Ansible is an open-source software platform for configuring and managing computers. It combines multi-node software deployment, ad-hoc task execution, and configuration management. It manages nodes over SSH and does not require any additional remote software to be installed on them.
Ansible is written in Python and needs at least version 2.6 on managed nodes or at least the python-simplejson package
$ sudo aptitude install python-simplejson
Now we are going to install Ansible via git
$ sudo aptitude install git python-jinja2 python-yaml python-paramiko
$ cd ~/
$ git clone git://github.com/ansible/ansible.git
Setting Ansible environment
$ source ansible/hacking/env-setup
Reminder: specify your host file with -i
You can add this command at the end of your ~/.bashrc
Listing your hosts and first command
Ansible run a command on one or many hosts. List of hosts must be in a file that we can specify it in option with ––inventory (or -i). We create the file in ~/.ansible/hosts
$ mkdir ~/.ansible
$ vim ~/.ansible/hosts
Insert the IPs or DNS names as well as groups
# Dev group
# web group
# database group
# group of groups we use 'children'
You can run your first command now
$ ansible localhost -i ~/.ansible/hosts --ask-pass -a "hostname"
localhost | success | rc=0 >>
Ansible execute the command hostname on the localhost server listed in ~/.ansible/hosts
To make things easier, you can set environment variable for ANSIBLE_HOSTS to prevent specifying the inventory hosts file each time.
$ vim ~/ansible/hacking/env-setup
Commands on remote servers are executed by the user who launched ansible. To run commands under a different user use ––remote-user (or -u) option.
Option ––ask-pass (or -k) use password authentication of the user that going to execute the command. To make it simpler you can generate SSH pair keys to prevent typing the password each time.
On Ansible host
Add generated key to ssh-agent
$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa_ansible
Now copy the public key to the remote host
$ scp ~/.ssh/id_rsa_ansible.pub UserName@RemoteHost:~/
On the remote host
$ cat ~/id_rsa_ansible.pub >> ~/.ssh/authorized_keys
Now we can simplify our command like this
$ ansible localhost -a "whoami"
$ ansible host1.local -a "df -h" # one host
$ ansible web -a "ls /var/log" # group
$ ansible prod -a "uname -a" # group of groups
$ ansible * -a "hostname" # All hosts
With the “:” character you can combine groups/hosts
$ ansible localhost:192.168.*:dev -a "hostname"
By default Ansible execute the “command” module, with the -m option we can specify to ansible which module to use.
For example these two commands are equivalent
$ ansible localhost -a "whoami"
$ ansible localhost -m command -a "whoami"
Here some modules to do current administration tasks
Changing file’s attribute on host1.local
ansible host1.local -m file -a "path=/usr/src/myfile.txt owner=toto group=toto mode=0600"
Restart Apache service
ansible web -m service -a "name=apache2 state=restarted"
ansible localhost -m apt -a "name=ntop state=installed"
Or copy some file
ansible localhost -m copy -a "src=/tmp/foo.txt dest=/var/test/foo.txt owner=root group=root mode=0600"
Other modules can be used and found in the official documentation, check below links.