Getting Started with Ansible: The Basics You Need to Know
I'm a passionate Computer Science student specializing in DevOps, cloud technologies, and powerlifting. I've completed several certifications, including AWS Cloud Practitioner and Google’s Generative AI badge, and I'm currently exploring both AWS and Azure to build scalable, efficient CI/CD pipelines.
Through my blog posts, I share insights on cloud computing, DevOps best practices, and my learning journey in the tech space. I enjoy solving real-world problems with emerging technologies and am developing a platform to offer career advice to students. Outside of tech, I'm a competitive powerlifter, constantly striving to improve and inspire others in fitness.
Always eager to connect with like-minded individuals and collaborate on projects that bridge technology and personal growth.
Configuration management allows us to take a system admin and an on-premises server. If I need to update all these 50 servers with upgrades, security patches, and installations, in the old days, we used scripts to handle this, but it became complex. To overcome these issues, they moved to the cloud, and the problem became much bigger because they created 10 times more than before. The concept is configuration management tools like Puppet, Chef, Ansible, and Salt. However, Ansible became popular, and most people use Ansible in their DevOps journey.
Puppet uses a pull mechanism with a master-slave architecture, where the master is the main branch and instances act as slaves using Puppet language, while Ansible uses a push mechanism with an agentless model, passwordless authentication, and a simple YAML language, allowing custom modules and sharing via Ansible Galaxy, supporting both Windows with "winrm" and Linux with "ssh".
Disadvantages: Windows has some problems with Ansible. Ansible is not good with debugging, and its performance is somewhat slow.
When managing EC2 instances using Ansible's push mechanism, I will write a script and push that script at a time into two instances, so updates will be possible simultaneously through Ansible. I am using this on Windows.
It's easy to install Ansible on Linux because Linux provides the correct environment better than Windows or some other platforms. The command is sudo apt install ansible.
In Ansible, we use passwordless authentication, so we create a key or a public key using "ssh-keygen." This will create a key used for passwordless authentication.
Run ls /home/ubuntu/.ssh/, and you will see one private and one public key. We need to share only the public key when accessing other servers. To do that, run ls /home/ubuntu/.ssh/id_rsa.pub, and you will get the public key you need to share with another server.
The prerequisite of Ansible is passwordless authentication. For that, I created two servers: on one server, I installed Ansible, and I created a target server. What I am doing is logging into my target server using the Ansible server with just a few steps. First, open the target server in another tab and then run ssh-keygen; it will create the authorized keys. Then, use vim ~/.ssh/authorized_keys and paste the public key you copied from the Ansible server into the target server, then save it.
Go to your Ansible server, copy the private IP address of the target server, then use ssh "ip-address". You will be able to log into the target server without any password.
An Ansible playbook is like a Python file; when writing any script in Ansible, we call it an Ansible playbook.
Ansible ad-hoc commands
Let's say in the inventory file we have hundreds of IP addresses, and we will store them in the inventory file. Then we will run ansible -i inventory all, or if we have one IP address, we will use ansible -i inventory "ip-address".
Now create an inventory file on the main server, save the private IP address of the target server, and use the command ansible -i inventory all -m "shell" -a "touch devopsclass". Enter this on the main server, and you will see that the devopsclass file is created on the target server.
ansible-playbook -i inventory ansible_playbook.yml
code for "ansible_playbook.yml"
name: Install and start nginx
hosts: all
become: true
tasks:name: Install nginx
apt:
name: nginx
state: presentname: Start nginx
service:
name: nginx
state: started
The command ansible-playbook -vvv -i inventory ansible_playbook.yml shows how the main server uses the playbook YAML script to execute tasks on the target server, and to create an Ansible role, make a folder, navigate to it, and run ansible-galaxy role init kubernetes to generate the role with several files and folders.
