3.1 Ansible usage and configuration management

Ansible usage and configuration management

outline

1. Ansible Introduction and Features

• An introduction to what Ansible is, what it does, and its advantages in configuration management and automated deployment.
• Emphasize Ansible's agentless (Agentless) features and easy-to-use syntax.

2. Ansible installation and configuration
   • Demonstrate how to install Ansible, and configure the master control node (Control Node) and controlled node (Managed Node).
   • Describes Ansible configuration files and directory structure in detail.
3. Ansible basics
   • Ansible Ad-Hoc Commands: Use Ad-Hoc commands to perform simple operations such as file copying, command execution, etc.
   • Ansible Playbook: Introduces the concept of Playbooks and how to write Playbook files to describe configurations and tasks.
4. Ansible modules and variables
   • Learn about the variety of Ansible modules, including system administration, file manipulation, package management, and more.
   • Demonstrates how to use variables in a Playbook, and how to get variable values ​​from external files or commands.
5. Host Management and Organization
   • Describes how to define a host inventory file (Inventory), including host grouping and variable settings.
   • Demonstrates how to execute tasks in Playbooks based on host organization and specific variables.
6. characters and screenplay
   • Introduce the concept of Ansible role, and encapsulate the tasks and variables in Playbook into reusable roles.
   • Shows how to create and organize Ansible roles for modular configuration management.
7. Deploy application and configuration
   • Use Ansible to deploy applications, including downloading code, installing dependencies, configuration files, and more.
   • Demonstrates how to apply different configurations depending on the environment (dev, test, production).
8. Automation and Batch Operations
   • Emphasize Ansible's automation capabilities, such as automated deployments, configuration updates, and system maintenance.
   • Demonstrates how to write cron jobs, automate backups, and batch operations.
9. Common Ansible use cases
   • Analyze the application of Ansible in different scenarios, such as infrastructure automation, application deployment, configuration management, etc.
   • Use real-world examples to demonstrate how Ansible can increase efficiency, reduce manual effort, and ensure consistency.
10. Best Practices and Performance Optimization
    • Provide best practices of Ansible, including directory structure, variable naming conventions, etc.
    • Emphasis on performance optimization techniques, such as concurrent execution, reducing Playbook execution time, etc.

Through the contents of this section, readers will have a deep understanding of the basic usage and configuration management principles of Ansible. At the same time, through the guidance of actual cases, readers can apply Ansible to real operation and maintenance scenarios to improve efficiency, reduce errors and ensure system consistency.

## Ansible Introduction and Features

Ansible is a powerful automation tool widely used for configuration management, application deployment, and task automation. Its key features make it one of the go-to tools for operations engineers and developers.

Definition and purpose : Ansible is an open source configuration management and automation tool that helps manage infrastructure, applications, and networks at scale. The primary roles of Ansible include automated deployment, configuration management, task coordination, and application publishing.

Advantages : Ansible has the following advantages that make it popular in the field of operation and maintenance:

• Agentless : Ansible does not need to install any agent or client on the managed target host, and communicates through the SSH protocol, which reduces the complexity of management and maintenance.
• Simple and easy-to-use syntax : Ansible uses Playbooks in YAML format, making configuration management and automation task writing simple and straightforward. Even for beginners, you can quickly pick up and write powerful automation tasks.
• Based on Playbooks (Playbooks) : Ansible uses Playbooks to define configurations and tasks, making multi-step automation tasks highly readable and easily scalable.
• Powerful module library : Ansible provides a rich set of modules for performing various tasks, including file manipulation, software installation, system configuration, and more. Users can also customize modules to meet specific needs.
• Support for multiple platforms : Ansible can manage multiple operating systems and cloud platforms, including Linux, Windows, virtualization platforms, and public cloud service providers.
• Scalability : Ansible supports a variety of plug-ins and extension mechanisms, and can be integrated with other tools and platforms to meet the needs of different scenarios.

Through these characteristics, Ansible has become a powerful tool in the field of automated operation and maintenance, continuous integration and configuration management. Its simple syntax and powerful functions enable teams to manage infrastructure and applications more efficiently, reducing the burden of operation and maintenance. In what follows, we'll dive into how to use Ansible for configuration management and automated deployment, along with some best practices.

## Ansible installation and configuration

Ansible is a cross-platform automation tool, and installing and configuring it is the first step to getting started. This section will demonstrate how to install Ansible and configure the master and slave nodes.

