Ansible

The Practical Guide for Administrators and DevOps Teams

Información

• Editorial: SAP PRESS
• Autores: Axel Miesen
• Año: 2025
• Edición: 1
• Páginas: 474
• Idiomas: Inglés

Descripción

If you want to keep your servers in order, Ansible is the tool of choice! In this practical guide, you’ll learn how to use Ansible to automate server configuration, software deployment, and more. Start by installing Ansible and setting up your initial inventory management process. Then, follow step-by-step instructions for system orchestration, from the basics of playbooks and tasks to using Ansible with Docker. With expert tips and best practices for testing, debugging, and more, this is your all-in-one guide to automating with Ansible!

• Install and set up Ansible on control nodes and target nodes
• Create playbooks using YAML and learn to use tags, variables, loops, and more
• Work with modules, collections, and roles

Aspectos Destacados

• Basic setup
• Inventory management
• Ad-hoc commands and patterns
• YAML
• Playbooks, tasks, and plays
• Modularization
• Roles
• Includes
• Module library
• Web interfaces
• Docker
• Custom collections and modules

Aprenderás sobre

• Ansible Basics:
  Install Ansible on your control and target nodes. Set up your initial inventory management process and use ad-hoc commands and YAML to start configuring and automating your tasks.
• Playbooks, Modules, and Roles:
  Master complex deployments by storing tasks in structured playbooks and modules and then organizing tasks into reusable automated roles. Get hands-on practice with downloadable playbooks and configuration files.
• Advanced Topics:
  Get advice from the experts on more advanced topics: understanding declarative and imperative configuration management, setting up web interfaces, using Ansible on the cloud, and more. Discover recipes, how-tos, and best practices to round out your Ansible skills.

Tabla de Contenidos

• Preface

• About This Book
• Formatting
• Ansible Versions
• Platforms and Linux Distributions

• 1 Introduction and Installation
• 1.1 What Is Ansible?
• 1.1.1 Basic Features
• 1.1.2 Core Components
• 1.1.3 Declarative or Imperative?
• 1.2 What Is Ansible Not?
• 1.3 History and Versions
• 1.3.1 Versions
• 1.3.2 Supported Python Versions
• 1.4 Setup/Lab Environment
• 1.5 Ansible Installation on the Control Host
• 1.6 Installation via PIP (plus virtualenv)
• 1.7 Authentication and Authorization on Target Hosts
• 1.8 Setting Up SSH Public Key Authentication
• 1.9 An Ad Hoc Test without Any Configuration
• 1.10 Another Note on Migrating from Older Versions

• 2 Basic Setup and Initial Inventory Management
• 2.1 Setting Up the Directory Structure
• 2.2 Basic Configuration (ansible.cfg)
• 2.3 Creating and Managing a Static Inventory
• 2.4 Configuration Settings versus Parameters versus …?
• 2.5 Inventory Aliases and Namespaces
• 2.6 Beyond Ping
• 2.7 A Somewhat More Complex Example
• 2.8 Alternative or Multiple Inventories

• 3 Ad Hoc Commands and Patterns
• 3.1 Ad Hoc Commands
• 3.1.1 The “command” Module
• 3.1.2 The “shell” Module
• 3.2 Use Cases Beyond “command” and “shell”
• 3.3 Idempotency
• 3.4 Internal Workings
• 3.4.1 Parallel Execution
• 3.4.2 Persistent Connections
• 3.4.3 What Happens When a Module Is Called?
• 3.5 The Ansible Console
• 3.6 Patterns for Addressing Hosts

• 4 YAML: The Configuration and Serialization Language
• 4.1 Syntax and Structure
• 4.2 Editing YAML Files
• 4.2.1 vim
• 4.2.2 nano
• 4.2.3 Emacs
• 4.2.4 Notepad++
• 4.3 Syntactic Checks
• 4.4 Lists and Maps
• 4.5 Nested Structures
• 4.6 Text Passages and Block Expressions
• 4.6.1 Variations
• 4.6.2 Long Texts without Line Breaks
• 4.7 Nothingness in YAML
• 4.8 Anchors and References

• 5 Playbooks and Tasks: The Basics
• 5.1 Hello Ansible: The Very First Playbook
• 5.1.1 Relative Paths in Playbook Calls
• 5.1.2 Addressing the Actual Target Hosts
• 5.2 Formulation of Tasks
• 5.3 Ending Plays
• 5.4 The Problematic Colon
• 5.5 Error Handling and Retrying Files
• 5.6 Tags
• 5.7 The “ansible-playbook” Command
• 5.8 An Example of an Apache Installation
• 5.8.1 Step by Step
• 5.8.2 The Complete Playbook
• 5.8.3 “–start-at-task, “–check,” and “–diff”
• 5.9 Handler: Executing Tasks Only on Changes
• 5.9.1 Step by Step Execution
• 5.9.2 Handlers
• 5.9.3 The Complete Playbook up to This Point

