Getting Started with Ansible Playbooks

In this tutorial, our goal is to perform the follow task:

  • ssh to the remote server
  • call git pull update for the changes
  • call maven package to compile war file
  • stop tomcat
  • remove previous version java apps
  • deploy the newly compile war file to tomcat webapps
  • start tomcat

Assume we have the follow servers that need to execute all the task whenever there is the new commit code.

IP Address  Short Hostname Username Password
123.123.123.121 ABC121 root  password123
123.123.123.122 ABC122 root password123
123.123.123.123 ABC123 root password123
123.123.123.124 ABC124 root password123
123.123.123.125 ABC125 root password123

 

Create a new project folder

Create a new project folder named playbook2. By end of this tutorial, you should have the following files listed.

  1. [path]/playbook2/ansible.cfg
  2. [path]/playbook2/inventory
  3. [path]/playbook2/javadev.yml
  4. [path]/playbook2/gitcredential/.git-credential

Create a inventory file

This inventory file keep our servers information, [abc] is group name

[abc]
ABC121 ansible_ssh_host=123.123.123.121 ansible_ssh_port=22 ansible_ssh_user=root
ABC122 ansible_ssh_host=123.123.123.122 ansible_ssh_port=22 ansible_ssh_user=root
ABC123 ansible_ssh_host=123.123.123.123 ansible_ssh_port=22 ansible_ssh_user=root
ABC124 ansible_ssh_host=123.123.123.124 ansible_ssh_port=22 ansible_ssh_user=root
ABC125 ansible_ssh_host=123.123.123.125 ansible_ssh_port=22 ansible_ssh_user=root

 

Create a ansible.cfg file

This ansible.cfg file has few default argument. like hostfile value inventory is pointing to the inventory file we’ve just created.

[defaults]
hostfile = inventory
ansible_connection: ssh
ask_pass: True

[ssh_connection]
ssh_args =  ""

 

Test Run in Terminal

Our first goal is to ping each server so that we can continue develop the task to fulfill the above requirement. If you encounter failure add -vvvv arguments for error details. If everything run fine, you should have similar result.

(ansible_env) MacBook-Air:playbook2 mingch$ ansible all -i inventory -m
SSH password: 
ABC121 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
ABC122 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
ABC123 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
ABC124 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
ABC125 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

 

Tasks Creation

Now it’s time to create task by task. The following is piece of code for each task describe what you need to accomplish the task given. The most tricky part for me is the git pull request, because it required to enter username and password. While if directly execute playbook will causing terminal stuck to wait for user input credential without acknowlegement. Details part will be explain in shortly.

Create task stop tomcat

At first, we need to stop the tomcat.

tasks:
    - name: tomcat stop
      service: name=tomcat state=stopped

 

Create task start tomcat

When everything is deployed, we need to start the tomcat.

tasks:
   - name: tomcat start
     service: name=tomcat state=started

 

Delete war file in tomcat webapps

During deployment, deleted the old war file.

tasks:
   - name: delete war file in tomcat webapps
     file: path=/usr/share/tomcat/webapps/myproject.war state=absent

 

Delete war directories in tomcat webapps

During deployment, deleted the old web project files in recursively.

tasks:
   - name: delete war file in tomcat webapps
     file: path=/usr/share/tomcat/webapps/myproject state=absent

 

Copy file in tomcat webapps

Copy the war file to the tomcat  webapps folder. You can also set variable with arguments vars.

vars: 
    remote_warfile: /root/workspace/myproject/target/myproject.war
    remote_webapps: /usr/share/tomcat/webapps/
tasks:
   - name: copy war file
      command: cp {{ remote_warfile }} {{ remote_webapps }}

 

Maven compile code

Maven run clean and package command to build the war archive.

tasks:
- name: maven clean package
      command: mvn -f /root/workspace/myproject/pom.xml clean package

 