1. Install Ansible

First, we need to install Ansible on the master node. Ansible runs on Linux, macOS, and Windows. Following are the basic steps to install Ansible on different operating systems:

• Linux (such as Ubuntu) : On most Linux distributions, you can install Ansible using your package manager. For example, on Ubuntu, the following command can be used to install:

sudo apt update
sudo apt install ansible

• macOS : On macOS, you can install Ansible using Homebrew:

brew install ansible

• Windows : On Windows, Ansible can be installed using the Windows Subsystem (WSL). Install WSL first, then install Ansible in WSL.

2. Configure the master control node

Once Ansible is installed, you need to configure the master node. The master node is the machine on which you execute Ansible commands. By default, the Ansible configuration file is located at /etc/ansible/ansible.cfg, but you can customize the configuration as needed.

Configuring the master node involves the following main steps:

• Set up SSH key authentication : Make sure your master control node can access the controlled node through SSH, it is better to use key authentication instead of password authentication.
• Edit Ansible config file : /etc/ansible/ansible.cfgIn , you can set some global configurations like default user, repository path, etc.

3. Configure the controlled node

Controlled nodes are the target hosts you want to manage, and Ansible will connect to these nodes through SSH and perform tasks.

Configuring the controlled node requires the following steps:

• Install SSH server : Make sure there is an SSH server on the controlled node so that the master control node can connect through SSH.
• Add controlled nodes to Ansible's inventory : Ansible uses a file called "inventory" to keep track of controlled nodes. By default, this file is located in /etc/ansible/hosts.

After configuring the master control node and the controlled node, you can start using Ansible for configuration management and automated deployment. In the following content, we will delve into the core concepts of Ansible Playbooks, modules, tasks, etc., as well as how to perform system configuration and application deployment.

Ansible basics

1. Ansible Ad-Hoc commands

Ansible Ad-Hoc commands are command-line tools for performing one-off tasks on controlled nodes. These commands are great for simple tasks like file manipulation, command execution, package installation, etc.

The syntax used by Ad-Hoc commands is as follows:

ansible <host-pattern> -m <module> -a "<module-args>"

in:

• <host-pattern>It is a pattern to specify the target host, which can be a specific host name, IP address, or a host group defined in Ansible Inventory.
• -m <module>Specifies the Ansible module to use, such as copy(copy file), command(execute command), apt(package management), etc.
• -a "<module-args>"The parameters of the specified module vary according to different modules.

Example Ad-Hoc command:

• Copy local files to remote host:ansible webserver -m copy -a "src=/path/to/local/file dest=/remote/path/"
• Execute the command on the remote host:ansible database -m command -a "ls /var/www"
• Install the package:ansible appserver -m apt -a "name=nginx state=present"

2. Ansible Playbook

Ansible Playbook is a YAML file used to describe configuration and tasks. It allows you to define a series of operations to be performed on the target host. Playbooks are tools for complex automation and configuration management.

A simple Playbook example:

---
- name: 安装 Nginx
  hosts: webserver
  tasks:
    - name: 安装 Nginx
      apt:
        name: nginx
        state: present

In this playbook:

• namefield is the name of the playbook.
• hostsfield specifies the target host group.
• tasksThe fields contain the tasks to perform, in this case there is only one task, which is to install Nginx.

When using Playbook, you can use ansible-playbookthe command to run:

ansible-playbook nginx-install.yml

This is a simple Playbook example, and more complex tasks, variables, conditions, etc. can be included in actual use. Playbook is the core concept in Ansible. By writing Playbook, you can realize automatic configuration management and system deployment.

Ansible modules and variables

1. Ansible Modules

Ansible modules are tools used by Ansible to perform tasks on target hosts. Modules include various functions, such as system management, file operation, software package management, database operation, etc., which can cover multiple fields.

Some common Ansible modules include:

• System management module: ping(check host connectivity), reboot(restart host), user(manage user), group(manage user group), etc.
• File operation module: copy(copy file), template(template file), file(management file attribute), etc.
• Package management modules: apt(Debian/Ubuntu package management), yum(CentOS/RHEL package management), dnf(Fedora package management), etc.

userExample: Create a user using the module in Playbook

---
- name: 创建用户
  hosts: webserver
  tasks:
    - name: 创建用户 john
      user:
        name: john
        state: present

2. Ansible variables

In Ansible, variables are used to store data, making playbooks more flexible and versatile. Variables may include static variables, dynamic variables, external variables, and the like.