• 6 Playbooks and Tasks: Advanced Methods
• 6.1 Variables
• 6.1.1 Play Vars
• 6.1.2 Extra Vars
• 6.1.3 Precedence
• 6.1.4 “set_fact”
• 6.1.5 “group_vars”
• 6.1.6 “host_vars”
• 6.1.7 “vars_files”: Variables in Any External Files
• 6.1.8 Prompting
• 6.1.9 Accessing Complex Structures
• 6.1.10 “assert” Tests
• 6.2 Registered Variables
• 6.3 Facts and Implicit Variables
• 6.3.1 Facts
• 6.3.2 Caching of Facts
• 6.3.3 Implicit Variables
• 6.3.4 Example
• 6.3.5 External Information Gatherers: “facter” and “ohai”
• 6.3.6 Not Enough Facts Yet? Try “/etc/ansible/facts.d”!
• 6.4 Conditional Execution with “when”
• 6.5 Handling System Differences: What’s the Deal Now?
• 6.5.1 The Clumsy Method
• 6.5.2 The Solid Method
• 6.5.3 The Tricky Method
• 6.5.4 The Modular Method
• 6.5.5 The Complete Playbook up to This Point
• 6.6 Jinja and Templates
• 6.6.1 Definition: Templates and Template Engines
• 6.6.2 An Individual Homepage for Our Apache Servers
• 6.6.3 Quick Testing of Jinja Templates
• 6.6.4 Jinja Syntax: Output Expressions, Statements, and Comments
• 6.6.5 Filter
• 6.6.6 Whitespace Control
• 6.6.7 Macros
• 6.7 Variable Tests
• 6.8 Lookup Plug-ins
• 6.9 Loops
• 6.9.1 “with_*” Loops Are Lookups
• 6.9.2 Iteration Over a List with “with_items” or “with_list”
• 6.9.3 Iteration Over a Map with “with_dict”
• 6.9.4 Iteration Over a Generated Sequence with “with_sequence”
• 6.9.5 Looping Over the Combination of Two Lists with “with_nested”
• 6.9.6 Looping Over Two Parallel Lists with “with_together”
• 6.9.7 Nested Loops with “with_subelements”
• 6.9.8 Repeating Tasks with “until”
• 6.9.9 More Control with “loop_control”
• 6.9.10 “register” plus Loop
• 6.10 Error Handling with “failed_when” and “ignore_errors”
• 6.11 Blocks
• 6.12 Timeouts and Asynchronous Execution
• 6.13 Local Tasks
• 6.13.1 “local_action”
• 6.13.2 Using Other Hosts
• 6.14 Environment Variables
• 6.14.1 Setting Environment Variables with the “environment” Parameter
• 6.14.2 Reading Environment Variables
• 6.14.3 Environment Variables in “path” or “dest” Attributes