Prerequisition setup

The remote server has git installed and used git pull that required you prompt input username and password. There are many way to store credential in locally by third party help, such as using private key, KDE wallet, netrc and etc. In my case, that a bit different. First it require you execute with helper store. Execute the following command in your remote server projec checkout folder.

git config credential.helper store

Or you can directly execute this command in any place with –git-dir=/your_project_path/.git

git --git-dir=/root/workspace/myproject/.git config credential.helper store

 

After this command is executed, you can either manually create a file in the location ~/.git-credentials immediate to test pull request without prompt for username and password.

remote-server# echo "https://myusername:mypassword@gitlab.com" > .git-credentials

OR you can run pull request that will prompt for enter username and password, afterward it will no longer required. And username and password will store in plain text in the following location if you did not provide option arguments here is the location.

more ~/.git-credentials 
https://myusername:mypassword@gitlab.com

 

Delete .git-credentials

Create a .git-credentials in your project folder. [path]/playbook2/gitcredential/ and delete the remote server .git-credentials

(ansible_env) MacBook-Air:playbook2 mingch$ echo "https://myusername:mypassword@gitlab.com" > gitcredential/.git-credentials

 

Create Task for git pull update

tasks:
  - name: check out the repository on the host
    git: repo=https://gitlab.com/loongest/myproject.git dest=/root/workspace/myproject/ accept_hostkey=yes

 

Complete playbook yml file example

This is the final playbook, at first I’ve set a of variables, then task and handler. Handler is just like a task but it only run when get trigger by notify syntax.

- name: Git pull maven compile tomcat deploy
  hosts: tutorial
  become: yes
  become_method: sudo
  vars:
     remote_warfile: /root/workspace/myproject/target/myproject.war
     remote_webapps: /usr/share/tomcat/webapps/
     local_git_credential: gitcredential/.git-credentials
     remote_git_credential: ~/.git-credentials

  tasks:
    - name: tomcat stop
      service: name=tomcat state=stopped

    - name: copy git .git-credentials
      copy: src={{ local_git_credential }} dest={{ remote_git_credential }}

    - name: check out the repository on the host
      git: repo=https://gitlab.com/loongest/myproject.git dest=/root/workspace/myproject/ accept_hostkey=yes

    - name: maven clean package
      command: mvn -f /root/workspace/myproject/pom.xml clean package

    - name: delete war directories in tomcat webapps
      file: path=/usr/share/tomcat/webapps/myproject.war state=absent

    - name: delete war file in tomcat webapps
      file: path=/usr/share/tomcat/webapps/myproject state=absent

    - name: delete git credential file
      file: path={{ remote_git_credential }} state=absent

    - name: copy war file
      command: cp {{remote_warfile}} {{remote_webapps}}
      notify: start tomcat

  handlers:
    - name: start tomcat
      service: name=tomcat state=started

 

 

Getting Started with Ansible Playbooks

4 thoughts on “Getting Started with Ansible Playbooks

  • Pingback:Ansible tutorial ‹ CodeOmitted

  • April 9, 2019 at 3:16 pm
    Permalink

    Thanks dude

    I am seeking for this code in lot websites those are not clear finally I saw this

    Its working perfectly thanks again

    Reply
  • December 30, 2019 at 7:59 am
    Permalink

    I have configured my Ansible control and slave node on Amazon EC2
    Operating System:https://www.redhat.com/Red Hat Enterprise Linux 8.0 (Ootpa)

    Issue – tomcat is not getting started on slave node. So i had to do it manually and it is working fine.
    Please help.

    playbook to install java

    [root@ip-10-0-0-82 playbooks]# vim installjava.yml

    – hosts: all
    tasks:
    – name: copy files from src to dest
    copy:
    src: /home/ec2-user/jdk-8u231-linux-x64.tar.gz
    dest: /opt

