# Introduction to Ansible

### Gaussian Engineering

### Jaco du Plessis

### 2019-10-18

# Goals

- high level introduction
- explain concepts and terminology
- understand the value
- where to learn more

# What is Ansible

"Ansible is an open-source software provisioning, configuration management, and application-deployment tool."

Created by Michael DeHaan and acquired by Red Hat in 2015.

# Why use it

- deploy on multiple hosts in parallel
- consistency
- idempotent configuration + retry (reliability)
- variables and templating
- third-party roles
- efficiency
- debugging
- continuous deployment



# When to use

ssh commands -> bash script -> python script -> invoke -> ansible

# How it works

- access hosts using SSH
- remote Python interpreter (can bootstrap)
- YAML configuration
- agentless
- idempotent


# Concepts and Terminology

- idempotence
- hosts
- groups
- modules
- tasks
- playbooks
- inventory
- roles
- tags
- facts
- templates
- vault
- galaxy


## idempotence

Running the same action multiple times always gives the same result.

- not idempotent: `increment a number`
- idempotent: `set value to zero`

## hosts

The machines on which you want playbooks to execute.

Specified in inventory file.

- build.gauseng.com
- amb.gauseng.com
- toolbox.gauseng.com
- 127.0.0.1

## groups

Collections of hosts.

- db servers
- web servers
- app servers

## modules

The "functions" available for execution.

- `tar`
- `pip`
- `apt`
- `command`
- `systemd`

Example: [apt](https://docs.ansible.com/ansible/latest/modules/apt_module.html)

## tasks

A module with specified arguments and variables which is named.

```
- name: Install the package "foo"
  apt:
    name: foo
```

## playbooks

A collection of roles and/or tasks.

Example: a `setup`, `deploy` and `rollback` playbook for app.



## inventory

Specify variables.

- per host
- per group
- dynamic


## roles

A collection of tasks for a given part of infrastructure.

- nginx
- db
- redis
- django
- celery

## tags

Limit task execution.

- "deploy, but don't run migrations"
- There are multiples ways to achieve similar results in Ansible
- Using tags vs separate playbook


## facts

Information about the host.

- OS
- network configuration
- hardware specs
- used with if-logic in tasks and templates


## templates

Jinja2 templates accepted by many modules.

Used in conjuction with variables.



## vault

Symetric AES256 encryption of sensitive variables.

Commit fully-workable playbooks to source control.

```
the_secret: !vault |
      $ANSIBLE_VAULT;1.1;AES256
      62313365396662343061393464336163383764373764613633653634306231386433626436623361
      6134333665353966363534333632666535333761666131620a663537646436643839616531643561
      63396265333966386166373632626539326166353965363262633030333630313338646335303630
      3438626666666137650a353638643435666633633964366338633066623234616432373231333331
      6564
```

## galaxy

Official third-party package index for roles, playbooks and plugins.

Examples

- install and configure VPN
- setup ELK stack


# How to install

- debian: `apt install ansible`
- mac: `brew install ansible`
- other: `pip install ansible`

Configure:

- `/etc/ansible/ansible.cfg`
- `~/.ansible.cfg`
- `./ansible.cfg`

# CLI

- `ansible`
- `ansible-config`
- `ansible-console`
- `ansible-doc`
- `ansible-galaxy`
- `ansible-inventory`
- `ansible-playbook`
- `ansible-pull`
- `ansible-vault`



# Documentation and Resources

Comprehensive and well-written documentation.

- [official docs](https://docs.ansible.com)
- [module index](https://docs.ansible.com/ansible/latest/modules/modules_by_category.html)
- [best practices](https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html)
- [quick start video](https://www.ansible.com/resources/videos/quick-start-video)
- "Ansible for DevOps" - [Jeff Geerling](https://www.jeffgeerling.com/)




# Application at Gauseng

Used for deployment of `Gaussian Analytica` and `Amandelbult Capex Project` Django applications.

# Practical Demo

# Questions