‬

AM
DN
BO
TH
AN
SH
RA
I P
S‭A
 ‭ANSIBLE‬

‭★‬ A ‭ nsible is an open source software that automates software provisioning, configuration‬
‭management, and application deployment.‬

‬
‭★‬ ‭Ansible is commonly used for tasks like software installation, configuration, and system‬
‭updates across multiple servers or devices in a network.‬

M
‭★‬ ‭Orchestration, Security and compliance.‬
‭★‬ ‭Uses YAML Scripting language which works on KEY-VALUE PAIR‬

A
‭★‬ ‭Ansible GUI is called as Ansible Tower. It was just Drag and Drop.‬
‭★‬ ‭It helps reduce manual work, improve consistency, and save time in managing complex‬
‭environments.‬

DN
O
‭The Keys Features of Ansible‬‭:‬

B
‭★‬ A
‭ gentless‬‭:There is no software or agent to be installed‬‭on the client that‬
‭communicates back to the server.‬

‭★‬ S
H
‭ imple and extensible‬‭: Ansible is written in Python‬‭and uses YAML for playbook‬

T
‭language, both of which are considered relatively easy to learn.‬

‭WHY ANSIBLE:‬

AN
‭ hile managing the multiple servers its hard to keep their configuration identical.‬
W

H
‭If you have multiple servers which needs to configure the same setup in all.‬

S
‭while doing the one to one server their might be a chances to miss some configuration steps in‬
‭some servers. Thats why automation tools come into play! The automation tools like Ansible,‬

A
‭Chef, Puppet and SaltStack all are based on a same principle.‬

R
‭DESCRIBE THE DESIRED STATE OF THE SYSTEM‬

I P
‭STEP BY STEPS OF MASTER AND SLAVE CONNECTION‬

S‭A
‭MASTER-SLAVE CONCEPT‬‭:‬

‭➔‬ ‭STEP-1:‬‭LAUNCH 5 INSTANCE (1-MASTER, 4-SLAVE)‬

‭➔‬ ‭STEP-2:‬‭INSTALL ANSIBLE, PYTHON AND PIP ON MASTER‬‭SERVER‬

‭1‭.‬‬‭amazon-linux-extras install ansible2‬‭-y‬

‭2.‬‭yum install python-pip‬‭-y‬

 ‭➔‬ ‭STEP-3:‬‭ADD ANSIBLE USER IN ANSIBLE SERVER‬

‭3.‬‭useradd ansible‬

‭➔‬ ‭STEP-4‬‭: SET A PASSWORD TO USER IN ANSIBLE SERVER‬

‬
‭4.‬‭passwd ansible‬

‭➔‬ ‭STEP-5:‬‭GIVE ROOT PERMISSIONS TO ANSIBLE USER‬

‭visudo‬‭---> 100 line (100gg)‬

AM
DN
BO
‭add these second line (ansible ALL=(ALL) NOPASSWD: ALL) now save & quit from the file‬

