New level of automation with Ansible – RHD Blog

https://developers.redhat.com/blog/2017/06/07/new-level-of-automation-with-ansible/?sc_cid=7016000000127ECAAY

Ansible is a simple agent-less automation tool that has changed the world for the better. It has many use cases and wide adoption.
This article is going to demonstrate Ansible. The intention of this article is not to teach you the basics of Ansible, but to motivate you to learn it.

Shell has been the comfort zone of every single Linux sysadmin. This article claims that Ansible should become part of the comfort zone for automation beyond shell scripting. A claim I can agree to – I just started learning Ansible and I see place for it. 

36 Comments

  1. Tomi Engdahl says:

    How to install Ansible on your favorite Linux distribution
    http://linuxbsdos.com/2017/01/27/how-to-install-ansible-on-your-favorite-linux-distribution/

    Ansible is an open source, SSH-based configuration management, automation and deployment tool from Red Hat (via acquisition). It’s in the same market as Chef and Salt, but because it relies on SSH, something that’s already installed on your servers, it’s the easiest tool to use for managing and working on remote servers.

    This post shows how to install it on your favorite Linux distribution.

    Reply
  2. Tomi Engdahl says:

    Installation
    http://docs.ansible.com/ansible/intro_installation.html

    Ansible by default manages machines over the SSH protocol.

    Once Ansible is installed, it will not add a database, and there will be no daemons to start or keep running. You only need to install it on one machine (which could easily be a laptop) and it can manage an entire fleet of remote machines from that central point. When Ansible manages remote machines, it does not leave software installed or running on them, so there’s no real question about how to upgrade Ansible when moving to a new version.

    Reply
  3. Tomi Engdahl says:

    Kalify
    Automate your Penetration Testing toolchain.
    https://github.com/mattimustang/kalify

    Reply
  4. Tomi Engdahl says:

    ANSIBLE – Need Orchestration 6
    https://www.youtube.com/watch?v=IXsHxrshhYQ

    Ansible is a very powerful open source automation language. What makes it unique from other management tools, is that it is also a deployment and orchestration tool.

    Reply
  5. Tomi Engdahl says:

    Installation and Configuration of Ansible Automation Tool for IT Management
    https://www.linuxhelp.com/installationconfiguration-of-ansible-automation-tool/

    It manages nodes over SSH or over PowerShell. Modules that are working over JSON and standard output can be programmed in any language. In Ansible the playbooks deploys, orchests and configures. Its format is YAML. It maps a group of hosts to a set of roles. This tutorial will teach you, how to install Ansible on RHEL/CentOS, Fedora, Ubuntu and Debian systems.

    Reply
  6. Tomi Engdahl says:

    How to use Ansible to manage PostgreSQL
    https://opensource.com/article/17/6/ansible-postgresql-operations?sc_cid=7016000000127ECAAY

    Ansible, an open source automation tool, can make complex configuration and management tasks in Postgres simple.

    Reply
  7. Tomi Engdahl says:

    LinchPin: A simplified cloud orchestration tool using Ansible
    https://opensource.com/article/17/6/linchpin

    Launched in late 2016, LinchPin now has a Python API and a growing community.

    LinchPin, a hybrid cloud orchestration tool using Ansible. Provisioning cloud resources has never been easier or faster. With the power of Ansible behind LinchPin, and a focus on simplicity, many cloud resources are available at users’ fingertips. In this article, I’ll introduce LinchPin and look at how the project has matured in the past 10 months.

    Reply
  8. Tomi Engdahl says:

    GETTING STARTED: WRITING YOUR FIRST PLAYBOOK
    https://www.ansible.com/blog/getting-started-writing-your-first-playbook?sc_cid=7016000000127ECAAY

    Welcome to another post in our Getting Started series. Keep reading to learn how to draft a Playbook that can be run in Ansible or Ansible Tower. You can also use it along with the Module Index and the other docs to build your own Playbooks later.

    What is a Playbook?

