Difference between revisions of "Ansible Basics"

Revision as of 09:06, 20 March 2025

Installing Ansible

Enable Required Repositories

Ansible is available via the EPEL (Extra Packages for Enterprise Linux) or the official Red Hat repositories.

Enable EPEL Repository

For RHEL systems, install the EPEL repository:

sudo dnf install epel-release

Install Ansible

Once the repository is enabled, install Ansible using the package manager:

sudo dnf install ansible

Verify the Installation

After installation, verify Ansible is installed correctly:

ansible --version

You should see output similar to:

ansible [core 2.x.x]
  config file = /etc/ansible/ansible.cfg
  python version = 3.x.x

Troubleshooting

If epel-release is not found, try enabling the codeready-builder repo or check for typos.

Creating an Ansible Inventory File

An inventory file for Ansible is a file that has a list of the hosts Ansible will interact with, their hostnames, IP addresses, and other relevant information. Typically these are .ini files. i.e.:

 INVENTORY.ini / ANSIBLE_HOSTS.ini / SERVER_LIST.ini

An example inventory file might look like:

[web-server] (this is the host group)
web-server-01 ansible_host=1.2.3.4 (each entry is a single host, with arguments/options beside)
web-server-02 ansible_host=WEBSERVER_HOSTNAME

You can also format the inventory file, to manage entire host groups collectively, like this:

[file-server]
file01 ansible_host=1.2.3.4
file02 ansible_host=5.6.7.8
file03 ansible_host=9.10.11.12

[file-server:vars]
ansible_user=USER
ansible_port=PORT#
ansible_become=[true/false] (whether or not Ansible will become 'root' user)
ansible_become_user=[true/false] (whether or not Ansible will become the current user)
ansible_ssh_private_key=/PATH/TO/IDENTITY/FILE

Creating an Ansible Playbook (Basics)

An Ansible playbook is the instruction set that Ansible will follow to enforce the changes/configurations/etc across the specified hosts in the playbook file. Typically these files are .yml files. i.e.:

 PLAYBOOK.yml / initial_setup.yml / web_server.yml

Generic Playbook Syntax

An example playbook may look like this:

 - name: Basic Setup (Description of what this playbook does)
   hosts: all (You can also specify a specific host group, like "file-server" or "web-server" or "prod")
   become: true 
   tasks:
     - name: Set Hostname (Description of what this specific task does)
       hostname:
         name: DESIRED_CUSTOM_HOSTNAME_OF_TARGET_NODE or "{{ inventory_hostname }}" (can use this option if the target's IP is included in the inventory file, Ansible will have the target set its hostname to the target's corresponding IP address) 

     - name: DESCRIPTION OF WHAT THIS TASK WILL DO
       dnf: (calls the Ansible module for dnf, there are other modules outlined below)
         name: PACKAGE (specifies the package to pass to dnf)
         state: STATE (see below for available STATES)

Example Playbook

An example playbook (with some notations) to perform specific tasks may look like this:

 - name: Hostname and Repo Config Playbook
   hosts: all 
   become: true 
   tasks:
     - name: Set Hostname 
       hostname:
         name: DESIRED_CUSTOM_HOSTNAME_OF_TARGET_NODE or "{{ inventory_hostname }}" (can use this option if the target's IP is included in the inventory file, Ansible will have the target set its hostname to the target's corresponding IP address) 
     - name: Ensure epel-release repository is installed
       dnf: 
         name: epel-release 
         state: present 
     -name: Reboot if hostname changes
      reboot: 
        msg: "Rebooting after hostname change"
        connect_timeout: 5
        reboot_timeout: 300
      when: ansible_hostname != inventory_hostname (this task will only be run when this condition is met, when the device's hostname does NOT match the hostname specified in the inventory file passed to Ansible)

Ansible Playback Modules

Some other modules that can be called in an Ansible Playbook include:

Package Modules (apt, yum, dnf, etc.)

State - Description
present - Ensures the package is installed.
latest - Installs or upgrades the package to the latest version.
absent - Removes the package if it is installed.
installed - Alias for present.
removed - Alias for absent.

Service Modules (service, systemd)

State - Description
started	- Ensures the service is running.
stopped	- Ensures the service is stopped.
restarted - Stops and starts the service again.
reloaded - Reloads the service (useful for configs).
enabled	(with enabled: true) - Ensures service starts at boot.
disabled - Prevents service from starting at boot.

File and Directory Modules (file, copy, template)

State - Description
touch - Creates an empty file if it doesn’t exist.
absent - Deletes the file or directory.
directory - Ensures a directory exists.
file - Ensures it’s a regular file (can also adjust permissions).
link - Ensures a symbolic link exists.
hard - Ensures a hard link exists.

User & Group Modules (user, group)

State - Description
present	- Ensures the user or group exists.
absent - Ensures the user or group is removed.

Network Resources / Repos

For repositories (like yum_repository, apt_repository):

State - Description
present - Repo is configured and available.
absent - Repo is removed.

For firewall rules, cloud resources, etc., modules usually support:

State - Description
present	- Create or apply the configuration.
absent - Remove or undo the configuration.
enabled - Turn on or activate the resource.
disabled - Turn off or deactivate it.

Running an Ansible Playbook

The basic syntax for running an Ansible playbook command looks like:

ansible-playbook -i INVENTORY_FILE PLAYBOOK_FILE

If your playbook will require Ansible to perform operations as a superuser (i.e. will require 'sudo') you can pass the 'sudo' password like this:

ansible-playbook -i INVENTORY_FILE PLAYBOOK_FILE --ask-become-pass

Additional Resources

Redhat Developer Site