Ansible is free software that allows the deployment and the automation of administration tasks on multiple remote servers at the same time, regardless of their operating system. What is interesting with Ansible, no need to install an agent on the servers, only the deployment of the public key of Ansible server is necessary, because the connections are via ssh.
Installation of Ansible on Debian 9
Nothing very complicated for the installation of Ansible on Debian, because the package is available in the repositories in version 2.2 under Stretch.
apt install ansible
Configuring Ansible
The Ansible configuration files are located in the / etc / ansible directory.
In this article, I would not go into the details of the ansible.cfg configuration file, it will be a subject of a future article.
The first filled file is / etc / ansible / hosts. In this file will be all the servers that will be managed by Ansible. In this file, it is possible to create groups of hosts, which facilitates multiple management.
Several ways to inform the hosts managed by Ansible, either fill in the IP addresses, the FQDN or a hostname. If the choice is the hostname, it must be known from the system, so it will also inform the / etc / hosts file.
- Example of the filled file :
nano /etc/ansible/hosts
- Creating server groups
Generation of private / public keys on the Ansible server:
ssh-keygen
- Copy the public key to the target servers :
ssh-copy-id -i ~/.ssh/id_rsa.pub root@serveur-cible
From now on, Ansible is ready to perform actions on target servers.
Mes premiers test avec Ansible
- ping test on the poller-center group :
ansible -m ping poller-centreon --one-line
- Iinstallation of the debian-goodies package on my Proxmox of the pve_v5 group
ansible -m apt -a 'name=debian-goodies' pve_v5
Playbooks
In the previous example, only the ping command was executed. If you want to run a command or script set, you have to go through playbooks. These playbooks are in format YAML. Playbboks can be placed in a subdirectory, which was not created during the installation of Ansible.
- Creating a subdirectory for playbooks :
mkdir /etc/ansible/playbooks
- Creating a playbooks :
nano /etc/ansible/playbooks/mon_premier_playbooks.yml
- To resume an example of ping :
- hosts: all tasks: - action: ping
Exécution du playbook :
ansible-playbook /etc/ansible/playbooks/mon_premier_playbooks.yml
Example of a playbook a little more complex, dedicated to the update of my pollen Centreon :
- hosts: poller-center
tasks:
- name: centengine engine version
shell: centengine -V | awk '{print $ 5}' | head -n 1
register: release
- name: Update packages
yum: name = * state = latest
- name: Checking the Centengine version after update
shell: centengine -V | awk '{print $ 5}' | head -n 1
register: new_release
- name: Display of the Centengine version
debug: msg = "Centengine version {{new_release.stdout_lines}}"
- name: Notification of the upgrade of the Centengine version
debug: msg = "PVE changed version {{release.stdout}} to {{new_release.stdout}}"
when: release.stdout! = new_release.stdout
- name: verification of services to restart
shell: needs-restarting | awk '{print $ 3}'
register: services
- name: List of services to restart
debug: msg = "{{services.stdout_lines | count}} services to restart ({{services.stdout_lines | join (',')}})"
Running a playbook:
ansible-playbook monplaybook.yml
This playbook will only run on servers that are members of the poller-center group. Namely, the operating system of my poller is CentOS.
