In the first chapter, you identified how to take ownership of the installation of a wiki and how to approach automating its deployment: by breaking down the architecture, installation, and configuration steps. In the end, you choose an automation tool that suits your needs: Ansible.
In this chapter, you’ll learn how to use the Ansible management tool, how to automatically deploy MediaWiki to 2 servers with Ansible, and how to install Ansible in a virtual work environment.
Discover Ansible
What is Ansible?
Ansible is a computer automation tool written in Python. It can configure systems, deploy software, and orchestrate advanced computing tasks, such as continuous deployments.
Its creator is Michael DeHaan; the first version of Ansible dates back to 2012. Since then, Ansible has been constantly expanding, and a major release is released approximately every two months.
The name Ansible is taken from a science fiction novel written by Ursula Le Guin, which refers to a means of communication faster than light.
Meanwhile, Ansible was acquired in 2015 by Red Hat; The community has more than 3,500 contributors.
Red Hat was acquired by IBM in 2018. So, Ansible is now owned by IBM.
Complete your technical architecture for Ansible
Your technical architecture is currently made up of 2 servers. You’ll add a new server that will become your Ansible control tower.
So your architecture now looks like this:
- two servers (Apache and MySQL); in Ansible jargon, these servers are called nodes ;
- A control server, called a Node Manager. This is the server on which the Ansible tools will be installed and from which configuration operations will be launched remotely on the nodes:
A node (or managed node, or host) is a workstation connected to the node manager via SSH, and on which Ansible will push automation tasks. Ansible is not installed on nodes.
A node manager, or control node, is a workstation that controls nodes through its SSH connection. It has an Ansible version installed to push automation tasks to them through commands and . It can be any Linux machine, but not Windows.
ansible
ansible-playbook
Ansible is an agentless tool, meaning it does not install an agent on nodes. It therefore works in push mode: it pushes the installations on the nodes. To do this, it only uses the tools already present on most Linux systems: SSH and Python.
The opposite of push mode is pull mode. For example, an app marketplace like the Play Store or Apple’s AppStore are pull systems: the customer (the smartphone) pulls apps or updates to it.
In this course, you will use your computer as a Node Manager. But in practice, it is advisable to have a reference server on which you set up an always-up and secure automation environment that can connect to the nodes in your infrastructure. Plus, if you’re working together on the company’s infrastructure with Ansible, it’s much easier to control access and scripting from a single point.
Manage your configurations with the Node Manager
You ask the sysadmin to create a new Debian 11 server for you, which will become the node manager.
That’s a good thing, because the sysadmin is available to do it right away and takes the opportunity to provide you with the IP addresses of all the servers and their root accounts; You will be able to work on the Node Manager:
- node manager : 192.168.122.10 (Debian 11) ;
- server 1: 192.168.122.11 (Debian 11);
- Server 2: 192.168.122.12 (Debian 11).
At this point, you should have 3 servers available that communicate on the 192.168.122.0/24 subnet and are able to exit and resolve over the Internet.
The node manager is going to be your control tower. There, you’ll install Ansible and all its tools, to automatically deploy MediaWiki to nodes.
The node manager and nodes can have different operating systems. The node manager can be a Debian system, and the nodes can be CentOS, Windows, Ubuntu or other systems. There is no correlation between the node manager system and the node system.
So on the node manager, you’ll find Ansible tools and automation scripts. All scripts will be run from the node manager. This will have the effect of performing remote configuration operations on the nodes.
Install Ansible
Install Ansible on the node manager
You’ll install Ansible on your node manager. There are several ways to install Ansible:
- via software packages on a Linux system;
- via pip of Python in a virtualenv or not;
- via official sources (Archives or Git) maintained by Red Hat.
Ansible can be installed with all three methods natively on UNIX-like systems (Linux or macOS).
For Windows, you will need to use a Cygwin-type Unix emulator to install Ansible.
Install the prerequisites
Installing Ansible on the node manager (a Debian server) will be done with the Python pip method in a virtualenv.
A virtualenv is a Python tool that allows you to create isolated virtual work environments. Virtualenv creates a folder that contains the Python executable files, and a copy of the pip library.
pip is a package management system used to install and manage software packages written in Python.
