Efficient Config Management with Ansible Playbooks: From SSH Setup to Optimization

In a fast-paced IT landscape, efficient configuration management and automation are crucial for successful DevOps practices. The popular open-source tool, Ansible, enables system administrators and DevOps engineers to automate infrastructure provisioning, software deployment, and orchestration. In this article, we will dive into the fundamentals of Ansible and explore practical examples and best practices for streamlining infrastructure automation. We will cover Day (0) SSH setup between the Ansible workstation and remote hosts, defining target host inventory and configuration files, leveraging Git for version control, running Ansible commands, writing playbooks, and utilizing advanced features like tags, roles, handlers, host variables, and templates.

Step 1: SSH Setup between Ansible Workstation and Remote Hosts

To establish a secure communication channel between the Ansible workstation and remote hosts, we need to configure SSH connectivity. I recommend using the Visual Studio Code (VS Code) source-code editor and interactive console. Follow these steps:

• Generate SSH key pair on the Ansible workstation.

ssh-keygen -t ed25519 -C "$USER" -f ~/.ssh/id_"$USER"

• Copy the public key to the remote hosts using the SSH-copy-id command.

ssh-copy-id docker.gdom.local

• Test SSH connectivity to ensure successful authentication without a password.

Step 2: Setting up a Git Repository

Using version control is essential for maintaining Ansible playbooks and configuration files, so start with creating a location to manage them by setting up a Git repository to track changes and collaborate effectively:

• Create or login to a Git repository like GitHub.com and initialize your project repository "Ansible" and select the checkbox to create a README .md file.

• Add the public key we created in Step 1 to the SSH and GPG keys inventory of your profile settings page.

• Clone the repository to your local machine and define the minimal global config attributes of the Git repository.

tallgray1@ubuntu:~$ git clone git@github.com:tallgray/ansible.git

Cloning into 'ansible'...

The authenticity of host 'github.com (140.82.113.4)' can't be established.

ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU.

This key is not known by any other names

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.

remote: Enumerating objects: 183, done.

remote: Counting objects: 100% (183/183), done.

remote: Compressing objects: 100% (113/113), done.

remote: Total 183 (delta 77), reused 155 (delta 52), pack-reused 0

Receiving objects: 100% (183/183), 25.22 KiB | 496.00 KiB/s, done.

Resolving deltas: 100% (77/77), done.

tallgray1@ubuntu:~$ git config --global user.name "Glenn Gray"

tallgray1@ubuntu:~$ git config --global user.email "tallgray1@gdom.local"

We have just pulled down the empty repository from GitHub and created a folder containing the files in it, which at this point should only contain the README.md generated when the repository was created.

Step 3: Defining Target Host Inventory and Configuration Files

To manage multiple hosts with Ansible, we need to define a target host inventory and configuration files. Here's how:

1. Create a file named "inventory" in the folder that was created when you cloned the repository and list the IP addresses or hostnames of the remote hosts.

2. Organize hosts into groups based on their deployment need, application base, or location.

Step 4: Writing Ansible Playbooks

An Ansible playbook is like a set of instructions written in a YAML file that tells Ansible what tasks to perform on target systems. It includes plays that target specific hosts, tasks that define the actions to be executed, and modules that provide the necessary tools for those actions. Playbooks allow for automation and management of systems in a structured and reusable way. Follow these steps to create a basic playbook:

1. Define a playbook YAML file structure.

2. Specify the target hosts and, if needed, gather facts about them or become a root user to perform tasks.

3. Write tasks to perform specific configuration actions. The double curly braces "{{ }}" indicate that the enclosed content is a variable that will be evaluated and replaced with its actual value during playbook execution. The snapshot shows variables that Ansible gathered as facts from the target host and the inventory file.

4. Execute the playbook using the ansible-playbook command. The -l parameter was used to further limit selected hosts.

Step 5: Leveraging Advanced Ansible Features

To optimize and organize your Ansible code, it's essential to leverage advanced features such as variables, handlers, roles and tags. Variables in Ansible playbooks are like placeholders that hold different values, such as software version identifiers or passwords, allowing for flexibility and customization. Handlers are special tasks that are triggered only when specific conditions are met, often used to restart services or perform actions based on task results. Roles provide a way to organize and share playbook logic, making it easier to reuse and manage tasks and files across different environments, sites, or projects. Tags are labels that can be assigned to tasks or roles in Ansible playbooks to selectively control which tasks are executed. They are useful for targeting specific tasks or groups of tasks for execution, allowing for more granular control and faster playbook runs by skipping unnecessary tasks.Let's explore some of them:

1. Create reusable and modular roles for better playbook organization (above).

2. Using tags selectively executes specific tasks. The snapshot depicts running plays for tasks and hosts with a "docker" tag (right)

3. Implementing handlers can trigger actions based on certain events, like a service state change.

Step 6: Enhancing Playbooks with Host Variables and Templates

Ansible allows us to customize configurations using host variables and templates. Let's see how to leverage these features:

1. Define host-specific variables in host_vars YAML files.

2. Utilize templates to generate configuration files dynamically.

3. Use variables and templates within playbooks to achieve flexible configurations.

Conclusion:

In this article, we covered the fundamentals of Ansible and explored practical examples and best practices for efficient infrastructure automation. From establishing SSH connectivity to writing advanced playbooks and utilizing features like tags, roles, handlers, host variables, and templates, you now have a solid foundation to streamline your configuration management processes.

To further enhance your learning and explore more advanced topics, I have created an Ansible project repository on GitHub. You can clone this repository (git clone git@github.com:tallgray/ansible.git) which will serve as the baseline for the upcoming articles in this series. These articles will expand to cover configuration management, CI/CD, and DevOps, guiding you through the usage of tools like VSCode, Ansible, Terraform, Prometheus and Grafana, Git, and Jenkins. You'll learn how to automate hosts, Docker and Kubernetes containers, network configurations, AWS cloud services, GitHub, Windows server DNS, Active Directory users, and much more.

Remember, automation is an iterative process, and continuous learning and experimentation will further enhance your skills in configuration management and infrastructure automation. Stay tuned for the upcoming articles in this series, where we will delve deeper into other essential aspects of the DevOps ecosystem.