    Playbooks are esentially sets of instructions (plays) that you send to run on a single target or groups of targets (hosts). Think about the instructions you get for assembling an appliance or furniture. The manufacturer includes instructions so you can put the parts together in the correct order. When followed in order, the furniture looks like what was purchased.

    That’s basically how a Playbook works.

    Reply
  9. Tomi Engdahl says:

    Using Ansible for deploying serverless applications
    https://opensource.com/article/17/8/ansible-serverless-applications

    Serverless is another step in the direction of managed services and plays nice with Ansible’s agentless architecture.

    Ansible is designed as the simplest deployment tool that actually works. What that means is that it’s not a full programming language. You write YAML templates that define tasks and list whatever tasks you need to automate your job.

    Most people think of Ansible as a souped-up version of “SSH in a ‘for’ loop,” and that’s true for simple use cases. But really Ansible is about tasks, not about SSH. For a lot of use cases, we connect via SSH but also support things like Windows Remote Management (WinRM) for Windows machines, different protocols for network devices, and the HTTPS APIs that are the lingua franca of cloud services.

    In a cloud, Ansible can operate on two separate layers: the control plane and the on-instance resources. The control plane consists of everything not running on the OS. This includes setting up networks, spawning instances, provisioning higher-level services like Amazon’s S3 or DynamoDB, and everything else you need to keep your cloud infrastructure secure and serving customers.

    On-instance work is what you already know Ansible for: starting and stopping services, templating config files, installing packages, and everything else OS-related that you can do over SSH.

    Reply
  10. Tomi Engdahl says:

    Using Ansible for deploying serverless applications
    https://opensource.com/article/17/8/ansible-serverless-applications?sc_cid=7016000000127ECAAY

    Serverless is another step in the direction of managed services and plays nice with Ansible’s agentless architecture.

    Ansible is designed as the simplest deployment tool that actually works. What that means is that it’s not a full programming language. You write YAML templates that define tasks and list whatever tasks you need to automate your job.

    Most people think of Ansible as a souped-up version of “SSH in a ‘for’ loop,” and that’s true for simple use cases. But really Ansible is about tasks, not about SSH. For a lot of use cases, we connect via SSH but also support things like Windows Remote Management (WinRM) for Windows machines, different protocols for network devices, and the HTTPS APIs that are the lingua franca of cloud services.

    Reply
  11. Tomi Engdahl says:

    Using Ansible to modernize telcos’ infrastructure through automation.
    http://verticalindustriesblog.redhat.com/using-ansible-to-modernize-telcos-infrastructure-through-automation/?sc_cid=7016000000127ECAAY

    As telecommunications companies continue to modernize their networks and IT systems, they have to navigate the challenges that come with legacy systems, including legacy virtualized network functions (VNFs) that rely on local filesystem storage, single server implementations on which all the services run, and manually-intensive installations and upgrades. What telcos need are tools like Ansible, a general-purpose, open-source automation engine that automates software provisioning, configuration management, and application deployment.

    Earlier this month, at AnsibleFest 2017 in San Francisco, Red Hat added new products and updated existing ones that expand its automation portfolio. It added the ability to automate network management and updated Ansible Tower, which enables the automation of IT functions at enterprise scale, so it can now be used to automate the management of Arista, Cisco and Juniper networking software as well as instances of Open vSwitch and VyOS. Red Hat acquired the company behind Ansible in 2015, and today the technology is one of the world’s most popular open source IT automation technologies

    Reply
  12. Tomi Engdahl says:

    Getting Red Hat Insights playbooks into your Ansible Tower
    https://www.redhat.com/en/blog/getting-red-hat-insights-playbooks-your-ansible-tower?sc_cid=7016000000127ECAAY

    Red Hat Insights is a powerful tool in administration automation.
    “a Software as a Service (SaaS) offering that helps you proactively identify and resolve technical risks in your IT infrastructure before they negatively impact your whole environment.

    If you have Red Hat Ansible Tower you can configure your Red Hat Insights credential and add a project, as explained in Ansible Tower documentation

    You can integrate this with your Red Hat Insights in CloudForms by enabling embedded Red Hat Ansible in CloudForms.

