Pages

Thursday, 12 November 2015

IT automation tool- Ansible

Installation


Getting Ansible

You may also wish to follow the GitHub project if you have a GitHub account. This is also where we keep the issue tracker for sharing bugs and feature ideas.

Basics / What Will Be Installed

Ansible by default manages machines over the SSH protocol.
Once Ansible is installed, it will not add a database, and there will be no daemons to start or keep running. You only need to install it on one machine (which could easily be a laptop) and it can manage an entire fleet of remote machines from that central point. When Ansible manages remote machines, it does not leave software installed or running on them, so there’s no real question about how to upgrade Ansible when moving to a new version.

What Version To Pick?

Because it runs so easily from source and does not require any installation of software on remote machines, many users will actually track the development version.
Ansible’s release cycles are usually about two months long. Due to this short release cycle, minor bugs will generally be fixed in the next release versus maintaining backports on the stable branch. Major bugs will still have maintenance releases when needed, though these are infrequent.
If you are wishing to run the latest released version of Ansible and you are running Red Hat Enterprise Linux (TM), CentOS, Fedora, Debian, or Ubuntu, we recommend using the OS package manager.
For other installation options, we recommend installing via “pip”, which is the Python package manager, though other options are also available.
If you wish to track the development release to use and test the latest features, we will share information about running from source. It’s not necessary to install the program to run from source.

Control Machine Requirements

Currently Ansible can be run from any machine with Python 2.6 or 2.7 installed (Windows isn’t supported for the control machine).
This includes Red Hat, Debian, CentOS, OS X, any of the BSDs, and so on.
Note
As of 2.0 ansible uses a few more file handles to manage it’s forks, OS X has a very low setting so if you want to use 15 or more forks you’ll need to raise the ulimit, like so sudo launchctl limit maxfiles 1024 2048. Or just any time you see a “Too many open files” error.

Managed Node Requirements

On the managed nodes, you need a way to communicate, normally ssh. By default this uses sftp, if not available you can switch to scp in ansible.cfg. Also you need Python 2.4 or later, but if you are running less than Python 2.5 on the remotes, you will also need:
  • python-simplejson
Note
Ansible’s “raw” module (for executing commands in a quick and dirty way) and the script module don’t even need that. So technically, you can use Ansible to install python-simplejson using the raw module, which then allows you to use everything else. (That’s jumping ahead though.)
Note
If you have SELinux enabled on remote nodes, you will also want to install libselinux-python on them before using any copy/file/template related functions in Ansible. You can of course still use the yum module in Ansible to install this package on remote systems that do not have it.
Note
Python 3 is a slightly different language than Python 2 and most Python programs (including Ansible) are not switching over yet. However, some Linux distributions (Gentoo, Arch) may not have a Python 2.X interpreter installed by default. On those systems, you should install one, and set the ‘ansible_python_interpreter’ variable in inventory (see Inventory) to point at your 2.X Python. Distributions like Red Hat Enterprise Linux, CentOS, Fedora, and Ubuntu all have a 2.X interpreter installed by default and this does not apply to those distributions. This is also true of nearly all Unix systems.
If you need to bootstrap these remote systems by installing Python 2.X, using the ‘raw’ module will be able to do it remotely. For example, ansible myhost --sudo -m raw -a "yum install -y python2 python-simplejson" would install Python 2.X and the simplejson module needed to run ansible and its modules.

Installing the Control Machine


Running From Source

Ansible is trivially easy to run from a checkout, root permissions are not required to use it and there is no software to actually install for Ansible itself. No daemons or database setup are required. Because of this, many users in our community use the development version of Ansible all of the time, so they can take advantage of new features when they are implemented, and also easily contribute to the project. Because there is nothing to install, following the development version is significantly easier than most open source projects.
Note
If you are intending to use Tower as the Control Machine, do not use a source install. Please use OS package manager (eg. apt/yum) or pip to install a stable version.
To install from source.
$ git clone git://github.com/ansible/ansible.git --recursive
$ cd ./ansible
Using Bash:
$ source ./hacking/env-setup
Using Fish:
$ . ./hacking/env-setup.fish
If you want to suppress spurious warnings/errors, use:
$ source ./hacking/env-setup -q
If you don’t have pip installed in your version of Python, install pip:
$ sudo easy_install pip
Ansible also uses the following Python modules that need to be installed [1]:
$ sudo pip install paramiko PyYAML Jinja2 httplib2 six
Note when updating ansible, be sure to not only update the source tree, but also the “submodules” in git which point at Ansible’s own modules (not the same kind of modules, alas).
$ git pull --rebase
$ git submodule update --init --recursive
Once running the env-setup script you’ll be running from checkout and the default inventory file will be /etc/ansible/hosts. You can optionally specify an inventory file (see Inventory) other than /etc/ansible/hosts:
$ echo "127.0.0.1" > ~/ansible_hosts
$ export ANSIBLE_INVENTORY=~/ansible_hosts
Note
ANSIBLE_INVENTORY is available starting at 1.9 and substitutes the deprecated ANSIBLE_HOSTS
You can read more about the inventory file in later parts of the manual.
Now let’s test things with a ping command:
$ ansible all -m ping --ask-pass
You can also use “sudo make install” if you wish.