H
‭➔‬ ‭STEP-6‬‭: NOW WE HAVE TO SAY YES TO PASSWORD AUTHNETICATION‬

T
‭5.‬‭vi /etc/ssh/sshd_config‬‭----> 63 line‬‭(63gg)‬

N
H A
S
‭change the password authentication from no to yes‬

RA
‭➔‬ ‭STEP-7:‬‭RESTART SSHD 6‬‭.‬‭systemctl restart sshd‬

P
‭NOTE: REPETE ALL THESE STEPS ON ALL SLAVE SERVERS‬

I
‭FROM STEP-3 TO STEP-7‬

A
S‭
‭➔‬ ‭STEP-8:‬‭LOGIN AS ANSIBLE USER‬

‭7.‬‭su - ansible‬

‭➔‬ ‭STEP-9:‬‭GENERATE A KEY IN ANSIBLE USER ON MASTER‬‭SERVER‬

‭8.‬‭Ssh-keygen‬

‭It will generate 2 keys (public & private)‬

 ‭➔‬ ‭STEP-10:‬‭COPY THE PUBLIC KEY TO ALL SLAVE SERVERS‬

‭9.‬‭ssh-copy-id ansible@slave_ip‬

‭➔‬ ‭STEP-11:‬‭LOGIN TO THE SLAVE‬

‬
‭10.‬‭ssh ansible@slave_ip‬

‭NOW ITS TIME TO CHANGE ANSIBLE CONFIGURATIONS:‬

‭➔‬ ‭STEP-12:‬‭EXIT FROM ANSIBLE USER ON MASTER SERVER‬

‭11.‬‭exit‬ ‭so we will be in root user‬

AM
‭➔‬ ‭STEP-13 :‬‭ENBALE ANSIBLE INVENTORY AND SUDO USER‬

DN
O
‭12.‬‭vi /etc/ansible/ansible.cfg‬

B
TH
AN
H
‭save & quit from the file‬

AS
‭➔‬ ‭STEP-14:‬‭ADD INVENTORIES‬

PR ‭13.‬‭vi /etc/ansible/hosts‬

AI
S‭
‭HERE dev & test is the group names save & quit from the file‬
 ‭➔‬ ‭STEP-15‬‭: TO CHECK WITH SLAVE SERVER CONNECTION‬

‭login as ansible user : 14.‬‭su - ansible‬

‭to check the connection‬‭:‬‭15.‬ ‭ansible all‬‭--list-hosts‬

‭➔‬ ‭To check the network connection between master & slave :‬‭ansible all -m ping‬

‭➔‬ ‭To see the list of hosts in inventory :‬‭ansible all‬‭--list-hosts‬

‬
‭➔‬ ‭To see the 1st hosts in inventory :‬‭ansible all[0]‬‭--list-hosts‬
AM
‭➔‬ ‭To see the list of particular group hosts in inventory :‬‭ansible group_name --list-hosts‬

‭PLAYBOOKS:‬
DN
‭ . Playbooks in Ansible are written in YAML language.‬
1

BO
‭2. It is a human readable & serialization language commonly used for configuration files.‬

H
‭3. You can write codes consists of vars, tasks, handlers, files, templates and roles.‬

T
‭4. Each playbook is composed of one or more modules in a list.‬
‭5. Playbooks are mainly divided into sections like‬

N
‭6. TARGET SECTION: Defines host against which playbooks task has to be executed.‬
‭7. VARIABLE SECTION: Defines variables.‬

H A
‭8. TASK SECTION: action you are performing‬

‭1.WRITE A PLAYBOOK TO INSTALL GIT IN DEV GROUP:‬

AS
PR
AI
S‭
‭2. WRITE A PLAYBOOK TO INSTALL JAVA1.8.0 ON ALL THE SERVERS‬
 ‬
M
‭3. WRITE A PLAYBOOK TO INSTALL WEB SERVER & START THE WEB SERVER:‬

NA
O D
B
TH
AN
SH
A
‭4. WRITE A PLAYBOOK WITH VARIABLE:‬

PR
AI
S‭
‭5. WRITE A PLAYBOOK WITH MULTIPLE VARIABLES:‬

‬
AM
DN
BO
TH
N
‭6. WRITE A PLAYBOOK TO ADD VARIABLES DYNAMICALLY:‬

A
SH
RA
I P
S‭A
‭for single var:‬‭ansible-playbook one.yml --extra-vars "abc=git"‬

‭for multiple vars:‬‭ansible-playbook one.yml --extra-vars "abc=git def=maven"‬

‭7. WRITE A PLAYBOOK TO INSTALL PACKAGES ON DIFFERENT WAYS:‬

‬
AM
DN
BO
H
‭8. Passing a Varaible file - A Varaible can be defined in a variable file and can be passed‬

T
‭to a playbook using the include‬

AN
SH
RA
I P
S‭A
 ‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A
 ‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A
‭14. WRITE A PLAYBOOK FOR CREATING A FILE:‬

‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A
‭16. WRITE A PLAYBOOK TO CHANGE THE PERMISSIONS OF A FILE:‬

‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A
‭18. WRITE A PLAYBOOK TO SETUP JENKINS:‬

