Writing your First Ansible Playbook
0 likes102 views
This document provides an overview of writing Ansible playbooks. It discusses the challenges of managing server configurations before configuration management tools and how Ansible addresses these challenges. It covers Ansible concepts like inventory files, tasks, modules, and playbooks. It also discusses security best practices when using Ansible like using key-based authentication instead of passwords and Ansible Vault for secrets.
Writing your First Ansible Playbook
- 1. Writing your First Ansible Playbook By Sana Khan
- 2. About me ➔ Infrastructure Engineer/ SysAdmin ➔ Former Software Developer ➔ GNOME Outreach Intern (2016) - OpenStack ➔ RGSoC Intern (2014)
- 3. Agenda ➔ Challenges in managing server configurations before Configuration Management tools. ➔ Benefits of Configuration Management tool. ➔ Where does Ansible fit in the suite of IaaC tools? ➔ What are the features of IaaC tools? ➔ Why learn Ansible? ➔ Understanding an Ansible Setup. ➔ Basics concepts of Ansible. ➔ Writing your own Playbook. ➔ Security Best Practices.
- 4. Before Configuration Management Tools Setup a Webserver (nginx) & an application stack (php) ➔ Step-1: Login to the server ➔ Step-2: Install the nginx package ➔ Step-3: Configure nginx configuration ➔ Step-4: Ensure required users, groups are present ➔ Step-5: Ensure correct permissions, user roles are assigned to conf files. ➔ Step-6: Install php packages ➔ Step-7: Configure the application ➔ Step-8: Configure web server to redirect to application
- 5. Before Configuration Management Tools -2 ➔ Doable ➔ Couple of servers ➔ The only form of automation available: Bash Scripts ➔ Inconsistent environments Problem: Large groups of servers that need to be managed in a flexible way.
- 6. Configuration Management Tools - Today Goal: Install, manage software and configuration at scale with ease. ➔ Helps automate Infrastructure ➔ Centralized management ➔ Helps manage Infrastructure at large scale ➔ Consistent environments
- 7. Where does Ansible fit in suite of IaaC Tools?
- 8. What are the features of IaaC Tools? ➔ Declarative Syntax (describes the state of the infrastructure) ➔ Code form (revision control) ➔ Idempotence ( current state == desired state )? -> take actions accordingly.
- 9. Why Ansible? ➔ Learning curve is less, easy to pick it up. ➔ Agentless, only requires Python to be installed on the managed servers. ➔ Modules are written in Python, easily accessible. ➔ Modules that integrate with Cloud Providers like AWS, OpenStack. ➔ Modules for Docker, Ovirt, etc. ➔ Modules for network devices, windows, etc.
- 10. Ansible Setup Prerequisites: ➔ Python needs to be installed ➔ Sudo user ➔ SSH access
- 11. Ansible Concepts ➔ Inventory file ➔ Syntax of a YAML file ➔ Tasks ➔ Modules ➔ Ad-Hoc Commands ➔ Playbooks ➔ Roles (Ready to use playbooks - Ansible Galaxy)
- 12. YAML Basics ➔ All YAML files begin with --- ➔ At basic level YAML file consists of lists and dictionaries. ➔ YAML file starts with a list.
- 13. YAML Basics -- contd Source: YAML Syntax
- 14. Demo ➔ Ansible | jonatanblue ➔ https://github.com/sanakhanlibre/Ansible101
- 15. Security Best Practices ➔ Control Node needs to be secure/hardened. ➔ Don’t use passwords, use Key based Authentication. ➔ Use Ansible Vault for secrets. ➔ Don’t expose sensitive data in Ansible Output. ➔ Verify before using Roles from Ansible Galaxy.
- 16. Thank You.