    – name: Unarchive a file that is already on the remote machine
    unarchive:
    src: /opt/jdk-8u231-linux-x64.tar.gz
    dest: /opt
    remote_src: yes

    – name: Defining JAVA_HOME
    lineinfile:
    dest: /etc/profile
    state: present
    line: ‘{{ item }}’
    with_items:
    – ‘export JAVA_HOME=/opt/jdk1.8.0_231’
    – ‘export PATH=$JAVA_HOME/bin:$PATH’

    – name: sourcing profile
    shell: source /etc/profile
    ———————————————————————————————————–
    playbook to deploy .war file

    [root@ip-10-0-0-82 playbooks]# vim deploysjavacode.yml

    – hosts: DB
    tasks:

    – name: Download MVN
    get_url: url=https://www-eu.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz dest=/opt/

    – name: Extract archive
    command: chdir=/usr/share /bin/tar xvf /opt/apache-maven-3.6.3-bin.tar.gz -C /opt/

    – name: Defining MVN_HOME
    lineinfile:
    dest: /etc/profile
    state: present
    line: ‘{{ item }}’
    with_items:
    – ‘export MVN_HOME=apache-maven-3.6.3’
    – ‘export PATH=$MVN_HOME/bin:$PATH’

    – name: update sourece
    shell: source /etc/profile

    – name: clone code
    shell: cd /tmp; /usr/bin/git clone https://github.com/shekharshamra/jenkin.git; cd /tmp/jenkin; mvn clean install

    – name: Download apache tomcat
    get_url: url=http://mirrors.estointernet.in/apache/tomcat/tomcat-8/v8.5.50/bin/apache-tomcat-8.5.50.tar.gz dest=/opt/

    – name: Extract archive
    command: chdir=/usr/share /bin/tar xvf /opt/apache-tomcat-8.5.50.tar.gz -C /opt/

    – name: deploy code
    shell: cd /tmp/jenkin/in28minutes-web-servlet-jsp/target ;cp in28minutes.war /opt/apache-tomcat-8.5.50/webapps/

    – name: Recursively change ownership of a directory
    file:
    path: /opt/apache-tomcat-8.5.50
    state: directory
    recurse: yes
    owner: tomcat
    group:

    handlers:
    – name: Restart tomcat
    service: name=tomcat state=started
    —————————————————————————————————————————————–
    [root@ip-10-0-0-82 playbooks]# ansible-playbook deploysjavacode.yml

    PLAY [DB] *************************************************************************************************************************************

    TASK [Gathering Facts] ************************************************************************************************************************
    ok: [10.0.0.129]

    TASK [Download MVN] ***************************************************************************************************************************
    ok: [10.0.0.129]

    TASK [Extract archive] ************************************************************************************************************************
    [WARNING]: Consider using the unarchive module rather than running ‘tar’. If you need to use command because unarchive is insufficient you
    can add ‘warn: false’ to this command task or set ‘command_warnings=False’ in ansible.cfg to get rid of this message.

    changed: [10.0.0.129]

    TASK [Defining MVN_HOME] **********************************************************************************************************************
    ok: [10.0.0.129] => (item=export MVN_HOME=apache-maven-3.6.3)
    ok: [10.0.0.129] => (item=export PATH=$MVN_HOME/bin:$PATH)

    TASK [update sourece] *************************************************************************************************************************
    changed: [10.0.0.129]

    TASK [clone code] *****************************************************************************************************************************
    changed: [10.0.0.129]

    TASK [Download apache tomcat] *****************************************************************************************************************
    changed: [10.0.0.129]

    TASK [Extract archive] ************************************************************************************************************************
    changed: [10.0.0.129]

    TASK [deploy code] ****************************************************************************************************************************
    changed: [10.0.0.129]

    TASK [Recursively change ownership of a directory] ********************************************************************************************
    changed: [10.0.0.129]

    PLAY RECAP ************************************************************************************************************************************
    10.0.0.129 : ok=10 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.