Ansible fundamentals

[kurtzace]

course by wes higbee (intermediate) 2nd course by timwarner (beginner)

Slides

localhost

which -am python3
pip3 install ansible

pip3 list --user  'to check version

github.com/got4/course2-ansible-gs

ansible -m ping localhost
ansible -m file "dest=hello state=touch/directory/absent" localhost

• changed - yellow
• unchanged - success - green (actual state vs desired state)
• failed

ansible-doc file
ansible-doc -t keyword gather_subset
ansible -m copy -a "dest=hello content=world" localhost
ansible -m copy -a "dest=hello content=world" localhost --check (to assess before dive) --diff (changes to file details and make real change, optional support to module)

servers

ansible -i 'pi4,pi5' -m ping pi5 #all
ansible -i 'pi4,pi5' -m command -a 'date' pi5 #all.localhost  #pi[4:5]
vi ansible.cfg #[defaults]inventory=myInventory
ansible-config dump
ansible-inventory --list --yaml

module hanging - means user command - use --become for sudo

ansible -m timezone -a "name=America/..." localhost --diff --become --ask-become-pass

eg pip install - to autocomplete on bash

ansible -m pip -a "name=argcomplete" localhost --check
activate-global-python-argcomplete

Playbook

name: copy
hosts: localhost
tags: copytag
diff: true
check-mode: true
become: true
tasks:
 - copy: dest=hello contents=world
 - command: date

#or better approach for tab complettion, add ansible vs code extension, 
- copy:
   dest: hello
   content: world
   src:

- name: install ansible lint
  pip:
     name: ansible-lint

- apt
      name: nginx
      update_cache: true

alt shift f to format

to run ansible-playbook ....yml --tags nginx --forks 3 -vvv ## num of 'v's is verbosity, default forks is 5

ansible -m setup pi3

nginx custom file

macos

dump facts

• name: .... debug: var: ansible_distribution when: ansible_distribution == "MacOSX"

Collections

• ansible-galaxy collection list
• ansible-galaxy collection install community.general
• ansible-galaxy collection install community.aws

Core vs ansible

core has built in

collections is community.

Dynamic inventory

Create 3 contianers, 2 using loop, 1 using sleep

or loop: "{{ range(1,3) }}"

manually start container in bg daemon docker container run --name c1 --it --detach python then docker container attach c1 ctrl + P + q to detach   from link

   - name: Create Docker container 🐳
      hosts: localhost
      tasks:
        - name: Pull image from DockerHub 📥
          docker_image:
            name: ubuntu
            source: pull
        - name: Create Docker container 📦
          docker_container:
            name: ubuntu_container
            image: ubuntu
            state: started

for hosts/inventory file

p1 #default is ssh
p2

#containers
c1 ansible_connection=community.docker.dokcer

to list inventory ansible-inventory --list --yaml ansible --list-hosts all

dynamic docker inventory

[kurtzace]

notes

• serial: number of nodes to fully run all tasks on. (default is run tasks one by one on each nodes with forks on batches of nodes)

• jinja templates

  

• to stop/remove - make state as absent

• module_defaults will help us to remover repeated code per tasks

[kurtzace]

Experiments standalone

ansible --version   
ansible -m ping localhost
ansible -m copy -a "dest=hello content=world" localhost
ansible -m copy -a "dest=hello content=world2" localhost --check  --diff
ansible-inventory --list
ansible --list-hosts all
ansible -i 'localhost' -m command -a 'date' localhost
ansible -m pip -a "name=requests" localhost --check
ansible -m pip -a "name=boto3" localhost --check
ansible-galaxy collection list

[kurtzace]

mutimachine

docker pull jcpowermac/alpine-ansible-ssh # existing docker image that would already have Ansible and Openssh installed.

docker run --name=controller --platform linux/amd64 -d jcpowermac/alpine-ansible-ssh
docker run --name=target1 --platform linux/amd64 -d jcpowermac/alpine-ansible-ssh
docker run --name=target2 --platform linux/amd64 -d jcpowermac/alpine-ansible-ssh
docker ps
for i in $(docker ps|awk '{print $1}'|tail -n +2); do docker exec $i ip a|grep 172.17;done
docker exec -it controller /bin/sh 
# ansible --version
# ansible -m apk -a "name=nano" -b localhost
# su ansible
# cd ~
# ssh to all ips and accept certs
# cat <<EOF > inventory.txt
target1 ansible_host=172.17.0.3
target2 ansible_host=172.17.0.4
EOF

#ansible target* -m ping -i inventory.txt
#ansible -i inventory.txt -m command -a 'date' target1
#ansible -i inventory.txt -m pip -a "name=requests" localhost,target2
#ansible -i inventory.txt -m copy -a "dest=hello content=world2" all

try vi ansible.cfg #[defaults]inventory=inventory.txt

ref

[kurtzace]

running playbook

ansible-playbook ~/Documents/learning/course-ansible-getting-started/playbooks/playbook.yml #from https://github.com/g0t4/course-ansible-getting-started 
cat ~/.tmpgitconfig
rm ~/.tmpgitconfig
cd connecting 
ansible-playbook create-container.yml  
docker exec -it ansible_container_test3 sh 
#git config -l
#exit
ansible-playbook cleanup.yml

[kurtzace]

with ec2 - assignment/project

spin up vm using terraform https://github.com/ned1313/Getting-Started-Terraform/tree/main/m4_solution

sudo port select --set terraform terraform1.4
terraform -v
terraform init
terraform validate
terraform plan -out ../m4.tfplan
terraform apply "../m4.tfplan"

then create ansible folder

with

ansible.cfg

[defaults]
private_key_file = ~/code/my-pem.pem
host_key_checking = False
inventory=hosts.ini

with hosts.ini

[servers]
ec2-x-x-x-x-us-west-2.compute.amazonaws.com ansible_user=ubuntu

traffic_generator.py

import subprocess
import random
from faker import Faker
import multiprocessing

fake = Faker()

websites = [fake.domain_name() for _ in range(20)]

def run_dig(website):
    for _ in range(10):
        website = random.choice(websites)
        command = f"curl {website}"
        subprocess.run(command, shell=True)

if __name__ == "__main__":
    pool = multiprocessing.Pool(20)
    pool.map(run_dig, range(20))
    pool.close()
    pool.join()

traffic-playbook.yml

---
- name: Copy traffic_generator.py, install faker, and run traffic_generator.py
  hosts: servers
  become: true

  tasks:
    - name: Copy traffic_generator.py
      copy:
        src: traffic_generator.py
        dest: /home/ubuntu/traffic_generator.py

    - name: Install python3-pip
      apt:
        name: python3-pip
        state: present

    - name: Install faker using pip3
      pip:
        name: faker
        executable: pip3

    - name: Run traffic_generator.py
      command: python3 /home/ubuntu//traffic_generator.py

run

ansible  servers -m ping
ansible-playbook traffic-playbook.yml -v
terraform destroy