• 7 Using Modules and Collections
• 7.1 Collections
• 7.1.1 A Minimal Environment with “ansible-core”
• 7.1.2 Managing Collections
• 7.1.3 The Fully Qualified Collection Name
• 7.1.4 Interim Conclusion
• 7.2 Module
• 7.3 Modules for Command Execution
• 7.3.1 “command”: Executing Commands
• 7.3.2 “shell”: Executing Commands via a Shell
• 7.3.3 “raw”: Executing Commands without the Python Subsystem
• 7.3.4 “script”: Transferring and Executing Local Scripts
• 7.4 Modules for Package Management
• 7.4.1 “apt”: Package Management on Debian/Ubuntu Systems
• 7.4.2 “dnf” and “yum”: Package Management on Rocky, CentOS, Red Hat, and Fedora Systems
• 7.4.3 “community.general.zypper”: Package Management on SUSE Systems
• 7.4.4 “package”: Generic Package Management
• 7.4.5 “package_facts”: Representing Package Information as Facts
• 7.4.6 Some Other (Not Further Described) Modules
• 7.5 Modules for Managing Files and File Contents
• 7.5.1 “copy”: Copying and Uploading Files
• 7.5.2 “template”: Processing Files with Jinja and Uploading
• 7.5.3 “file”: Managing Files and File Attributes
• 7.5.4 “stat”: Obtaining Information about Files
• 7.5.5 “lineinfile”: Managing Lines in Text Files
• 7.5.6 “blockinfile”: Managing Text Passages in Files
• 7.5.7 “replace”: Searching and Replacing in Text Files
• 7.5.8 “unarchive”: Uploading and Extracting Archives
• 7.5.9 Some Other (Not Further Described) Modules
• 7.6 Modules for Other Typical Administrative Tasks
• 7.6.1 “service”: Starting, Stopping, and Restarting Services, Etc.
• 7.6.2 “service_facts”: Presenting Service Information as Facts
• 7.6.3 “cron”: Managing Cron Jobs
• 7.6.4 “hostname”: Changing the Hostname
• 7.6.5 “user” and “group”: User and Group Management
• 7.6.6 “ansible.posix.firewalld”: Managing firewalld-Based Firewalls
• 7.6.7 “reboot”: Rebooting Machines
• 7.6.8 Some Other (Not Further Described) Modules
• 7.7 Modules for Interacting with Network Services
• 7.7.1 “get_url”: Downloading Resources
• 7.7.2 “uri”: Communicating with Web Services
• 7.7.3 “git”: Interacting with Git Servers
• 7.8 Special Modules (Control Flow Management, Etc.)
• 7.8.1 “meta”: Triggering Various Ansible Actions
• 7.8.2 “debug”: Generating Output during Playbook Runs
• 7.8.3 “fail”: Triggering a Failure
• 7.8.4 “pause”: Pausing and Optionally Reading Input
• 7.8.5 “wait_for”: Waiting for Certain Events
• 7.8.6 “wait_for_connection”: Waiting Until a Target Host Is Reachable
• 7.8.7 “assert”: Ensuring that Certain Conditions Are Met
• 7.8.8 “set_fact”: Setting Variables during Runtime

• 8 Modularization with Roles and Includes
• 8.1 Creating and Using Roles
• 8.1.1 The Concept of Roles in Ansible
• 8.1.2 A Simple Example of a Role
• 8.1.3 Using Roles in a Playbook
• 8.1.4 Plays with Roles and Tasks, “pre_tasks” and “post_tasks”
• 8.1.5 Dependencies between Roles
• 8.1.6 Choosing Other Startup Files
• 8.1.7 Creating New Roles with “ansible-galaxy”
• 8.2 The Online Ansible Galaxy Repository
• 8.3 Using Imports and Includes
• 8.3.1 “import_tasks” and “include_tasks”
• 8.3.2 “include_tasks” and Tags
• 8.3.3 Dynamic Loading of Variables with “include_vars”
• 8.3.4 “import_playbook”
• 8.4 Apache Once Again
• 8.5 Documentation (and Conventions)
• 8.5.1 “defaults/main.yml” as a Convention
• 8.5.2 “README.md”
• 8.6 Reusing Roles
• 8.6.1 Extending the Directory Structure
• 8.6.2 The Developer’s Situation

• 9 Web Interfaces: AWX and More
• 9.1 Installation of Python Packages on Current Debian and Ubuntu Systems
• 9.2 Ansible Configuration Management Database (“ansible-cmdb”)
• 9.2.1 Usage
• 9.2.2 Deploying the Page
• 9.3 Preparations for Operating More Demanding Applications
• 9.4 The Gitea Git Server
• 9.4.1 Commissioning and Logging In for the First Time
• 9.4.2 Checking In on Our Initial Project
• 9.4.3 Adding »README.md« and Useful Git Commands
• 9.5 AWX
• 9.5.1 Commissioning and First Login
• 9.5.2 Example Usage
• 9.5.3 Execution Environments
• 9.5.4 Conclusion
• 9.6 ARA
• 9.6.1 Test Setup
• 9.6.2 Further Possibilities
• 9.7 Other Applications Not Considered in Detail Here
• 9.7.1 Semaphore
• 9.7.2 Polemarch
• 9.7.3 Jenkins
• 9.7.4 Rundeck
• 9.8 Terminating or Deleting Applications That Are No Longer Needed

