Exercise 1.0: Exploring the lab environment¶
Ansible is an open-source automation engine for software provisioning, configuration management and application-deployment. It allows for agent-less system configuration, which means it does not deploy agents to nodes. Communication to those nodes works by using SSH and Python is a requirement on those managed nodes. This makes that communication to managed nodes can be secure. Python is used to support the modules which support the tasks which will get deployed by Ansible through the use of so-called playbooks.
When Ansible gets installed it will contain an initial ‘Ansible configuration file’ called ansible.cfg file which includes the inventory of hosts and where the library of modules can be found.
Let’s start to explore by walking through the steps.
Step 1
Navigate to the networking-workshop
directory.
[student1@ansible ~]$ cd networking-workshop/
[student1@ansible networking-workshop]$
Step 2
Run the ansible
command with the --version
command to look at
what is configured:
[student1@ansible networking-workshop]$ ansible --version
ansible 2.6.2
config file = /home/student1/.ansible.cfg
configured module search path = [u'/home/student1/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, May 3 2017, 07:55:04) [GCC 4.8.5 20150623 (Red Hat 4.8.5-14)]
Note
The Ansible version you see might differ from the above output
This command gives you information about the version of Ansible,
location of the executable, version of Python, search path for the
modules and location of the ansible configuration file
.
Step 3
Use the cat
command to view the contents of the ansible.cfg
file.
[student1@ansible networking-workshop]$ cat ~/.ansible.cfg
[defaults]
connection = smart
timeout = 60
inventory = /home/student1/networking-workshop/lab_inventory/hosts
host_key_checking = False
[student1@ansible networking-workshop]$
Note
The following parameters within the ansible.cfg
file:
inventory
: shows the location of the Ansible inventory being used.private_key_file
: this shows the location of the private key used to login to devices
Step 4
The scope of a play
within a playbook
is limited to the groups
of hosts declared within an Ansible inventory. Ansible supports
multiple
inventory
types. An inventory could be a simple flat file with a collection of
hosts defined within it or it could be a dynamic script (potentially
querying a CMDB backend) that generates a list of devices to run the
playbook against.
In this lab you will work with a file based inventory written in the
ini format. Use the cat
command to view the contents of your
inventory:
[student1@ansible networking-workshop]$ cat lab_inventory/hosts
The output will look as follows with student2 being the respective student workbench:
[all:vars]
ansible_user=student2
ansible_ssh_pass=ansible
ansible_port=22
[lb]
f5 ansible_host=34.199.128.69 ansible_user=admin private_ip=172.16.26.136 ansible_ssh_pass=admin
[control]
ansible ansible_host=107.23.192.217 ansible_user=ec2-user private_ip=172.16.207.49
[webservers]
host1 ansible_host=107.22.141.4 ansible_user=ec2-user private_ip=172.16.170.190
host2 ansible_host=54.146.162.192 ansible_user=ec2-user private_ip=172.16.160.13
Step 5
In the above output every [ ]
defines a group. For example
[webservers]
is a group that contains the hosts host1
and
host2
.
Note
A group called all always exists and contains all groups and hosts defined within an inventory.
We can associate variables to groups and hosts. Host variables are declared/defined on the same line as the host themselves. For example
for the host f5
:
f5 ansible_host=34.199.128.69 ansible_user=admin private_ip=172.16.26.136 ansible_ssh_pass=admin
f5
- The name that Ansible will use. This can but does not have to rely on DNSansible_host
- The IP address that ansible will use, if not configured it will default to DNSansible_user
- The user ansible will use to login to this host, if not configured it will default to the user the playbook is run fromprivate_ip
- This value is not reserved by ansible so it will default to a host variable.This variable can be used by playbooks or ignored completely.ansible_ssh_pass
- The password ansible will use to login to this host, if not configured it will assume the user the playbook ran from has access to this host through SSH keys.
Does the password have to be in plain text? No, Red Hat Ansible Tower can take care of credential management in an easy to use web GUI or a user may use ansible-vault
[student1@ansible networking-workshop]$ cd ~
You have finished this exercise