Ansible: Difference between revisions
From charlesreid1
No edit summary |
|||
| (10 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
https://charlesreid1-docker.github.io/charlesreid1-ansible/ | |||
Ansible can be thought of as a for-loop over SSH scripts, but it's also much more than that. Ansible is all about taking care of the heavy lifting involved in infrastructure automation. | |||
==Basic Features== | ==Basic Features== | ||
| Line 33: | Line 27: | ||
</pre> | </pre> | ||
==Using Ansible Locally with Vagrant== | See [[Ansible/Directory Layout]] for a much more detailed discussion. | ||
==Using Ansible== | |||
===Using Ansible Locally with Vagrant=== | |||
{{Main|Ansible/Vagrant}} | {{Main|Ansible/Vagrant}} | ||
| Line 43: | Line 41: | ||
See [[Ansible/Vagrant]] for coverage of both methods when using Vagrant. | See [[Ansible/Vagrant]] for coverage of both methods when using Vagrant. | ||
See [[Ansible/ | See [[Ansible/Vagrant/Dynamic_Inventory]] for a dynamic inventory script with Vagrant. | ||
===Using Ansible with EC2=== | |||
{{Main|Ansible/EC2}} | |||
When using Ansible with Amazon AWS EC2, AWS manages the compute nodes. | |||
Like with Vagrant, Ansible uses the hosts file to connect to the EC2 nodes. The hosts file can either be maintained by hand using the information from AWS, or a dynamic inventory script can be used to call the AWS API and get information about computational resources to give to Ansible. | |||
See [[Ansible/EC2]] for coverage of both methods (the static inventory script and the dynamic inventory script) when using Amazon EC2. | |||
See [[Ansible/EC2/Dynamic Inventory]] for an example EC2 dynamic inventory script. | |||
==Ansible Features== | |||
===Playbooks=== | |||
Playbooks are the central feature of Ansible, and are where you tell Ansible what to do on what machines. | |||
[[Ansible/Playbooks]] - this is where Ansible becomes really powerful | |||
[[Ansible/Variables]] - defining and using variables to remove complexity | |||
===Hosts=== | |||
Ansible host files tell Ansible how to work with host machines. Ansible can also interact programmatically with hosts. | |||
[[Ansible/Hosts]] - configuring machines to work with Ansible | |||
===Roles=== | |||
Roles can provide multiple "routes" through a playbook for different types of machines | |||
[[Ansible/Roles]] - defining and using roles to make playbooks more powerful | |||
===Vaults and Secrets=== | |||
Ansible uses vaults to encrypt and store keys and secrets. You can include a vault in <code>playbooks/group_vars</code> and have ansible ask for a password on the command line: | |||
<pre> | |||
ansible-playbook site.yml --ask-vault-pass | |||
</pre> | |||
[[Ansible/Vaults]] - mechanism for encrypting and decrypting secrets | |||
=Flags= | =Flags= | ||
{{AnsibleFlag}} | |||
Latest revision as of 02:25, 29 March 2019
https://charlesreid1-docker.github.io/charlesreid1-ansible/
Ansible can be thought of as a for-loop over SSH scripts, but it's also much more than that. Ansible is all about taking care of the heavy lifting involved in infrastructure automation.
Basic Features
Summary:
- Ansible is Python-based
- Ansible uses playbooks, which are YAMl files, to configure remote machines
- Ansible is push-based, which means your workflow involves making changes to the playbook and pushing those changes to the server
- Ansible is idempotent, which means you can run the playbook multiple times and it will only carry out new tasks (it will not repeat tasks)
- Ansible allows executing arbitrary shell commands
- Ansible uses Jinja templates, in addition to YAML, to deploy files to machines
Directory Structure
The basic directory structure we'll use with Ansible is to create a playbooks directory to hold everything:
playbooks/
hosts <-- ansible inventory file
.vagrant/ <-- directory used by vagrant for keys/machines (if using vagrant)
playbook.yml
See Ansible/Directory Layout for a much more detailed discussion.
Using Ansible
Using Ansible Locally with Vagrant
Vagrant allows you to set up virtual machine(s) using VirtualBox, which can give you a way of testing Ansible scripts locally (without using the AWS or Google Cloud platforms).
Ansible uses the hosts file to connect to Vagrant. You can either manage the hosts file by hand (for a small number of machines), or you can use a dynamic inventory script (for an arbitrary number of machines).
See Ansible/Vagrant for coverage of both methods when using Vagrant.
See Ansible/Vagrant/Dynamic_Inventory for a dynamic inventory script with Vagrant.
Using Ansible with EC2
When using Ansible with Amazon AWS EC2, AWS manages the compute nodes.
Like with Vagrant, Ansible uses the hosts file to connect to the EC2 nodes. The hosts file can either be maintained by hand using the information from AWS, or a dynamic inventory script can be used to call the AWS API and get information about computational resources to give to Ansible.
See Ansible/EC2 for coverage of both methods (the static inventory script and the dynamic inventory script) when using Amazon EC2.
See Ansible/EC2/Dynamic Inventory for an example EC2 dynamic inventory script.
Ansible Features
Playbooks
Playbooks are the central feature of Ansible, and are where you tell Ansible what to do on what machines.
Ansible/Playbooks - this is where Ansible becomes really powerful
Ansible/Variables - defining and using variables to remove complexity
Hosts
Ansible host files tell Ansible how to work with host machines. Ansible can also interact programmatically with hosts.
Ansible/Hosts - configuring machines to work with Ansible
Roles
Roles can provide multiple "routes" through a playbook for different types of machines
Ansible/Roles - defining and using roles to make playbooks more powerful
Vaults and Secrets
Ansible uses vaults to encrypt and store keys and secrets. You can include a vault in playbooks/group_vars and have ansible ask for a password on the command line:
ansible-playbook site.yml --ask-vault-pass
Ansible/Vaults - mechanism for encrypting and decrypting secrets
Flags
