Ansible
7 likes1,911 views
Ansible is an automation tool that can provision, configure, and deploy applications. It uses human-readable YAML files called playbooks to define automation tasks. Playbooks contain modules that specify steps like installing packages, copying files, and starting services. Ansible Tower provides a GUI and API for securely managing Ansible automation at scale. Ansible supports both Linux and Windows environments through its agentless design and built-in modules.
Ansible
- 1. ANSIBLE OVERVIEW Raul Leite rleite@redhat.com SR SA Cloud/Platform
- 2. AGENDA ANSIBLE CORE ANSIBLE TOWER ANSIBLE AND WINDOWS ANSIBLE AND SATELLITE
- 3. ANSIBLE CORE
- 4. WHAT IS ANSIBLE? Simple Automation Language Automation Engine
- 5. WHAT IS ANSIBLE USED FOR? Provisioning Configuration Management Application Deployment Security & Compliance Continuous Delivery Orchestration
- 6. HOW DOES ANSIBLE WORK?
- 7. PLAYBOOK --- - name: install and start apache hosts: all vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
- 8. PLAYBOOK --- # Create a new VM on an ESX server - name: launch instances hosts: localhost connection: local # gather_facts: False tasks: - vsphere_guest: vcenter_hostname: 162.223.13.228 guest: demo-dj-from-template from_template: yes template_src: demo-dj-template # cluster: MainCluster resource_pool: "/Resources" - vsphere_guest: guest: demo-dj-from-template state: powered_on vm_extra_config: vcpu.hotadd: yes mem.hotadd: yes notes: This is a test VM vm_disk: disk1: size_gb: 10 type: thin datastore: storage001 vm_nic: nic1:
- 9. MODULES cloudformation - Create or delete an AWS CloudFormation stack cloudtrail (E) - manage CloudTrail creation and deletion dynamodb_table (E) - Create, update or delete AWS Dynamo DB tables. ec2 - create, terminate, start or stop an instance in ec2 ec2_ami - create or destroy an image in ec2 ec2_ami_copy (E) - copies AMI between AWS regions, return new image id ec2_ami_find - Searches for AMIs to obtain the AMI ID and other information ec2_ami_search (D) - Retrieve AWS AMI information for a given operating system. ec2_asg - Create or delete AWS Autoscaling Groups ec2_eip - associate an EC2 elastic IP with an instance. ec2_elb - De-registers or registers instances from EC2 ELBs ec2_elb_facts (E) - Gather facts about EC2 Elastic Load Balancers in AWS ec2_elb_lb - Creates or destroys Amazon ELB. ec2_eni (E) - Create and optionally attach an Elastic Network Interface (ENI) to an instance ec2_eni_facts (E) - Gather facts about ec2 ENI interfaces in AWS ec2_facts - Gathers facts about remote hosts within ec2 (aws) ec2_group - maintain an ec2 VPC security group. ec2_key - maintain an ec2 key pair. ec2_lc - Create or delete AWS Autoscaling Launch Configurations ec2_metric_alarm - Create/update or delete AWS Cloudwatch ‘metric alarms’ ec2_remote_facts (E) - Gather facts about ec2 instances in AWS ec2_scaling_policy - Create or delete AWS scaling policies for Autoscaling groups ec2_snapshot - creates a snapshot from an existing volume ec2_snapshot_facts (E) - Gather facts about ec2 volume snapshots in AWS ec2_tag - create and remove tag(s) to ec2 resources. ec2_vol - create and attach a volume, return volume id and device map ec2_vol_facts (E) - Gather facts about ec2 volumes in AWS ec2_vpc - configure AWS virtual private clouds ec2_vpc_dhcp_options (E) - Manages DHCP Options, and can ensure the DHCP options for the given VPC ec2_vpc_igw (E) - Manage an AWS VPC Internet gateway
- 10. RUN ANSIBLE COMMAND ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts"
- 11. HOW DOES ANSIBLE WORK?
- 12. WHY ANSIBLE? EASE OF USE NON-DISRUPTIVE CROSS-PLATFORM
- 13. EASE OF USE HUMAN READABLE NO PROGRAMMING EXPERTISE BATTERIES INCLUDED
- 15. CROSS-PLATFORM LINUX, UNIX, WINDOWS PHYSICAL, VIRTUAL, CLOUD, CONTAINER NETWORK DEVICES
- 16. ANSIBLE TOWER
- 17. WHAT IS ANSIBLE TOWER? Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation - with a UI and restful API
- 18. ANSIBLE TOWER FEATURES Role-based access control keeps environments secure and teams efficient Non-privileged users can safely deploy entire applications with push-button deployment access All Ansible automations are centrally logged, ensuring complete auditing and compliance capability
- 19. ANSIBLE TOWER FEATURES Compare and contrast machines over time with system tracking Network and enterprise account integration allows users and teams to managed via SAML, Active Directory, RADIUS and more Configure active/passive high availability through an intuitive wizard
- 21. WINDOWS CAPABILITY WINDOWS MODULES NT LAN MANAGER KERBEROS DELEGATION WIN_REBOOT MANAGE WINDOWS REGISTRY
- 22. WINDOWS MODULES win_acl (E) - Set file/directory permissions for a system user or group. win_acl_inheritance (E) - Change ACL inheritance win_chocolatey (E) - Installs packages using chocolatey win_copy - Copies files to remote locations on windows hosts. win_dotnet_ngen (E) - Runs ngen to recompile DLLs after .NET updates win_environment (E) - Modifies environment variables on windows hosts. win_feature - Installs and uninstalls Windows Features win_file - Creates, touches or removes files or directories. win_file_version (E) - Get DLL or EXE file build version win_firewall_rule (E) - Windows firewall automation win_get_url - Fetches a file from a given URL win_group - Add and remove local groups win_iis_virtualdirectory (E) - Configures a virtual directory in IIS. win_iis_webapplication (E) - Configures a IIS Web application. win_iis_webapppool (E) - Configures a IIS Web Application Pool. win_iis_webbinding (E) - Configures a IIS Web site. win_iis_website (E) - Configures a IIS Web site. win_lineinfile - Ensure a particular line is in a file, or replace an existing line using a back-r win_msi - Installs and uninstalls Windows MSI files win_nssm (E) - NSSM - the Non-Sucking Service Manager win_owner (E) - Set owner win_package (E) - Installs/Uninstalls a installable package, either from local file system or url win_ping - A windows version of the classic ping module. win_reboot - Reboot a windows machine win_regedit (E) - Add, Edit, or Remove Registry Keys and Values win_regmerge (E) - Merges the contents of a registry file into the windows registry win_robocopy (E) - Synchronizes the contents of two directories using Robocopy. win_scheduled_task (E) - Manage scheduled tasks win_service - Manages Windows services win_share (E) - Manage Windows shares win_stat - returns information about a Windows file
- 23. EXAMPLE PLAYBOOK --- # This playbook installs and enables IIS on Windows hosts - name: Install IIS hosts: all gather_facts: false tasks: - name: Install IIS win_feature: name: "Web-Server" state: present restart: yes include_sub_features: yes include_management_tools: yes
- 24. EXAMPLE PLAYBOOK --- # This playbook uses the win_get_url module to download a simple HTML file for IIS - name: Download simple web site hosts: windows gather_facts: false tasks: - name: Download simple web site to 'C:inetpubwwwrootansible.html' win_get_url: url: 'https://raw.githubusercontent.com/thisdavejohnson/mywebapp/master/index.html' dest: 'C:inetpubwwwrootansible.html'