lately added will consider not valid. The following solution also able to solve vagrant ask for password prompt.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:yRu8yfSOZionpeQPqf44b0uC7D0VOepxH0i8VKEHkGA.
Please contact your system administrator.

1. To solve the problem,  vi  ~/.ssh/known_hosts and delete the relevant host with port. Example,

[127.0.0.1]:2222 ecdsa-sha2-nistp256 AAAAE2VjZH+lUbdK+oGQDDSP+KweO0V/g=
[127.0.0.1]:2201 ecdsa-sha2-nistp256 AAAAE2VjZHNhLsXNoa&DTOVVLmaFB83ik=
[127.0.0.1]:2202 ecdsa-sha2-nistp256 AAAAE2VjZHNhsLXNoYTzdHAyNTIbmo3Rg=
[127.0.0.1]:2200 ecdsa-sha2-nistp256 AAAAE2VjZHNshLXNoYTASDSqBXXktkbABk=

2. Delete vagrant insecure key

rm ~/.vagrant.d/insecure_private_key 

3. Reload vagrant, and delete Vagrantfile

vagrant reload

 

back to ansible configuration ..

 

Hosts file

Ansible need to know your server information before it can communicate with them. Create a host/inventory file in your project folder playbooks/hosts. In the hosts file, you can simply provide the name, ip address a, aliases and leave the common share information in ansible.cfg for safe typing. Example:

[webservers]
webserver  ansible_ssh_host=127.0.0.1 \
           ansible_ssh_port=2200 \
           ansible_ssh_user=vagrant \
           ansible_ssh_private_key_file=.vagrant/machines/default/virtualbox/private_key


--  OR Simplified version --

[webservers]
webserver ansible_ssh_host=127.0.0.1 ansible_ssh_port=2200

 

Default ansible.cfg location

You can put the ansible.cfg file in the location described as following

  • Environment variable ANSIBLE_CONFIG
  • Current directory .ansible.cfg
  • Home directory ~/.ansible.cfg
  •  /etc/ansible/ansible.cfg
[defaults]
hostfile = hosts
remote_user = vagrant
private_key_file = .vagrant/machines/default/virtualbox/private_key
host_key_checking = False

 

Test Ping

(ansible_env)MacBook-Air:playbooks mingch$ ansible webserver -m ping
webserver | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

 

Arguments

 Arguments description
-m module name
-a arguments, double quote if contains space
-s sudo flag

 

Common Used Module

module description
apt Use apt package manager to install or delete packages
copy Copy files from local machines to remote machines
file Sets the attributes of a file, symlink or directory
service Start, stops or restarts a service
template Generates a file from template and copies it to the hosts

 

Update before install nginx

ansible webserver -s -m apt -a "name=nginx update_cache=yes"

 

Install nginx

ansible webserver -s -m apt -a name=nginx

 

Start, Stop and Restart Nginx

Avaiable state values are running, started, stopped, restarted, reloaded

ansible webserver -s -m service -a "name=nginx state=started"

 

Port Forward

Modified the Vagrantfile allow port forward from localhost to virtual machines. Add the following lines to your Vagrantfiles.

Vagrant.configure(2) do |config|
  config.vm.box = "ubuntu/trusty64"
  config.vm.network "forwarded_port", guest: 80, host: 8080
  config.vm.network "forwarded_port", guest: 443, host: 8443
end

 

Reload the vagrant.

vargrant reload

 

Connect to localhost

Open a browser http://localhost:8080/

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

 

Continue with playbooks

Now you’ve basic understanding, you may interest on my other article getting started ansible playbooks. The tutorial will show you how I used it for my freelance job with include git pull, maven build, deploy tomcat and tomcat start/stop service.

Getting Started with Ansible Playbooks

One comment

  1. Happy to know you find this post useful. Cheers!

    Reply

Write a Reply or Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.