    Reply
  13. Tomi Engdahl says:

    Ansible: the Automation Framework That Thinks Like a Sysadmin
    http://www.linuxjournal.com/content/ansible-automation-framework-thinks-sysadmin

    I’ve written about and trained folks on various DevOps tools through the years, and although they’re awesome, it’s obvious that most of them are designed from the mind of a developer. There’s nothing wrong with that, because approaching configuration management programmatically is the whole point. Still, it wasn’t until I started playing with Ansible that I felt like it was something a sysadmin quickly would appreciate.

    Part of that appreciation comes from the way Ansible communicates with its client computers—namely, via SSH. As sysadmins, you’re all very familiar with connecting to computers via SSH, so right from the word “go”, you have a better understanding of Ansible than the other alternatives.

    Getting to the Starting Line

    The reason Ansible was so difficult for me at first is because it’s so flexible with how to configure the server/client relationship, I didn’t know what I was supposed to do. The truth is that Ansible doesn’t really care how you set up the SSH system; it will utilize whatever configuration you have. There are just a couple things to consider:

    1. Ansible needs to connect to the client computer via SSH.

    2. Once connected, Ansible needs to elevate privilege so it can configure the system, install packages and so on.

    Unfortunately, those two considerations really open a can of worms. Connecting to a remote computer and elevating privilege is a scary thing to allow. For some reason, it feels less vulnerable when you simply install an agent on the remote computer and let Chef or Puppet handle privilege escalation. It’s not that Ansible is any less secure, but rather, it puts the security decisions in your hands.

    Reply
  14. Tomi Engdahl says:

    IT automation best practices: 7 keys to long-term success
    https://enterprisersproject.com/article/2018/1/it-automation-best-practices-7-keys-long-term-success?sc_cid=7016000000127ECAAY

    These automation best practices – on teamwork, tools, and more – will help you automate wisely

    Reply
  15. Tomi Engdahl says:

    Getting started with automation: 6 tips
    https://enterprisersproject.com/article/2018/1/getting-started-automation-6-tips?sc_cid=7016000000127ECAAY

    Taking the first steps from manual IT processes to automation? Use these tactics to beat the challenges

    Reply
  16. Tomi Engdahl says:

    Ansible: the Automation Framework That Thinks Like a Sysadmin
    http://www.linuxjournal.com/content/ansible-automation-framework-thinks-sysadmin

    I’ve written about and trained folks on various DevOps tools through the years, and although they’re awesome, it’s obvious that most of them are designed from the mind of a developer. There’s nothing wrong with that, because approaching configuration management programmatically is the whole point. Still, it wasn’t until I started playing with Ansible that I felt like it was something a sysadmin quickly would appreciate.

    Part of that appreciation comes from the way Ansible communicates with its client computers—namely, via SSH. As sysadmins, you’re all very familiar with connecting to computers via SSH, so right from the word “go”, you have a better understanding of Ansible than the other alternatives.

    Ansible: Making Things Happen
    http://www.linuxjournal.com/content/ansible-making-things-happen

    Finally, an automation framework that thinks like a sysadmin. Ansible, you’re hired.

    Ansible is a push-based automation tool, so the connection is initiated from your “server”, which is usually just a workstation or a server you ssh in to from your workstation.

    Ansible is supposed to make your job easier, so the first thing you need to learn is how to do familiar tasks. For most sysadmins, that means some simple command-line work. Ansible has a few quirks when it comes to command-line utilities, but it’s worth learning the nuances, because it makes for a powerful system.

    Command Module

    This is the safest module to execute remote commands on the client machine. As with most Ansible modules, it requires Python to be installed on the client, but that’s it. When Ansible executes commands using the Command Module, it does not process those commands through the user’s shell. This means some variables like $HOME are not available. It also means stream functions (redirects, pipes) don’t work. If you don’t need to redirect output or to reference the user’s home directory as a shell variable, the Command Module is what you want to use.

    Shell Module

    There’s nothing wrong with using the Shell Module to execute remote commands. It’s just important to know that since it uses the remote user’s environment, if there’s something goofy with the user’s account, it might cause problems that the Command Module avoids. If you use the Shell Module, however, you’re able to use redirects and pipes.

