Introduction
Ansible is an IT automation tool, which helps in cloud provisioning, configuration management and application deployment.
Developers designed Ansible with multi-tier systems in mind, trying to realize a tool simple, easy to use and with security features provided by OpenSSL and OpenSSH.
It models a multi-node infrastructure in terms of inter-relation between the various components, not just managing one system at a time.
Ansible connects to the infrastructure’s nodes, pushing out “Ansible Modules”, executing them and removing everything when finished. All this work is done through SSH by default, but you can choose Kerberos, if you want.
Installation
Ansible can be installed from source, since his source code is available on GitHub, but it’s also already built in .deb or .rpm.
RPMs are available from yum for EPEL 6, 7, and currently supported Fedora distributions.
If you use Ubuntu, there’s a PPA for it.
$ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt-get update
$ sudo apt-get install ansible
Users can install Ansible also using pip, the Python package manager:
Getting started
Ansible, when speaking with remote machines, assumes by default you are using SSH keys. Though this is the encouraged way, there is also the possibility to use password authentication; if so, users must just pass the
option.
As stated in Ansible documentation, when using this tool in a “cloud”, it’s better to run it on a machine on that cloud; of course, this is just common sense, but technically you can run it also through the Internet.
First commands
On the machine you use for managing the system, edit the
file, putting in it a list of remote systems you must “control”. In those systems, you have to put your public SSH key, of course.
is an inventory file. It has a INI-like syntax, just like this:
[mywebservers]
foo.example.com
bar.example.com
[dbservers]
one.example.com
two.example.com
three.example.com
four.example.com
You can specify a different path for your inventory, or split it in more files. Do whatever you like!
Connect to your nodes
If you configured everything, it’s time to connect!
Just as an example, you can ping to all nodes with a simple:
You can also override the default remote user with the
option, or access in sudo mode with the
flag. It’s all in your hand (and your mind, of course). Now your machine should be connected with all the nodes of the infrastructure, so you can interact with them. Syntax for doing this is:
.
For instance:
.
Conclusions
Ansible is a modern tool which can can change the way in which many sysadmins manage an enterprise, distributed, system. It has a lot of features, and in the next weeks we will go more in depth in analyze them. In this short overview we showed how easy can be to set up the environment and execute a command on remote machines, but this is just a little part of what users can accomplish with this software.