Ansible Tutorial for Beginners
What is Ansible?
Ansible is an open source tool tool that helps you automate IT tasks, it was purchased by Red Hat in October 2015 and is used for automation of Linux servers, configuration management, infrastructure as code, DevOps, cloud computing, virtualization and is also very popular for network automation. Configuring on-premises infrastructure and also cloud.
It is agentless and only requires an SSH connection to the target device.
It is used for server patching, backups, configuration management, install software, configure nginx, application deployment, network automation, the list goes on, you can even use Ansible to mange Windows devices! It is currently one of the most popular orchestration tools in use today. It is free to get started and easy to use.
[ For more info check out a more in depth post here: What is Ansible ]
The idea of automation and using Ansible is to get away from the command line and connecting to each device to perform a task or an update and instead simply run a playbook to perform all the repetitive tasks at once, constantly moving towards infrastructure as code.
It also makes sure that the tasks are performed the same each and every time, thus reducing human error and of course so much time! Often referred to as an automation engine, has is used daily by IT departments across the world.
In this Ansible basics tutorial I will go over installation and setup, modules and plugins, variables, best practices and all the common terms.
Basic Ansible Terms
- Ansible server: The device where Ansible is installed
- Host: A remote machine or device managed by Ansible
- Group: A number of hosts grouped together in the inventory file
- Inventory: All the hosts that Ansible manages. This file can be static or dynamic
- Modules: Blocks of code that Ansible uses to perform tasks
- Tasks: Defining what you want Ansible to do, used with a module which does the thing
- Playbooks: A list of tasks with all the parameters describing what you want to configure on a device
- Roles: Blocks of code that can be re-used within a task, which can also be shared
- ansible.cfg: The ansible configuration file where you define the setup of your Ansible node
- YAML: YAML is a markup language and is what Ansible playbooks are written in.
- Agentless: No agent is required on the end host to make configuration changes only SSH access
How to Install Ansible
Your control node needs to run on a Linux operating system with Python 3.8 or above, you cannot install Ansible on Windows. Unless you are running WSL within windows, but Ansible currently will only run on the Linux operating system.
It’s always best to reference the official documentation from Ansible.
Once you have Ansible installed you just need to setup a new config file and you are ready to go.
Depending on where you get your Ansible package from you might not get the latest version, different linux distributions use different repositories so it’s always best to use pip to install to ensure you get the latest version.
From the command line just run the following command
$ python -m pip install --user ansible
You can validate if you have successfully installed Ansible and check your version by running this ansible command
$ ansible --version
The Ansible Inventory is a file which defines all the hosts that you want to automate. By default it resides in /etc/hosts but it is Ansible best practice to create a separate inventory file for each project within the project folder.
A simple inventory looks like this. The inventory below is for network devices and the IP address of the device is configured within the inventory file. The group database_servers just has the DNS name of the server, you must be able to resolve this name on your control node.
Then, when you write a playbook if you want to perform a task against a group of devices you just reference the group name in the playbook.
Devices are either defined by hostname which must be resolvable in DNS or by using a display name and the command ansible_host= you can specify the ip addresses of your devices.
The inventory file can also be generated dynamically by scripts if you are automating cloud environments where devices are changing a lot.
➜ Ansible git:(master) ✗ cat hosts ## Ansible Hosts File for Lab [CSR_Routers] R1 ansible_host=192.168.1.220 R2 ansible_host=192.168.1.221 R3 ansible_host=192.168.1.222 R4 ansible_host=192.168.1.223 R5 ansible_host=192.168.1.224 R6 ansible_host=192.168.1.225 [database_servers] DBS1 DBS2 [SWITCHES] 2960 ansible_host=192.168.1.250 [NXOS] N9K-1 ansible_host=192.168.1.210 N9K-2 ansible_host=192.168.1.211 [bigip] BIG-IP-1-V ansible_host=192.168.1.180
How does Ansible work?
Ansible works on the principle of a control node and managed nodes, which can be remote servers or network devices.
The control machine does not have to be anything special, it can even run on your laptop, it only requires SSH connectivity to the target device. You install Ansible and setup a few configuration files and you are ready to automate!
The basic concepts are:
- You define a list of managed nodes in the hosts file
- Ansible code is written in a playbook file to describe what tasks to perform on those hosts
- You run the playbook
- Ansible executes the tasks in order and provides an output of success or fail of the tasks
Ansible Ad Hoc Commands
The first thing you can do with Ansible is to check you have connectivity to your devices. We can issue a ping command that will make sure the inventory is configured correctly and we can ssh to the ip address of each device.
To use the ping module use the following command.
$ ansible -i hosts all -m ping
Ansible works by running Ansible playbooks, these are files which are written in YAML format and describe the actions that you want to perform. It also describes the ansible modules you want to use and the devices that you want to perform them on.
Ansible playbook commands are very easy to read and even anyone without any Ansible knowledge could read a playbook and work out what is going on.
You can also run ansible commands on the command line for quick checks or tests, but the majority of work you will do will be within the playbook.
Let’s have a look at a simple Ansible playbook example.
For the first playbook we will just be using a username/password to connect to the remote machines but in a later post I will be covering how to use an SSH key.
For all the latest Ansible documentation always reference
Ansible Tower / AAP
This was the GUI front end to Ansible Engine that enables you to delegate tasks to users and it also provides logging, this has now been replaced with Ansible Automation Platform which is actually a suite of tools which allows you to automate your entire infrastructure with ease.
Ansible Network Automation Course
If you are a network engineer and learning Ansible to make network configuration changes, please check out my Ansible course. I am also planning training on different infrastructure tools like Ansible, Terraform, AWS CloudFormation, and even Kubernetes. Coming Soon!
puppet, centos, devops, ubuntu, yum, package, ip_address, web server, apache
Frequently Asked Questions
How do I start learning Ansible?
The quickest way to start learning Ansible is to just install it and start writing playbooks, I have a course you can sign up to, and there are also plenty of resources online to help you start learning. Just make sure whatever you learn from is referencing a newer version of Ansible as things do change a lot between versions.
What is Ansible best used for?
Ansible can be used for so many tasks, if you just want to restart Nginx on 10 servers or install Nginx on 1000, update apt packages, create user accounts, change a default password, spin up virtual machines in AWS, repeating tasks like software updates, from multiple tasks to a single task, it can do anything you want it to. It is an IT orchestration tool and whilst it can do so much I think it is best used for network automation and provisioning infrastructure.
Is Ansible a DevOps tool?
For sure, Ansible is mainly used as a DevOps tool every day by system administrators to perform devops tasks. Tasks which are time consuming, are mundane and prone to human error, by automation the tasks you increase efficiency and reduce human error.
Does Ansible need coding?
Whilst Ansible is written in Python you don’t need any special coding knowledge to write playbooks. Everything you need to know to use Ansible is written in YAML which is very human readable and INI configuration files.
I hope this Ansible tutorial for beginners has been of help and if you want to learn more I do have a course which is focussed on network automation. If you are a network DevOps engineer It will take you on from zero knowledge and teach you all about how to automate network devices using Ansible from configuration management up to configuring an entire ACI topology.