• 10 Additional Tools and Techniques
• 10.1 Ansible Vault
• 10.1.1 Before All Technology
• 10.1.2 Getting Started
• 10.1.3 Meaning of the Vault ID
• 10.1.4 Further Vault Commands
• 10.1.5 A Trick for Finding Variables Again
• 10.1.6 Encrypting Individual Variables
• 10.1.7 More Convenience or Automation
• 10.1.8 Convenience and Relative Security with a Password Client Script
• 10.1.9 Convenient and (Preferably) Secure with GNU Privacy Guard plus Pass
• 10.2 Debugging and Troubleshooting
• 10.2.1 Debug Mode and Verbosity Level
• 10.2.2 Improving the Readability of Outputs
• 10.2.3 Gathering Facts Takes Too Long
• 10.2.4 The Playbook Debugger
• 10.2.5 Static Code Analysis with “ansible-lint”
• 10.2.6 Check Mode and Diff Mode
• 10.2.7 Last but Not Least: The “debug” Module
• 10.3 Accelerating Playbooks with Pipelining
• 10.4 The Talking Cow
• 10.5 Ansible in Pull Mode
• 10.5.1 “ansible-pull”: Technique and Requirements
• 10.5.2 Getting Started
• 10.5.3 The Full Solution
• 10.5.4 What Might Still Be Missing?

• 11 Ansible and Docker
• 11.1 Installing Docker
• 11.2 Docker Modules
• 11.2.1 Preparations and Preliminary Considerations
• 11.2.2 A First Simple Example
• 11.2.3 Overview
• 11.3 An Example Application
• 11.4 Ansible and Docker Compose
• 11.4.1 Version Issues
• 11.4.2 Inline Specification with “definition”
• 11.5 The “docker” Connection Plug-in
• 11.6 Creating Images
• 11.6.1 Creating Images with “docker build”
• 11.6.2 “ansible-bender”
• 11.6.3 Creating Images with “ansible-bender”
• 11.6.4 Conclusion

• 12 Inventory Management: Advanced Methods
• 12.1 The “ansible-inventory” Command
• 12.2 Nested Groups
• 12.3 Static Inventories in YAML format
• 12.4 Creating on-the-Fly Inventories with “add_host”
• 12.5 Dynamic Groups with “group_by”
• 12.6 Dynamic and External Inventories
• 12.6.1 Inventory Scripts
• 12.6.2 Using Inventory Plug-ins

• 13 Ansible and the Cloud
• 13.1 Version Issues and virtualenv
• 13.2 Where to Store Keys, Tokens, Secrets, Etc.
• 13.3 Hetzner Cloud
• 13.3.1 Preparations on the Control Host
• 13.3.2 Preparations in the Cloud
• 13.3.3 Using Cloud Modules
• 13.3.4 Provisioning Cloud ervers
• 13.3.5 Inventorying Cloud Servers
• 13.3.6 Further Possibilities of the Inventory Plug-in
• 13.4 Amazon Web Services Elastic Compute Cloud
• 13.4.1 Preparations on the Control Host
• 13.4.2 Preparations in the Cloud
• 13.4.3 Using Cloud Modules
• 13.4.4 Provisioning Cloud Servers
• 13.4.5 Inventorying Cloud Servers
• 13.4.6 Further Possibilities of the Inventory Plug-in
• 13.5 Proxmox Virtual Environment
• 13.5.1 Preparations on the Control Host
• 13.5.2 Preparations in the Proxmox Virtual Environment
• 13.5.3 An Initial Test
• 13.5.4 Provisioning of Virtual Machines
• 13.5.5 Outlook

• 14 Ansible as an Orchestration Tool
• 14.1 Many Target Hosts for Testing
• 14.2 Altering the Sequence of Execution
• 14.2.1 “throttle” and “order”
• 14.2.2 “serial”
• 14.2.3 Faulty Hosts in “serial” Mode
• 14.2.4 Strategy Plug-ins
• 14.3 Delegation

• 15 Ansible and Windows
• 15.1 A Control Host Based on Windows
• 15.1.1 The Windows Subsystem for Linux
• 15.1.2 Cygwin
• 15.2 Windows Targets and Windows Remote Management
• 15.3 Preparations on the Control Host
• 15.4 Prerequisites on the Windows Side and Windows Remote Management Setup
• 15.5 Windows Remote Management Troubleshooting
• 15.6 Setup with an Active Directory and Kerberos
• 15.7 Windows Modules
• 15.7.1 “chocolatey.chocolatey.win_chocolatey”: Package Management with Chocolatey
• 15.7.2 “win_domain_user”: Managing Domain Accounts
• 15.7.3 “win_environment”: Managing Environment Variables
• 15.7.4 “win_regedit”: Managing Registry Entries
• 15.7.5 “win_updates”: Applying Updates

• 16 Callback Plug-ins
• 16.1 Stdout Callback Plug-ins
• 16.2 Aggregate and Notification Callback Plug-ins