With this method, you create a siloed virtual working environment, where you can install the Ansible version of your choice (based on the Ansible release repository).
With each release of the latest version of Ansible, there are new features and deprecations; therefore, it is important to test the compatibility of your scripts before updating the Ansible tools. With virtualenv it’s very convenient! For example, you can create one virtualenv per version of Ansible.
On Debian, for example, the package available to install Ansible is not the latest version (Debian prioritizes security and stability over novelty, it’s a bias!). This is sometimes a disadvantage when you were waiting for a feature that had just been released but was not available as an upgrade on Debian. The pip method allows you to get rid of this and have the latest version of Ansible.
Log in to the root node manager:
$ ssh seb@192.168.122.10 Linux node-manager 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linus comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. seb@node-manager:~$ su - root Mot de passe : root@node-manager:~#
Install the python-virtualenv package, which will create virtual workspaces: virtualenv.
You will benefit from installing the sshpass package which will later be used to connect via SSH with Ansible.
$ apt install python3.11-venv sshpass
To the question “Continue?”, answer 0ui, and the installation of python-virtualenv and sshpass starts.
Create a single user
To avoid working as root on the node manager (it’s really not recommended, the root account can do everything without any limits, a mistake can happen quickly!), so you’re going to create a simple user-ansible user:
# adduser user-ansible Ajout de l'utilisateur « user-ansible » ... Ajout du nouveau groupe « user-ansible » (1001) ... Ajout du nouvel utilisateur « user-ansible » (1001) avec le groupe « user-ansible » ... Création du répertoire personnel « /home/user-ansible »... Copie des fichiers depuis « /etc/skel »... Entrez le nouveau mot de passe UNIX : Retapez le nouveau mot de passe UNIX : passwd: password updated successfully Changing the user information for user-ansible Enter the new value, or press ENTER for the default Full Name []: user-ansible Room Number []: Work Phone []: Home Phone []: Other []: Cette information est-elle correcte ? [O/n]
Enter a password, confirm it, fill in the requested information, and then confirm with Yes.
Now that the user is created, you can use it with the following command:
# su - user-ansible user-ansible@node-manager:~$
You are now working with the user-ansible user on the node-manager.
The command line starts with a # when you’re root, and a $ when you’re a single user.
Create your virtual work environment
As noted above, you will use a virtual work environment to compartmentalize the installation and execution of Ansible. This will allow you to manage dependencies with the Python version and install a particular version of Ansible.
You will install the latest version of Ansible.
You then create a virtual work environment called Ansible.
The name is arbitrary. You can put whatever you want, but giving meaning to what you do is better.
On the node manager, run the following command:
user-ansible@node-manager:~$ virtualenv ansible created virtual environment CPython3.9.2.final.0-64 in 143ms creator CPython3Posix(dest=/home/user-ansible/ansible, clear=False, no_vcs_ignore=False, global=False) seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/home/user-ansible/.local/share/virtualenv) added seed packages: pip==20.3.4, pkg_resources==0.0.0, setuptools==44.1.1, wheel==0.34.2 activators BashActivator,CShellActivator,FishActivator,PowerShellActivator,PythonActivator,XonshActivator
You use the virtualenv command to create the ansible environment in which the tools, resources, and package manager are installed.