Ways to use variables in Playbook:

• Defines variables for a host or host group.
• Define global variables.
• Use Facts, which are information Ansible automatically collects on target hosts.

Example: Using Variables in a Playbook

---
- name: 使用变量
  hosts: webserver
  vars:
    app_name: myapp
  tasks:
    - name: 创建目录
      file:
        path: /var/www/{
   
   { app_name }}
        state: directory

In this example, app_namea variable specifying the name of the application. A variable can be defined in the Playbook through varsthe keyword, and then this variable can be used in the task. This makes Playbooks more versatile and easy to modify and manage.

Variables can be obtained from within Ansible Inventory, or from external files or commands. Using variables can make Playbook more flexible and adapt to different environments and needs.

Host Management and Organization

1. Define the host inventory file (Inventory)

The host inventory file is one of the core of Ansible configuration, it is used to define the hosts and host groups that Ansible will manage and operate. Host inventory files allow us to organize hosts, assign variables, and apply different actions to different groups of hosts.

Example: Simple Host Inventory File

iniCopy code[webserver]
server1 ansible_host=192.168.1.10 ansible_user=admin ansible_ssh_pass=123456
server2 ansible_host=192.168.1.11 ansible_user=admin ansible_ssh_pass=123456

[database]
db1 ansible_host=192.168.1.20 ansible_user=dbadmin ansible_ssh_pass=dbpassword

In this example, we define two hostgroups: webserverand database. There are corresponding hosts under each host group, as well as the connection information of the hosts, such as IP addresses, user names, and passwords. This information will be used to connect to the host to perform tasks.

2. Organize and use hosts in Playbook

In Ansible Playbook, we can execute tasks based on host organization and variable settings. This makes it possible to apply different configurations and actions to different groups of hosts.

Example: Using Host Organizations and Variables in Playbooks

---
- name: 配置 Web 服务器
  hosts: webserver
  tasks:
    - name: 安装 Apache
      apt:
        name: apache2
        state: present

- name: 配置数据库
  hosts: database
  tasks:
    - name: 安装 MySQL
      apt:
        name: mysql-server
        state: present

In this example, we define two Playbooks, one for configuring the web server and one for the database. With hoststhe keyword, we specify which host group each Playbook should execute on. In this way, we can execute different tasks for different host groups to achieve more flexible configuration management.

In Ansible, host management and organization are very important. Hosts can be grouped according to actual needs and variables can be assigned for better management and task execution.

characters and screenplay

1. Ansible role overview

Ansible roles are a mechanism for organizing and encapsulating tasks and variables in Ansible Playbooks, making configuration management more modular and reusable. By encapsulating a set of tasks, variables, and templates in a role, we can reuse these roles in multiple Playbooks for better code reuse and maintainability.

2. Create and organize Ansible roles

Creating an Ansible role typically involves the following steps:

1. Create a role directory: In an Ansible project, you can create a directory dedicated to storing roles, which is usually located rolesunder the project directory.
2. Define the structure of a role: A role usually includes subdirectories such as tasks, vars, files, templatesetc., which are used to store resources such as tasks, variables, files, and templates, respectively.
3. Write role tasks: tasksWrite task files in the directory to define the operation and configuration of roles.
4. Variables that define roles: varsDefault variables for roles can be defined under the directory, and these variables can also be overridden in the Playbook.
5. Use roles: Reference roles in Playbook and apply them to specific host groups or hosts.

Example: Create and use Ansible roles

my_project/
|-- roles/
|   |-- webserver/
|   |   |-- tasks/
|   |   |   |-- main.yml
|   |   |-- vars/
|   |   |   |-- main.yml
|-- my_playbook.yml

In this example, we create a webserverrole called to configure the web server. The role directory includes tasksand varssubdirectories , which are used to store tasks and variables respectively. In the Playbook my_playbook.yml, we can reference this role and apply it to the specified host group.

Using Ansible roles can well encapsulate the logic and modules of configuration management, making the Playbook clearer and more concise, and also facilitating the reuse and maintenance of roles.