    My personal policy is to use the Command Module whenever possible and to use the Shell Module if needed.

    The Raw Module

    Functionally, the Raw Module works like the Shell Module. The key difference is that Ansible doesn’t do any error checking, and STDERR, STDOUT and Return Code is returned. Other than that, Ansible has no idea what happens, because it just executes the command over SSH directly.

    Why would a person decide to use the Raw Module? It doesn’t require Python on the remote computer—at all. Although it’s true that most servers have Python installed by default, or easily could have it installed, many embedded devices don’t and can’t have Python installed. For most configuration management tools, not having an agent program installed means the remote device can’t be managed. With Ansible, if all you have is SSH, you still can execute remote commands using the Raw Module.

    Copy Module

    Although it’s certainly possible to do file and folder manipulation with the Command and Shell Modules, Ansible includes a module specifically for copying files to the server. Even though it requires learning a new syntax for copying files, I like to use it because Ansible will check to see whether a file exists, and whether it’s the same file. That means it copies the file only if it needs to, saving time and bandwidth. It even will make backups of existing files! I can’t tell you how many times I’ve used scp and sshpass in a Bash FOR loop and dumped files on servers, even if they didn’t need them. Ansible makes it easy and doesn’t require FOR loops and IP iterations.

    File Module

    The File Module has a lot in common with the Copy Module, but if you try to use the File Module to copy a file, it doesn’t work as expected. The File Module does all its actions on the remote machine

    File Management

    Anyone who manages multiple distributions knows it can be tricky to handle the various package managers. Ansible handles this in a couple ways. There are specific modules for apt and yum, but there’s also a generic module called “package” that will install on the remote computer regardless of whether it’s Red Hat- or Debian/Ubuntu-based.

    Unfortunately, while Ansible usually can detect the type of package manager it needs to use, it doesn’t have a way to fix packages with different names. One prime example is Apache. On Red Hat-based systems, the package is “httpd”, but on Debian/Ubuntu systems, it’s “apache2″. That means some more complex things need to happen in order to install the correct package automatically. The individual modules, however, are very easy to use.

    Just the Facts, Ma’am

    One frustrating thing about using Ansible in ad-hoc mode is that you don’t have access to the “facts” about the remote systems.

    Reply
  17. Tomi Engdahl says:

    Tips for success when getting started with Ansible
    https://opensource.com/article/18/2/tips-success-when-getting-started-ansible?sc_cid=7016000000127ECAAY

    Key information for automating your data center with Ansible.

    Reply
  18. Tomi Engdahl says:

    Building a Linux-based HPC system on the Raspberry Pi with Ansible
    https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc?sc_cid=7016000000127ECAAY

    Create a high-performance computing cluster with low-cost hardware and open source software.

    My master node is running CentOS on x86_64 and my compute nodes are running a slightly modified CentOS on aarch64.

    To set up my system like an HPC system, I followed some of the steps from OpenHPC’s Cluster Building Recipes install guide for CentOS 7.4/aarch64 + Warewulf + Slurm

    Once my cluster was set up by the Ansible playbooks, I could start to submit jobs to my resource manager. The resource manager, Slurm in my case, is the instance in the cluster that decides where and when my jobs are executed.

    Reply
  19. Tomi Engdahl says:

    Another system management tool:

    How to get started with the Foreman sysadmin tool
    https://opensource.com/article/17/8/system-management-foreman?sc_cid=7016000000127ECAAY

    Foreman offers a powerful set of system management tools, from process automation to security compliance and more. Here’s how to get started.

    https://theforeman.org

    What is Foreman?
    Foreman is an open source project that helps system administrators manage servers throughout their lifecycle, from provisioning and configuration to orchestration and monitoring. Using Puppet, Chef, Salt, Ansible and Foreman’s smart proxy architecture, you can easily automate repetitive tasks, quickly deploy applications, and proactively manage change, both on-premise with VMs and bare-metal or in the cloud.