‬
AM
DN
BO
TH
‭19. WRITE A PLAYBOOK TO SETUP TOMCAT:‬

AN
SH
RA
I P
S‭A
‭20. WRITE A PLAYBOOK TO GET A CODE FROM GITHUB(PUBLIC-REPO)‬

‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A
‭23. WRITE A PLAYBOOK TO SEE LIST OF USERS:‬

‬
AM
DN
‭ANSIBLE ROLES:‬
BO
TH
‭ nsible roles are a way to organize and structure your Ansible playbooks in a more modular and‬
A
‭reusable manner. They provide a means to group related tasks, variables, and files together,‬

N
‭making your playbooks more organized and easier to manage. Roles can be thought of as a‬
‭collection of tasks, templates, and variables that are designed for a specific purpose or function,‬

A
‭such as setting up a web server, configuring a database, or managing a specific application.‬

SH
‭1. Create the role directory structure:‬
‭ ou can create a role using the ansible-galaxy command or‬
Y

A
‭by manually creating the directory structure. Let's create the directory structure manually:‬

‭roles/‬

PR
I
‭├── webserver/‬

A
‭├── tasks/‬

S‭
‭├ ── main.yml‬
‭├── handlers/‬
‭│ └── main.yml‬
‭├── templates/‬
‭│ └── index.html.j2‬
‭├── vars/‬
‭│ └── main.yml‬
‭ ── defaults/‬
├
‭│ └── main.yml‬
‭└── meta/‬
‭└── main.yml‬

‬
‭2. Define the role tasks in roles/webserver/tasks/main.yml:‬

M
-‭ - -‬

A
‭- name: Install Apache web server‬
‭yum: name=httpd state=present‬

‭- name: Ensure Apache service is running‬

‭service: name=httpd state=started‬

DN
‭3. Define role variables in roles/webserver/vars/main.yml:‬
‭– – –‬

BO
H
‭apache_port: 80‬

T
‭ . Create a handler in roles/webserver/handlers/main.yml (optional) to restart the Apache‬
4

N
‭service if needed:‬
‭– – –‬

A
‭- name: Restart Apache‬
‭- service: name=httpd state=restarted‬

SH
‭ . Create a template for the index page in roles/webserver/templates/index.html.j2 (optional):‬
5
‭<!DOCTYPE html>‬

‭<html>‬

RA
P
‭<head>‬

I
‭<title>Welcome to My Website</title>‬

A
S‭
‭</head>‬

‭<body>‬

‭<h1>Welcome to My Website</h1>‬

‭</body>‬

‭</html>‬
‭6. Specify any necessary metadata for the role in roles/webserver/meta/main.yml:‬

‭ – –‬
–
‭dependencies: []‬

‭ . With this role structure in place, you can now use the webserver role in your Ansible playbook‬
7

‬
‭by specifying it in the roles section. For example:‬
‭– – –‬

M
‭- name: Configure Web Server‬

A
‭hosts: web_servers‬
‭become: yes‬

r‭ oles:‬
‭- webserver‬

DN
BO
TH
N
‭ANSIBLE SETUP MODULES:‬

H A
AS
PR
AI
S‭
‭After executing a playbook, if you want to see the output in json format‬

‭ansible -m setup private_ip‬

‭if you want to apply a see particular output, you can apply filter.‬

➔
‭ ‬ ‭ansible -m setup -a "filter=ansible_os_family" private_ip‬
‭➔‬ ‭ansible -m setup -a "filter=ansible_devices" private_ip‬
‭➔‬ ‭ansible -m setup -a "filter=ansible_kernel" private_ip‬

‬
‭ADHOC COMMANDS:‬

AM
‭ nsible ad-hoc commands are quick, one-time instructions you give to Ansible on the command‬
A

N
‭line to perform simple tasks on remote servers. These commands are not part of Ansible's usual‬

D
‭automation playbook and are typically used for tasks like running a single command, checking‬
‭server status, or making minor changes without writing full automation scripts. Ad-hoc‬