Deploy application and configuration

1. Deploy the application using Ansible

In operations, automating the deployment of applications is a critical task. Ansible provides a wealth of modules and functions that can help us automate the deployment of applications. The following are the general steps to deploy an application:

1. Download code: Download the source code of the application from the code repository using the modules provided by Ansible (eg git, , etc.).svn
2. Install dependencies: Install dependencies required by the application through Ansible modules (eg yum, , etc.).apt
3. Configuration file: Deploy the prepared configuration file to the target host, which can be copyachieved by using Ansible modules or templates.
4. Start the application: Use Ansible modules (eg command, systemdetc.) to start the application.
5. Validate Deployment: Verify that the deployment of the application was successful through appropriate check mechanisms (such as port detection, API calls, etc.).

2. Configuration for different environments

In real operation and maintenance scenarios, we usually need to deploy applications to different environments, such as development, testing, production, etc. Each environment may have different configuration requirements, such as database connection, log level, debug mode, etc. With Ansible, different configurations can be applied depending on the environment. The specific implementation methods include:

• In Ansible's host list file, host groups are defined for different environments, such as [dev], [test], [prod].
• In roles or playbooks, different configuration files or variable files are referenced depending on the host group.
• Through Ansible's whenconditional judgment, different configurations are applied in the Playbook according to different environments.

In this way, we can flexibly apply appropriate configurations to different host groups according to the needs of different environments, thereby realizing the separation of configurations and the isolation of environments.

Automation and Batch Operations

1. Ansible's automation capabilities

Ansible is a powerful automation tool that can help operations teams automate tasks such as deployments, configuration updates, and system maintenance. By writing Ansible Playbook, you can describe the desired state of the system, and then Ansible will automatically update the system configuration to this desired state, thereby realizing automation.

2. Write a cron job

Cron is a tool for performing tasks on a regular basis, and is often used for automated timing tasks in operation and maintenance. We can use Ansible to write and manage Cron tasks such as periodic backups, log cleanup, and more. Here is an example of writing a cron job:

- name: 添加定时备份任务
  cron:
    name: "Backup My App"
    minute: "0"
    hour: "3"
    job: "bash /path/to/backup_script.sh"

The above Ansible Playbook executes /path/to/backup_script.shthe script every day at 3 AM.

3. Automate backup and batch operations

Automated backups and batch operations are also possible with Ansible. We can write Playbook to perform backup tasks regularly to protect important data. In addition, Ansible's Ad-Hoc commands and Playbook both support simultaneous operation of multiple hosts, which can meet the needs of batch operations. For example, the following playbook can execute commands on multiple hosts at the same time:

- name: 在多台主机上执行命令
  hosts: my_group
  tasks:
    - name: 执行命令
      command: echo "Hello from Ansible"

The above playbook my_groupexecutes the command on all hosts in the hostgroup echo "Hello from Ansible".

Through these automation and batch operation functions, Ansible can greatly improve the efficiency of operation and maintenance, reduce the workload of manual operations, and ensure the consistency and reliability of tasks.

Common Ansible use cases

Ansible is a versatile automation tool suitable for many different operational scenarios. Below we will analyze the application of Ansible in several common use cases, and show how it can improve efficiency, reduce manual operation and ensure consistency through practical cases.

1. Infrastructure automation

In infrastructure automation, Ansible can be used to automate the configuration, initialization, and deployment of servers and network devices. For example, Ansible makes it easy to create and configure large numbers of virtual machines, physical servers, and cloud instances, ensuring they are all configured according to a consistent standard. At the same time, Ansible can assist in the automatic configuration of network devices, such as switches and routers.

actual case:

- name: 配置服务器
  hosts: my_group
  tasks:
    - name: 安装必要的软件包
      apt:
        name: "{
   
   { item }}"
      with_items:
        - nginx
        - mysql
        - php

    - name: 启动服务
      service:
        name: "{
   
   { item }}"
        state: started
      with_items:
        - nginx
        - mysql
        - php-fpm

The above Ansible Playbook can automatically my_groupinstall and start nginx, mysql and php-fpm services on all hosts in the host group.