Latest Release Via Yum

RPMs are available from yum for EPEL 6, 7, and currently supported Fedora distributions.
Ansible itself can manage earlier operating systems that contain Python 2.4 or higher (so also EL5).
Fedora users can install Ansible directly, though if you are using RHEL or CentOS and have not already done so, configure EPEL
# install the epel-release RPM if needed on CentOS, RHEL, or Scientific Linux
$ sudo yum install ansible
You can also build an RPM yourself. From the root of a checkout or tarball, use the make rpm command to build an RPM you can distribute and install. Make sure you have rpm-buildmake, and python2-devel installed.
$ git clone git://github.com/ansible/ansible.git --recursive
$ cd ./ansible
$ make rpm
$ sudo rpm -Uvh ./rpm-build/ansible-*.noarch.rpm

Latest Releases Via Apt (Ubuntu)

Ubuntu builds are available in a PPA here.
To configure the PPA on your machine and install ansible run these commands:
$ sudo apt-get install software-properties-common
$ sudo apt-add-repository ppa:ansible/ansible
$ sudo apt-get update
$ sudo apt-get install ansible
Note
On older Ubuntu distributions, “software-properties-common” is called “python-software-properties”.
Debian/Ubuntu packages can also be built from the source checkout, run:
$ make deb
You may also wish to run from source to get the latest, which is covered above.

Latest Releases Via Portage (Gentoo)

$ emerge -av app-admin/ansible
To install the newest version, you may need to unmask the ansible package prior to emerging:
$ echo 'app-admin/ansible' >> /etc/portage/package.accept_keywords
Note
If you have Python 3 as a default Python slot on your Gentoo nodes (default setting), then you must set ansible_python_interpreter = /usr/bin/python2 in your group or inventory variables.

Latest Releases Via pkg (FreeBSD)

$ sudo pkg install ansible
You may also wish to install from ports, run:
$ sudo make -C /usr/ports/sysutils/ansible install

Latest Releases on Mac OSX

The preferred way to install ansible on a Mac is via pip.
The instructions can be found in Latest Releases Via Pip section.

Latest Releases Via OpenCSW (Solaris)

Ansible is available for Solaris as SysV package from OpenCSW.
# pkgadd -d http://get.opencsw.org/now
# /opt/csw/bin/pkgutil -i ansible

Latest Releases Via Pacman (Arch Linux)

Ansible is available in the Community repository:
$ pacman -S ansible
The AUR has a PKGBUILD for pulling directly from Github called ansible-git.
Also see the Ansible page on the ArchWiki.
Note
If you have Python 3 as a default Python slot on your Arch nodes (default setting), then you must set ansible_python_interpreter = /usr/bin/python2 in your group or inventory variables.

Latest Releases Via Pip

Ansible can be installed via “pip”, the Python package manager. If ‘pip’ isn’t already available in your version of Python, you can get pip by:
$ sudo easy_install pip
Then install Ansible with [1]:
$ sudo pip install ansible
If you are installing on OS X Mavericks, you may encounter some noise from your compiler. A workaround is to do the following:
$ sudo CFLAGS=-Qunused-arguments CPPFLAGS=-Qunused-arguments pip install ansible
Readers that use virtualenv can also install Ansible under virtualenv, though we’d recommend to not worry about it and just install Ansible globally. Do not use easy_install to install ansible directly.

Tarballs of Tagged Releases

Packaging Ansible or wanting to build a local package yourself, but don’t want to do a git checkout? Tarballs of releases are available on the Ansible downloads page.
These releases are also tagged in the git repository with the release version.
See also
Introduction To Ad-Hoc Commands
Examples of basic commands
Playbooks
Learning ansible’s configuration management language
Mailing List
Questions? Help? Ideas? Stop by the list on Google Groups
irc.freenode.net
#ansible IRC chat channel
[1](12) If you have issues with the “pycrypto” package install on Mac OSX, which is included as a dependency for paramiko, then you may need to try “CC=clang sudo -E pip install pycrypto”.