    Foreman provides comprehensive, interaction facilities including a web frontend, CLI and RESTful API which enables you to build higher level business logic on top of a solid foundation.

    Reply
  20. Tomi Engdahl says:

    Save time with Ansible without writing a line of code
    https://opensource.com/article/17/10/save-time-ansible-without-writing-line-code?sc_cid=7016000000127ECAAY

    Learning Ansible? Don’t be too quick to download a playbook. Its ad hoc mode may be all you need.

    When most people start learning about Ansible, they begin by downloading a pre-baked playbook from Ansible Galaxy. Admittedly, it’s a wonderful resource for accomplishing elaborate tasks with minimal effort.

    for day-to-day operations on multiple servers, I find myself using Ansible constantly. The ad hoc mode is often overshadowed by playbooks and roles, but it is a powerful tool that can be fully implemented in minutes

    Reply
  21. Tomi Engdahl says:

    Automating Instance Provisioning with CloudForms and Ansible Tower (Video)
    https://cloudformsblog.redhat.com/2018/02/13/automating-instance-provisioning-with-cloudforms-and-ansible-tower-video/?sc_cid=7016000000127ECAAY

    This video demonstrates how you can take manual tasks and processes and turn them into automation workflows. In this video we utilize Red Hat CloudForms and Ansible Tower to provide an underlying automation and orchestration framework to deliver automation to your IT organization.

    The demonstration shows how a user can order a service and have automation provision and deliver the resources while tracking the elements in a ticketing system (ServiceNow).

    Reply
  22. Tomi Engdahl says:

    Ansible for Network Automation Tutorial
    https://www.networkcomputing.com/networking/ansible-network-automation-tutorial/1361419969

    In this excerpt from “Practical Network Automation,” learn how to get started with Ansible for networking.

    Ansible’s primary purpose is to configure three main type of tasks:

    Configuration management: This is used to fetch and push configs on various devices that we call as inventory in Ansible. Based upon the type of inventory, Ansible is capable of pushing in bulk specific or full configs.
    Application deployment: In server scenarios, many a time we need to bulk deploy some specific applications or patches. Ansible takes care of that as well as bulk uploading patches or applications on the server, installing on them, and even configuring the applications of a particular task. Ansible can also take care of customizing settings based upon the devices in the inventory.
    Task automation: This is a feature of Ansible that performs a certain written task on a single device or a group of devices. The tasks can be written and Ansible can be configured to run those tasks once or on a periodic basis.

    Reply
  23. Tomi Engdahl says:

    Using Ansible to Modernize and Automate Workflows
    https://servicesblog.redhat.com/2018/02/14/using-ansible-to-modernize-and-automate-workflows/?sc_cid=7016000000127ECAAY

    Let’s talk about Ansible for a minute because besides all the hype these days, it’s actually pretty cool and can save you a lot of time and effort.

    identify four hallmark themes of what makes an Automation engine:

    A true automation engine gets rid of all the time between the traditionally manual process of switching between operating environments; thus, increasing speed.
    A true automation engine possesses a “write once and forget” capability which works to increase efficiency.
    A true automation engine focuses on increasing productivity by focusing on business improvement rather than infrastructure.
    Lastly, a true true automation engine abstracts code/commands away from the end user to improve accuracy.

    #DevOps
    So why is automation so hot right now? It plays pretty big into that famous buzzword called DevOps. Just like you, I hate buzzwords.

    As Albert Einstein said, “If you can’t explain it simply, you don’t understand it well enough.”

    Ansible
    And now, the moment you’ve all been waiting for (maybe…). It’s time to finally start talking about Ansible! Let’s talk about it at a high level to set the table for some use cases.

    Use Cases for Ansible
    So let’s say you’re a company with repetitive manual reboots of multiple servers (a hundred or so on a weekly basis), you’re probably aware that this causes a time suck,waiting until each server has no active user sessions. On top of that, every time your servers reboot, you’ve got to log on to the thing all over again, and you could probably be spending your time doing better things than that (maybe not, who knows…). You could also be forgetting certain servers, in which case you’ll likely extend this long and tedious process to other days. How does doing the same thing for about eight hours per day sound? Yeah, it’s not my idea of fun either.

