2/10/2022 - class notes
- ansible/terraform
Recap
master
nodes
cronjob
initcontainers
ingress
daemonset
statfulset
---------------------------
eks/aks/openshft
jenkins
docker
k8s
=================
Ansible
configured manually
ssh to host
install
configure
services
10 servers need to install
100 servers
webserver
dbserver
proxy server
1 - servers - 10 minutes
10 - servers -> 30-60 minutes
Avoid manual
- automate
3 nodes
1 loadbalancer
10 more
image
vm
package
file
service
bootstraps
configuration management code
code
remote side execution
feedback/report
Puppet, Chef (pull based architecture)
puppet
- puppet master (holds the code)
- puppet node (install puppet agent, agent pulls the code from server and executes)
Request
Catalog
Report
You have to maintain the server. It may be expensive to maintain. To avoid this kind of tool, they came up with push based architecture.
- simple and clean
- easy to understand
Push model …
Agent less
Python
Need to develop a python based framework. Write code on python.
Ansible.
- need ssh communication
- push model
- ssh
- no agent needed.
- develop source code
DSLs - Domain specific language
- derived from the base programming language.
- python
- yaml
Ansible
- easy to learn
- written in python
- Easy to install and configure
- no need to install ansible on client
- Highly scalable..
How does it works?
Using ansible playbooks, which are written in a very simple language: yaml
Configuration management
Run from the server and the target server is configured automatically.
Architecture
Master
- playbook
- inventories
- Modules
- List of hosts
- Where playbook task
Minimum 2 hosts required. Master/node
1. Ansible host
2. Host
Lets go ahead and create instances.
- Create 2 aws instances. T2-micro or small.
- security group - launch it.
Tag: ansible-host, node01
Login to ansible host
# which python3 - it is available by default
/usr/bin/python3
# which ansible # not available. We have to install it
# apt update/upgrade
# apt install ansible # try to see if you can install
VMS
Puppet => agent/pull/ruby based
Check => agent/pull/ruby
Ansible => agent less/push/python
Salt => agent/push/python
Out of these ansible is simple.
puppet , chef faster, secure
Salt is also security wise good tool.
# ls -l /usr/bin/ansible
Ansible => ad-hoc commands
Ansible-playbook => yaml
1. Maintain inventory file
# hostname -i
Get the ip address - private (in our case)
# cd /etc/ansible; ls -l
# vii hosts
# ansible -i hosts all -m ping
Permission denied.
We have to authenticate it.
Ansible modules list
# ansible -i hosts al l-m ping -u root -k
ssh password:
It will prompt you for a password.
But it failed again. Authentication is denied for this user to login remotely.
Generate key
# ssh-keygen
# ls -l .ssh
#copy public key to client system at host_dir/ .ssh/authorized_keys
# vi /etc/ansible/ansible.cfg
Enable configuration here.
# host_key_checking = False
# log_path = /var/log/ansible.log
# ansble -i hosts all -m ping
ansible -docs
—----------------
# ansible -i hosts <groupname or ip> -m apt -a “name=tree state=latest
# ansible -i hosts all -m apt -a “name=tree state=latest””
No package matching available.
Since its a brand new machine, we have to update.
# ansible -i hosts all -m apt_repostory -a “repo=ppa:nginx/stable”
It's going to update the repository. Now run,
# ansible -i hosts all -m apt -a “name=tree state=latest”
Look for the output.
# which tree
Run the same command 2nd time, you get green color. First time, you see yellow color.
2nd time, you see change = falst.
If package is already installed, it does not do nothing. It is called idempotent.
Desire state is not changed.
# ansible -i hosts all -m apt -a “name=tree state=absent”
Yellow color
Run it again, you get green color
Run it again,
# ansible -i hosts all -m apt -a “name=tree state=latest”
It will install and shows yellow color.
You can run one command at a time. This command is called ad-hoc command. If you want to run multiple command, you can’t do this way. How can you achieve running multiple command?
- by using yaml file.
# cat example.yaml
# cat nginx.yml
How to install nginx server manually on ubuntu?
1. Install nginx pkg
$ sudo apt update; sudo apt install nginx
2. Create our website
<html></html>
3. Set up virtual hosts
4. Activate virtual host and test the result
# ansible -i hosts all -m apt -a “name=tree state=latest”
# cat nginx.yml
—
Hosts: remote # define host group, ip
tasks:
Name: add repo
name: install package nginx
apt:
Name: nginx
state: latest
Vi /etc/ansible/hosts
[remote]
192.168.10.20
192.168.10.21
….
# cat nginx.yml
---
- hosts: remote # define host group, ip
tasks:
- name: add repo nginx
apt_repositiry:
repo: "ppa:nginx/stable"
-name: install package nginx
apt:
name: nginx
state: latest
- name: start service ngins if not started
service:
name: nginx
state: started
name: install package nginx
apt:
Name: nginx
state: latest
============================
service(package a, state b) {
return a+b;
}
- name: add methid
service:
package: nginx
state: started
add (int, int b) {
return a+b;
}
add a=10, b=20
- name: add method
add:
a: 10
b: 20
==============================
---
# now need to start service
go to service module -> go under examples...
Vi /etc/ansible/hosts
[remote]
192.168.10.20
192.168.10.21
….
# ansible-playbook -i hosts nginx.yml
just observer the output
- remote
- gathering facts
- add repo
- install package nginx
- start service ngins
- play recap
changed=1
get the ip address of the host and paste at the browser, you will see nginx page.
# cat nginx.yml
---
- hosts: remote # define host group, ip
tasks:
- name: add repo nginx
apt_repositiry:
repo: "ppa:nginx/stable"
-name: install package nginx
apt:
name: nginx
state: latest
- name: start service ngins if not started
service:
name: nginx
state: started
- name: create a dir tutorial # google for file module, look for eg,
file:
path: /etc/myfile.txt
state: directory
- nameL copy index.html file
copy:
ser: index.html
dest: /var/www/tutorail/index.html
- name start nginx if not started
service:
name: nginx
state: started
# we have to create virtual host
- name copy tutoril
copy:
ser: tutorial
dest: /var/www/tutorail/tutorial
once you updated, or modified, we have to restart the service.
we have to speacify nofity
changed=1
get the ip address of the host and paste at the browser, you will see nginx page.
# cat nginx.yml
---
- hosts: remote # define host group, ip
tasks:
- name: add repo nginx
apt_repositiry:
repo: "ppa:nginx/stable"
-name: install package nginx
apt:
name: nginx
state: latest
- name: start service ngins if not started
service:
name: nginx
state: started
- name: create a dir tutorial # google for file module, look for eg,
file:
path: /etc/myfile.txt
state: directory
- nameL copy index.html file
copy:
ser: index.html
dest: /var/www/tutorail/index.html
# we have to create virtual host
- name copy tutoril
copy:
ser: tutorial
dest: /var/www/tutorail/tutorial
- name start nginx if not started
service:
name: nginx
state: started
notify: restart service ngins
handlers:
- name: start servie ngins,
service:
name: nginx
state: restarted
# cd /etc/ansible
$ vi tutorial
jenkins ubuntu install
convert commands into yaml and try it
jenkins.io/doc/book/..
# ansible-playbook -i hosts nginx.yml
review the output..
green color, already perfored, yellow color, its performed now.
go to browser
1p:81 => you see the content.
next class ...
- ansible roles, running multiple service
- terraform, monitoring
No comments:
Post a Comment