O
‭commands are handy for immediate, one-off tasks.‬

B
➔
‭ ‬ ‭ nsible remo -a “ls‬‭” [remo: Group name, -a: argument, ls: command]‬
a
‭➔‬ ‭ansible remo [0] -a “touch file1”‬

H
‭➔‬ ‭ansible all -a “touch file2”‬

T
‭➔‬ ‭ansible remo -a “sudo yum install httpd -y”‬
‭➔‬ ‭ansible remo -ba “yum install httpd -y”‬‭(b: become you will become sudo user)‬

N
‭➔‬ ‭ansible remo -ba “yum remove httpd -y”‬

‭ANSIBLE MODULES:‬
H A
S
‭ nsible modules are like individual commands or tools that perform specific tasks on target‬
A

A
‭machines. They are the building blocks for Ansible automation. Modules can do things like‬
‭create files, install software, restart services, and more.‬

R
‭➔‬ ‭ansible remo -b -m yum -a “pkg=httpd state=present”‬‭(install: present)‬

P
‭➔‬ ‭ansible remo -b -m yum -a “pkg=httpd state=latest”‬‭(update: latest)‬
‭➔‬ ‭ansible remo -b -m yum -a “pkg=httpd state=absent”‬‭(uninstall: absent)‬

I
‭➔‬ ‭ansible remo -b -m service -a “name=httpd state=started”‬‭(started: start)‬

A
‭➔‬ ‭ansible remo -b -m user -a “name=raj”‬

S‭
‭(to check go to that servers and sudo cat /etc/passwd).‬
‭➔‬ ‭ansible remo -b -m copy -a “src=filename dest=/tmp”‬
‭(to check go to that server and give ls /tmp)‬

‭ANSIBLE GALAXY:‬
‭ nsible Galaxy is a website and command-line tool for sharing and managing collections of‬
A
‭Ansible roles and playbooks. In simple terms, it's like an online marketplace or repository for‬
‭Ansible automation content.‬
 ➔
‭ ‬ ‭ nsible-galaxy init raham‬
a
‭➔‬ ‭ansible-galaxy search elasticsearch‬
‭➔‬ ‭ansible-galaxy search elasticsearch --author alikins‬
‭➔‬ ‭ansible-galaxy install alikns.elasticsearch‬
‭➔‬ ‭cd /home/ansible/.ansible/roles/‬

‭ANSIBLE VALUT:‬
‬
M
‭Ansible Vault is a feature of the Ansible automation tool that is used to securely encrypt‬

A
‭sensitive data, such as passwords, API keys, and other secrets, so that they can be safely‬

N
‭stored and shared within Ansible playbooks and roles.‬

‭USE CASES:‬
➔
‭ ‬
‭➔‬
‭ ncryption‬
E
‭Secure Storage‬

O D
B
‭➔‬ ‭Password Prompt‬
‭➔‬ ‭Automation‬

H
‭➔‬ ‭Secrets Management‬

T
‭COMMANDS FOR ANSIBLE PASSWORD‬

AN
‭ ‬ ‭ansible-vault create vault.yml : creating a new encrypted playbook.‬
‭➔‬ ‭ansible-vault edit vault.yml : Edit the encrypted playbook.‬
‭➔‬ ‭ansible-vault rekey vault.yml : To edit the password‬‭.‬

H
‭➔‬ ‭ansible-vault view vault.yml : To view the playbook without decrypt.‬

S
‭➔‬ ‭ansible-vault encrypt vault.yml : To encrypt the existing playbook‬‭.‬
‭➔‬ ‭ansible-vault decrypt vault.yml : To decrypt the encrypted playbook.‬

A
‭—----------------------------------------------------------------------------------------------------------------------------‬

R
‭Thank You!‬

P
I‭ sincerely appreciate you taking the time to read my Ansible notes.‬

I
‭Your support and engagement mean a lot to me! I hope you found them insightful and‬
‭valuable.‬

S‭
‭ est Regards,‬
B A
‭Looking forward to sharing more knowledge with you!‬

‭Sai Prashanth Bodnam‬

 ‬
AM
DN
BO
TH
AN
SH
RA
I P
S‭A