    The good news is that you can use Ansible to help remedy your job-time sufferings

    Enforcing security standards is easier using Ansible, too. Let’s say your company has hundreds of virtual machines that need to be updated to be compliant with certain standards. Playbooks can be run on a schedule, and you can write these rules once (we may even have some of those rules in a ready-made playbook!) and apply them to as many of your environments as you’d like.

    Reply
  24. Tomi Engdahl says:

    Using Ansible for deploying serverless applications
    https://opensource.com/article/17/8/ansible-serverless-applications?sc_cid=7016000000127ECAAY

    Serverless is another step in the direction of managed services and plays nice with Ansible’s agentless architecture.

    Reply
  25. Tomi Engdahl says:

    Using Vagrant and Ansible to deploy virtual machines for web development
    https://opensource.com/business/16/2/vagrant-ansible-virtual-machines-web-development?sc_cid=7016000000127ECAAY

    Vagrant and Ansible are tools to efficiently provision virtual machines, also called VMs, or in Vagrant terms, the word “boxes” is often used. We begin with a short discussion of why a web developer would invest the time to use these tools, then cover the required software, an overview of how Vagrant works with virtual machine providers, and the use of Ansible to provision a virtual machine.

    Reply
  26. Tomi Engdahl says:

    How to use Ansible to set up system monitoring with Prometheus
    https://opensource.com/article/18/3/how-use-ansible-set-system-monitoring-prometheus?sc_cid=7016000000127ECAAY

    In the third part of this Ansible how-to series, learn how to automate system monitoring.

    Reply
  27. Tomi Engdahl says:

    VMware Provisioning Example using Ansible (Video)
    https://cloudformsblog.redhat.com/2017/11/21/vmware-provisioning-example-using-ansible/?sc_cid=7016000000127ECAAY

    In this video demonstration, we:

    Create a new Service using an Ansible Playbook
    Define variables to be passed to the playbook
    Create a Service Dialog automatically based on the passed variables
    Customize the generated Service Dialog
    Track progress of the Service provisioning

    Reply
  28. Tomi Engdahl says:

    How to use Ansible to patch systems and install applications
    https://opensource.com/article/18/3/ansible-patch-systems?sc_cid=7016000000127ECAAY

    Save time doing updates with the Ansible IT automation engine.

    Reply
  29. Tomi Engdahl says:

    How to Build an Intelligent IoT Gateway in 7 Easy Steps
    https://developers.redhat.com/blog/2016/11/02/how-to-build-an-intelligent-iot-gateway-in-a-few-easy-steps/?sc_cid=7016000000127ECAAY

    , you’ll learn how to build an intelligent IoT gateway in a few simple steps – you can find the code at GitHub.

    To automate the gateway provisioning, we’ll using Ansible by Red Hat. Why? Because it is the simplest and best tool out there for this job. Besides, it can also be used for configuration management and application deployment. Once you’re ready to provision and deploy thousands of gateways in a production environment, you can use this same Ansible tool. This is how IT departments provision the systems securely across the network.

    The main components of the gateway are:

    Red Hat Enterprise Linux: Provides enterprise-class foundation
    Red Hat JBoss A-MQ: Arbitrates sensor data
    Red Hat JBoss Fuse: Transforms sensor data and routes it to end points
    Red Hat JBoss BRMS: Enables real-time decision making at the edge

    Once the gateway is provisioned, we’ll put it into action by starting Red Hat JBoss Fuse and building and deploying the routing and business rules services. We’ll then start a sensor application that sends temperature data using MQTT to the Red Hat JBoss A-MQ broker. These messages will be forwarded to the services that we started earlier.

    Reply
  30. Tomi Engdahl says:

    Manage your workstation with Ansible: Automating configuration
    https://opensource.com/article/18/3/manage-your-workstation-configuration-ansible-part-2?sc_cid=7016000000127ECAAY

    Learn how to make Ansible automatically apply configuration changes to a fleet of laptops and desktops.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*