Ansible is an OpenSource automation tool, that makes it very easy to automate workflows and has a strong focus on being simple and easy. This article describes how you can get started with Ansible and why you should.
Ansible for Automation
When I started to think about automation, I was doing bash scripts, puppet, Chef Automate or SaltStack, among other tools. Ansible provides things, the other languages simply cannot compete with. Some of these are also core concepts of Ansible, and I just want to mention some of these:
- no server needed
- code is simple YAML and jinja2
- easy to learn
- no client needed
- declarative code
- thousands of modules and roles already available
If you heard about the "5-minute blog", let me show you the "5-minute automation" (maybe 10 minutes, if you read carefully).
Installation (1 minute)
The installation of Ansible can be done in several ways. For getting started, it may be a good idea to use the packages provided by your Linux distribution.
# Fedora, CentOS $ sudo dnf install -y ansible # Debian, Ubuntu, Mint, Pop_OS $ sudo apt-get update && sudo apt-get install -y ansible
In case you are more development focussed and love to put Ansible in its own Python Environment, you can do this, too. This is also the recommended way, if you want to play with the freshly released Ansible 3.0.0.
# Create Virtual Environment $ python -m venv DIRECTORY # Activate the environement # This must be done everytime you want to use ansible. $ source DIRECTORY/bin/activate # Install Ansible $ pip install ansible # Deactivate the environment # This should be done, when you are done with your work $ deactivate
In case none of these options are for you, the Ansible documentation provides a much more detailed guide.
Configuration (1 minute)
Ansible works perfectly fine, without any special configuration. In case you want to tweak it to your needs, you should have a look here and here. For now, you should know, that you can have multiple places to configure Ansible. They are used as shown in the below order.
# For your project PROJECT/ansible.cfg # For your user ~/.ansible.cfg # For the machine /etc/ansible/ansible.cfg
The first project (3 minutes)
Let's create our first project. This is quite simple, since we want to manage our local machine only. I think we can start with something simple like the installation of the Apache httpd server on Fedora/CentOS/RHEL/Oracle Linux. Sounds fine?
# Create our directory $ mkdir ansible-httpd $ cd ansible-httpd # Create the needed 2 files $ touch inventory.yml $ touch playbook.yml
Now let's fill our files with some content. The inventory.yml will tell Ansible which servers it should use. You can have multiple of these files and therefore run the same playbooks for different sets of machines. If you want to learn more about the Ansible inventory, I recommend starting here.
This file describes that we have one host
localhost, which has exactly one variable
connection: "local" assigned to it. This variable will force Ansible to run the playbook locally and not connect via ssh to the target machine.
The second step will be our playbook. This playbook is even easier to read, and I would wonder if you need any special explanation what's going on.
As you may have guessed already, we will install a package "httpd" and start and enable the service "httpd.service". Before running the playbook and test, if everything works, I will explain the syntax a bit.
The first 2 lines tell the playbook how it is named and which scope (hosts from inventory) it should use.
tasks: statement opens the task context, so we can start writing tasks. Afterwards, you will see 2 tasks. The
name: "Install httpd" task, uses the package module to make the package httpd present. The
name: "Start and enable httpd" task will use the service module to start and enable the httpd service (httpd.service is the correct naming for systemd service units). Both tasks are having a special statement
become: True, which will tell Ansible to run these tasks with privileges (root).
Now, lets finally run and test the playbook.
# Run the playbook $ ansible-playbook -i inventory.yml --ask-become-pass playbook.yml # Check if the webserver is running $ curl localhost:80
The first task will run the playbook and ask you for your sudo password. After a short wait, you will be able to check the web server running on your localhost / test machine.
That's it. You successfully ran your first Ansible Playbook!
I will ensure to provide more guides during the next couple of weeks to explain everything about playbooks, roles, variables, etc, etc. For the time being, please also check out the official Ansible documentation.
Automation will help to reduce risks, make tasks reproducible and scalable, it enhances collaboration and provides ways for scaling. Ansible is a very simple tool, that is easy to learn to have the first success stories in 5 minutes or even less.