2. Application deployment

Ansible excels at application deployment. By writing Ansible Playbook, the automatic deployment, update and upgrade of applications can be realized. This is especially important in continuous integration and continuous deployment, which can improve delivery efficiency and ensure application consistency and reliability.

actual case:

- name: 部署应用
  hosts: my_app_servers
  tasks:
    - name: 从 Git 下载代码
      git:
        repo: https://github.com/my_org/my_app.git
        dest: /path/to/app
        version: master
      notify:
        - restart my_app

    - name: 安装依赖
      command: npm install
      args:
        chdir: /path/to/app

  handlers:
    - name: 重启应用
      service:
        name: my_app
        state: restarted

The above Ansible Playbook can automatically download application code from Git, and deploy and install dependencies on the application server. When the application code is updated, it will automatically trigger the restart of the application.

3. Configuration Management

Configuration management is another big use case for Ansible. It can help manage large-scale configuration files and ensure configuration consistency between different hosts and applications. Through Ansible, you can easily manage various configurations, such as system configuration, application configuration, database configuration, etc.

actual case:

- name: 配置数据库连接
  hosts: my_app_servers
  tasks:
    - name: 创建数据库配置文件
      template:
        src: db_config.j2
        dest: /path/to/app/db_config.ini
      notify:
        - restart my_app

  handlers:
    - name: 重启应用
      service:
        name: my_app
        state: restarted

The above Ansible Playbook can automatically create a configuration file for the database connection on the application server and trigger a restart of the application when the configuration file is changed.

Through the above actual cases, we can see the application scenarios of Ansible in infrastructure automation, application deployment, and configuration management. It can help the operation and maintenance team improve efficiency, reduce manual operations, ensure configuration consistency, and make the system more stable and reliable.

Ansible Best Practices and Performance Optimization

When using Ansible for configuration management and automating deployments, following best practices can improve code maintainability, readability, and performance. In addition, it is also important to optimize the execution performance of Ansible to improve efficiency and responsiveness. Here are some Ansible best practices and performance optimization tips:

1. Directory Structure and Organization

• Organize Ansible projects by features, environments, or projects.
• Use a clear directory structure, such as inventoryhost inventory, playbooksplaybook files, rolesroles, etc.
• Use reasonable naming conventions to make file and variable names readable.

2. Use version control

• Incorporate Ansible projects into a version control system (such as Git) to ensure traceable history.
• Use version tags and branches to manage configuration for different environments.

3. Using Ansible Galaxy

• Ansible Galaxy is a platform for sharing and managing Ansible roles.
• Search and use existing roles in Ansible Galaxy to avoid reinventing the wheel.

4. Using variables and templates

• Use variables to manage configurable items, making configuration information easy to modify and maintain.
• Use Jinja2 templates to dynamically generate configuration files, making configuration files flexible.

5. Concurrent execution

• For appropriate tasks and scripts, enable Ansible's concurrent execution mode to improve task execution efficiency.
• Control the number of concurrency by configuring forksparameters, but be careful not to affect system performance too much.

6. Optimize Playbook execution time

• Breaking down large playbooks into smaller roles and plays can help reduce execution time.
• Use the asynchronous execution mode to process tasks that take a long time to improve the overall execution efficiency.

7. Avoid unnecessary tasks

• Regularly review and clean up tasks and roles that are no longer needed to reduce unnecessary execution and resource consumption.

8. Control Ansible output

• When executing a command, use -vparameters to control the verbosity of the output to avoid too much output affecting readability.

A platform for sharing and managing Ansible roles.

• Search and use existing roles in Ansible Galaxy to avoid reinventing the wheel.

4. Using variables and templates

• Use variables to manage configurable items, making configuration information easy to modify and maintain.
• Use Jinja2 templates to dynamically generate configuration files, making configuration files flexible.

5. Concurrent execution

• For appropriate tasks and scripts, enable Ansible's concurrent execution mode to improve task execution efficiency.
• Control the number of concurrency by configuring forksparameters, but be careful not to affect system performance too much.

6. Optimize Playbook execution time

• Breaking down large playbooks into smaller roles and plays can help reduce execution time.
• Use the asynchronous execution mode to process tasks that take a long time to improve the overall execution efficiency.

7. Avoid unnecessary tasks

• Regularly review and clean up tasks and roles that are no longer needed to reduce unnecessary execution and resource consumption.

8. Control Ansible output

• When executing a command, use -vparameters to control the verbosity of the output to avoid too much output affecting readability.

By following the above best practices and performance optimization techniques, you can make Ansible more efficient and reliable in configuration management and automated deployment, improve operation and maintenance efficiency, and reduce potential problems and errors.