To activate the virtual environment, you need to activate the source:
$ user-ansible@node-manager:~$ source ansible/bin/activate (ansible) user-ansible@node-manager:~$ (ansible) user-ansible@node-manager:~$
The prompt has changed to . Which means you’re in the Ansible virtual work environment. (ansible) user-ansible@node-manager:~$
Install Ansible in your virtual environment
Now install Ansible with pip with the following command:
(ansible) user-ansible@node-manager:~$ pip install ansible Collecting ansible Downloading ansible-5.3.0.tar.gz (38.0 MB) |████████████████████████████████| 38.0 MB 4.6 MB/s Collecting ansible-core~=2.12.2 Downloading ansible-core-2.12.2.tar.gz (7.8 MB) |████████████████████████████████| 7.8 MB 5.4 MB/s Collecting PyYAML Downloading PyYAML-6.0-cp39-cp39-manylinux_2_5_x86_64.manylinux_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (661 kB) |████████████████████████████████| 661 kB 4.6 MB/s Collecting cryptography Downloading cryptography-36.0.1-cp36-abi3-manylinux_2_24_x86_64.whl (3.6 MB) |████████████████████████████████| 3.6 MB 4.6 MB/s Collecting jinja2 Downloading Jinja2-3.0.3-py3-none-any.whl (133 kB) |████████████████████████████████| 133 kB 4.5 MB/s Collecting packaging Downloading packaging-21.3-py3-none-any.whl (40 kB) |████████████████████████████████| 40 kB 3.2 MB/s Collecting resolvelib<0.6.0,>=0.5.3 Downloading resolvelib-0.5.4-py2.py3-none-any.whl (12 kB) Collecting cffi>=1.12 Downloading cffi-1.15.0-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (444 kB) |████████████████████████████████| 444 kB 4.7 MB/s Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) |████████████████████████████████| 118 kB 4.6 MB/s Collecting MarkupSafe>=2.0 Downloading MarkupSafe-2.0.2-cp39-cp39-manylinux2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (30 kB) Collecting pyparsing!=3.0.5,>=2.0.2 Downloading pyparsing-3.0.7-py3-none-any.whl (98 kB) |████████████████████████████████| 98 kB 2.0 MB/s Building wheels for collected packages: ansible, ansible-core Building wheel for ansible (setup.py) ... done Created wheel for ansible: filename-ansible-5.3.0-py3-none-any.whl size=63194604 sha256=316aaaca8572c23ef102401b45f767980781721bcc061bc85ddb4c52cddc4c75 Stored in directory: /home/user-ansible/.cache/pip/wheels/56/28/79/5c9b383eaa4201d55d5496aa4f966afffc4a54c54de7b987aa Building wheel for ansible-core (setup.py) ... done Created wheel for ansible-core: filename=ansible_core-2.12.2-py3-none-any.whl size=2073804 sha256=bc1d4ad7c9f01baa1d45cbad925393171865ba3ae85155e85b486ed039266fdb Stored in directory: /home/user-ansible/.cache/pip/wheels/08/5b/f9/4d61b8eb8920eee229f520e7f61027df5c13e433c09ade1e29 Successfully built ansible ansible-core Installing collected packages: pycparser, pyparsing, MarkupSafe, cffi, resolvelib, PyYAML, packaging, jinja2, cryptography, ansible-core, ansible Successfully installed MarkupSafe-2.0.1 PyYAML-6.0 ansible-5.3.0 ansible-core-2.12.2 cffi-1.15.0 cryptography-36.0.1 jinja2-3.0.3 packaging-21.3 pycparser-2.21 pyparsing-3.0.7 resolvelib-0.5.4
Be sure to check that the prompt is (ansible) user-ansible@node-manager:~$ before running the commands.
Check the version of Ansible with the following command:
(ansible) user-ansible@node-manager:~$ ansible --version ansible [core 2.12.2] config file = None configured module search path = ['/home/user-ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/user-ansible/ansible/lib/python3.9/site-packages/ansible ansible collection location = /home/user-ansible/.ansible/collections:/usr/share/ansible/collections executable location = /home/user-ansible/ansible/bin/ansible python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] jinja version = 3.0.3 libyaml = True
Everything is OK, Ansible is installed!
Check your installation
In the bin directory of your virtual environment, you can see that you have 11 Ansible tools installed:
$ ls ansiblebin/ansible* -l ansible ansible-config ansible-connection ansible-console ansible-doc ansible-galaxy ansible-inventory ansible-playbook ansible-pull ansible-test ansible-vault
Let’s take a closer look at three of them:
- ansible: This command allows you to perform Ansible actions in ad-hoc mode (from the command line);
- ansible-config: This command is used to manage the configuration of Ansible:
- If you run the $ansible-config list command, you’ll list the Ansible configuration. All of these variables are contained in ./lib/pythonX.Y/site-packages/ansible/constants.py ;
- ansible-doc: This command is used to get help using Ansible; The documentation is very well done, it’s quite practical to guide you when you start, especially since you can find concrete examples.
Summary
In this chapter, you’ve learned about automation with Ansible, and more specifically:
- The genesis of Ansible ;
- Ansible architecture with node manager and nodes ;
- How to Install Ansible in a Virtual Workplace ;
- three fundamental tools that make up a part of Ansible tools.