• 17 Creating Your Own Collections and Modules
• 17.1 Namespaces, Names, and Setting Up a Collection Project
• 17.1.1 Ansible Project for Manually Testing the Collection
• 17.1.2 Where Is Work Currently Being Done?
• 17.2 Playbooks in Collections
• 17.3 Roles in Collections
• 17.4 Modules in Collections
• 17.4.1 Getting Started
• 17.4.2 Module Parameters
• 17.4.3 Modules with Python: Example Problem Statement
• 17.4.4 An Example Solution
• 17.4.5 Explanations and Further Possibilities
• 17.4.6 Embedded Documentation
• 17.4.7 Outlook
• 17.5 Plug-ins in Collections
• 17.5.1 An Example Callback Plug-in
• 17.5.2 Outlook
• 17.6 Deploying and Installing Collections

• 18 Developing and Testing with Molecule
• 18.1 Preparations and Setup
• 18.2 Getting Started
• 18.3 Develop
• 18.4 Testing with the Ansible Verifier
• 18.5 Testing with the Testinfra Verifier
• 18.6 The Complete Test Cycle
• 18.7 Outlook and Conclusion

• 19 Recipes, How-Tos, and Best Practices
• 19.1 New Projects
• 19.1.1 A Recommended “ansible.cfg”
• 19.1.2 A Template for a New Project
• 19.2 Administration
• 19.2.1 Building Simple Installers
• 19.2.2 Determining the IP Address of a Target Host
• 19.2.3 Managing “firewalld”
• 19.2.4 Applying Linux Software Updates
• 19.2.5 Initial Distribution of SSH keys
• 19.2.6 Passing Passwords on the Command Line
• 19.2.7 Ansible via a Gateway or Jump Host
• 19.3 Jinja Magic
• 19.3.1 Extending Maps or Lists during Runtime
• 19.3.2 Modifying and Combining the Elements of a List
• 19.3.3 Searching in a List of Maps
• 19.3.4 Filtering an Attribute from a List of Maps
• 19.3.5 Generating a Report from Target System Facts
• 19.3.6 Generating Passwords and Password Hashes
• 19.4 Tasks and Control Flow
• 19.4.1 Executing a Task Depending on a Previous Task
• 19.4.2 Executing a Task if the Host Is in a Specific Group
• 19.4.3 Avoiding Redundant Module Parameters with “module_defaults”
• 19.4.4 Dynamically Set Play Hosts
• 19.4.5 Reading Configuration Files
• 19.5 Miscellaneous
• 19.5.1 Simulating Functions
• 19.5.2 Managing Host-Specific Resources

• 20 What Could Be Better, and What Is Still Missing?
• 20.1 Tracking Long-Running Tasks
• 20.2 Finishing the Processing of a Role
• 20.3 Loops over Blocks
• 20.4 Locking with Concurrent Playbook Calls
• 20.5 Conclusion

• Appendices
• A Project-Specific Environment Variables with “direnv”
• A.1 Installation and Shell Integration
• A.2 Usage
• A.3 Aliases and Functions
• A.4 Command Execution Upon Entry
• B The “pass” Password Manager
• B.1 Installation and Preparations
• B.2 Usage
• B.3 Configuring GNU Privacy Guard Agent Cache Times
• C Secure Shell
• C.1 Server-Side Requirements for Using Secure Shell
• C.2 Secure Shell Client Programs
• C.3 Public Key Authentication
• C.4 SSH Agents (Linux Client)
• C.5 PuTTY, PuTTYgen, and Pageant
• C.6 Windows Secure Copy
• C.7 Advanced Configuration and Usage
• C.8 “pssh” or “parallel-ssh”
• D Regular Expressions
• D.1 Motivation
• D.2 Dialects
• D.3 Basics
• D.4 Regular Expressions: Extended Capabilities (Perl Compatible Regular Expressions)
• D.5 Extended Capabilities (Portable Operating System Interface Extended Regular Expressions)
• E “vim” and “nano” Tips and Tricks
• E.1 “vim”
• E.2 “nano”

• The Author

• Index

Descargo de responsabilidad

SAP, otros productos SAP y servicios mencionados aquí así como sus respectivos logos son marca registrada de SAP SE (o una compañía afiliada de SAP) en Alemania y otros países. Nuestra compañía no está afiliada con SAP SE ni con ninguna de sus compañías afiliadas incluyendo pero no limitada a: Sybase, Business Objects, Hybris, Ariba y SuccessFactors. Todos los otros nombres, marcas, logos, etc. son marcas o servicios registrados de sus respectivos propietarios.