from http://docs.ansible.com/ansible/intro_installation.html
-------------

About Ansible

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
Ansible’s main goals are simplicity and ease-of-use. It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with an accelerated socket mode and pull modes as alternatives), and a language that is designed around auditability by humans–even those not familiar with the program.
We believe simplicity is relevant to all sizes of environments, so we design for busy users of all types: developers, sysadmins, release engineers, IT managers, and everyone in between. Ansible is appropriate for managing all environments, from small setups with a handful of instances to enterprise environments with many thousands of instances.
Ansible manages machines in an agent-less manner. There is never a question of how to upgrade remote daemons or the problem of not being able to manage systems because daemons are uninstalled. Because OpenSSH is one of the most peer-reviewed open source components, security exposure is greatly reduced. Ansible is decentralized–it relies on your existing OS credentials to control access to remote machines. If needed, Ansible can easily connect with Kerberos, LDAP, and other centralized authentication management systems.
This documentation covers the current released version of Ansible (1.9.1) and also some development version features (2.0). For recent features, we note in each section the version of Ansible where the feature was added.
Ansible, Inc. releases a new major release of Ansible approximately every two months. The core application evolves somewhat conservatively, valuing simplicity in language design and setup. However, the community around new modules and plugins being developed and contributed moves very quickly, typically adding 20 or so new modules in each release.
from http://docs.ansible.com/ansible/index.html
------------------------------
https://www.ansible.com/blog
------------------------------

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems. 

Ansible

Ansible is a radically simple IT automation system. It handles configuration-management, application deployment, cloud provisioning, ad-hoc task-execution, and multinode orchestration - including trivializing things like zero downtime rolling updates with load balancers.
Read the documentation and more at http://ansible.com/
Many users run straight from the development branch (it's generally fine to do so), but you might also wish to consume a release. 
You can find instructions here for a variety of platforms. If you decide to go with the development branch, be sure to run git submodule update --init --recursive after doing a checkout. 
If you want to download a tarball of a release, go to releases.ansible.com, though most users use yum (using the EPEL instructions linked above), apt (using the PPA instructions linked above), or pip install ansible.

Design Principles

  • Have a dead simple setup process and a minimal learning curve
  • Manage machines very quickly and in parallel
  • Avoid custom-agents and additional open ports, be agentless by leveraging the existing SSH daemon
  • Describe infrastructure in a language that is both machine and human friendly
  • Focus on security and easy auditability/review/rewriting of content
  • Manage new remote machines instantly, without bootstrapping any software
  • Allow module development in any dynamic language, not just Python
  • Be usable as non-root
  • Be the easiest IT automation system to use, ever.

Get Involved

  • Read Community Information for all kinds of ways to contribute to and interact with the project, including mailing list information and how to submit bug reports and code to Ansible.
  • All code submissions are done through pull requests. Take care to make sure no merge commits are in the submission, and use git rebase vs git merge for this reason. If submitting a large code change (other than modules), it's probably a good idea to join ansible-devel and talk about what you would like to do or add first and to avoid duplicate efforts. This not only helps everyone know what's going on, it also helps save time and effort if we decide some changes are needed.
  • Users list: ansible-project
  • Development list: ansible-devel
  • Announcement list: ansible-announce - read only
  • irc.freenode.net: #ansible

Branch Info

  • Releases are named after Led Zeppelin songs. (Releases prior to 2.0 were named after Van Halen songs.)
  • The devel branch corresponds to the release actively under development.
  • As of 1.8, modules are kept in different repos, you'll want to follow core and extras
  • Various release-X.Y branches exist for previous releases.
  • We'd love to have your contributions, read Community Information for notes on how to get started.
from https://github.com/ansible/ansible
----------------------------------------------------

Ansible Resources

User contributed playbooks, modules, and articles. This is a small curated list, but growing. Everyone is encouraged to add to this document, submit a pull request at http://github.com/ansible/ansible-resources.

Ansible Modules

Ansible modules are a way of adding new client-side logic to ansible. They can be written in any language.
Python modules using 0.6 and later can use the common "AnsibleModule" class to dramatically reduce the amount of boilerplate code required. Not all modules above yet take advantage of this feature. See the official documentation for more details.

Selected Playbooks

Playbooks are ansible's configuration management language. It should be easy to write your own from scratch for most applications, but it's always helpful to look at what others have done for reference.

Scripts

Ansible isn't just a program, it's also an API. Here's some examples of some clever integrations with the "Runner" and also Playbook APIs, and integrations with other interesting pieces of software.

Blogs & Articles

Disclaimer

Modules and playbooks here may not be using the latest in Ansible features. When in doubt to the features of a particular version of Ansbile, always consult ansible.github.com and in particular see Best Practices for some tips and tricks that may be useful.
from https://github.com/lorin/ansible-resources