Ansible Intro

What is an ansible?
It is an IT automation, configuration management and provisioning tool.
It uses 'playbook' to deploy, manage, built, test and configure anything from full server environments to websites to custom compiled source code for applications.

Ansible operates only with ssh. It uses the push method, requiring no client installation or configuration on client side. (Need to install python on client machine).
- Ansible uses pure in order execution, which can be easy to read as well as convert from other language or scripts.
- Ansible is built upon python and the huge standard of inclusive functionality that comes with it.
- It is based on YAML standard.



It brings together aspect of environment management that has been traditionally separate and managed independently.

So, ansible is
a. Change Management
b. Automation
c. Provisioning
d. Orchestration


a. Change Management
- Define a system state
  - Enforce the system State

System State
- Apache web server Installed
- Apache Web at version x.x.xx
- Web server started

Idempotence
- A function is idempotent if repeated applications has the same affect as a single application

b. Automation
- Define tasks to be executed automatically
  - Ordered tasks
  - Make decisions
  - Ad-hoc tasks

- Set it and forget
  - Run the task
  - Get a cup of coffee
  - Walk back to desk seeing tasks finished
  - Sip your coffee and feel productive

c. Provisioning
- Prepare a system to make it ready
  - Trasition from one state to a different state
for eg,
 - Make an ftp server
 - Make an email server
 - Make a DB server

Basic OS --------------------> Web Server

1. install web software
2. Copy configurations
3. Copy web files
4. Install security updates
5. Start web service

d. Orchestration
- Coordinates automation between systems
Task1 - System1
Task2 - System2
Task3 - System3
Task4 - System1

What ansible makes it so different?
- Its clean ..
- No agents
- No database
- No residual software
- No Complex upgrades


YAML
Ansible execution
- No programming required
- Not a markup language
- Structured
- Easy to read and write

Built-in Security
- Uses ssh
- Root/sudo usage
- Encripted vault
- No PKI needed.


What are ofther similar tools
There are so many great tools available with different use case. Some of them are:

- Puppet
- Chef
- Salt
- Jenkins
- Fabric

Ansible works at a high level that it can also be used in conjuction with one or more of these tools. It is often called an 'orchestration' tool since it can function independently as weel as 'control' one or more of the tools above.









Core component of Ansible
1. Inventories
2. Modules
3. Variables
4. Facts
5. plays and Playbook
6. Configuration files
7. Templates
8. Roles
9. Ansible Vault

1. Inventories
Inventories can be of
1. Static
2. Dynamic

Static
- Local host databse is at /etc/ansible/hosts
- Can be called using -i option from different file location

Dynamic
- can be feed via a program
- or using facts

2. Modules
- Module makes ansible intellegent
- These are tools in the workshop
- Modules can be run directly or through the playbook against hosts.
- You can write your own module
- Example of module can be ping, yum, ..

3. Variables
- Variables are very handly when dealing with different systems and their functions.
- It allow you to customize the behavior for each systems.
- Variable names should be letters, numbers, and underscores
- Variables should always start with letter.
- It can be defined in in the inventory file and also on playbook.
- We can use jinja2 template system to reference the variable. For eg,
  player={{ player_list }}


4. Ansible Facts
- ANsible facts is a way of getting data from your system.
- These facts can be used in playbook variables.
- You can disable facts gathering in a playbook.
- The reason is:
  - Its not always required.
  - It can speed up the executing
     - hosts: mainhosts
       gather_facts: no


5. Play and playbooks
- Like modules in puppet and cookbooks in chef, playbook in ansible
- A play is a task that used to perform in a host machine.
- A playbook is a task
- Playbooks are your instruction manuals, the hosts are the raw materials.
- Playbook is written YAML format.

Playbooks are devided into 3 sections
1.Target section
– Define on which host machines the playbook would run.
  Its like nodes.pp in puppet and run-list in chef.

2. variable section
– defines variables which can be used in playbooks

3.Tasks
- List all modules intend to run in order.



6. Configuration Files
- The default config file is /etc/ansible/ansible.cfg
- You can enable or disable options in config file.
- You can use config files if you want to use different options
The order is as follows:
a. ANSIBLE_CONFIG is an environment variable
b. ansible.cfg in the current directory
c. .ansible.cfg in the home directory
d. finally the default /etc/ansible/ansible.cfg


Templates
- What is templates?
- There is an ansible module called template.
- A template is a definition and set of parameters for running an ansible job.
- Job templates are useful to execute the same job again and again.
- Variables can be used in templates to populate the content.

Handlers
- A task in a playbook can be trigger a handler.
- Used to handle error conditions.
- Called at the end of each play.
- You can have multiple tasks trigger another actions.

Roles
- A playbook is a standalone file ansible runs to set up your servers.
- Roles can be through of as a playbook thats split into multiple files.
  for eg, one file for tasks, one for variables, and one for handlers
- They are a method you use to package up tasks, handlers and everything else you need into reusable components you put together and include in a playbook.
- Ansible Galaxy is a repository for roles people have created for tasks.

Ansible Vault
- Ansible vault is a secure store.
- It allows ansible to keep sensitive data such as passwords, encripted files
- A commandline tool ansible-vault is used to edit the files.
- Command line flag is used --ask-vault-pass or --vault-password-file