In this article I will show you how to setup Ansible on Ubuntu. The goal is to manage Windows with ansible in my environment later. I use it to restore my Citrix Lab in case something goes wrong.
Since this is my first blog entry in English, I ask you to watch out for spelling mistakes. Writing is something else than talking 🙂
Automate everything! A saying I love. I’ve been a friend of it since I’ve been working in large customer environments. It starts with the fact that I prefer to use scripts instead of clicking my way through constantly changing GUIs. I am totally excited about DevOps and Datacenter Automation. So I decided to write a blog series about this topic and share my playbooks with you.
First steps in Automation
Anyone who deals with automation and configuration management will sooner or later also meet Ansible. Ansible is an open source automation tool. A big advantage in my opinion is that no agent must be used here. I’ve picked out some comparisons to other tools for you. For the moment I think this comparison is enough, maybe I will write an article later in which I compare the solutions from my point of view.
Puppet Vs Ansible
Can that be love?
After I did some things with Ansible in the last view weeks I can tell you that this thing is really awesome!
What is supported?
Actually every common system is supported. All kinds of Linux distributions, Windows, Azure, AWS (there was a lot going on in the last project), but also a whole range of appliances and other cloud services.
Let the show begin!
First you download Ubuntu Server. I used Ubuntu Server 18.04.2 LTS. The download link can be found here:
https://ubuntu.com/download/server
You can go through the installation as shown in the pictures. I also installed the OpenSSH server, because I need it later anyway.
Important note: If you use vmware esxi 6.5 in conjunction with Ubuntu 18.04.x, the VM may crash again and again. I had this error in my lab. According to vmware KB the problem is fixed with esxi 6.5 U1. If you can’t update, you can find the KB article here: https://kb.vmware.com/s/article/2151480
When the installation of Ubuntu is complete, restart the server and continue with the installation of Ansible.
Setup Ansible Server
After we have gone through the basic installation of Ubuntu Server, we perform the setup of Ansible on the server. First we specify the repository.
usion_syntax_highlighter theme
Then we update the package index.
Then we update the package index.
Once the package index has been updated, we can install Ansible. All you have to do is confirm with “yes / y” that the space on the disk can be used and the changes are made to the system.
sudo apt-get install ansible
During the installation of Ansible, you will be prompted to restart installed services on the system. You have to confirm this with “yes”. After that the setup process will continue.
Once we setup Ansible, we will install python. Here you have to confirm the query for the disk space with “yes” or “y” again.
sudo apt install python-pip
Additionally we install the WinRM module for python. This allows us to manage our Windows machines via WinRM and to run the Playbooks on the remote systems.
sudo pip install pywinrm
The required services are now installed on our Ubuntu server.
Configure Ansible Environment
So that Ansible knows where to find the configuration files, we have to adjust the “ansible.cfg”.
In the config file you have to change the inventory path to the desired path. Since I want to upload the Playbooks etc. via Visual Studio Code (article to follow) later, I’ll set the userhome of my user here.
In my case this is: /home/tom/lab/inventory
The path is made up as follows:
/home/Username/Environment (could be more than one)/inventory
You can open and edit them with nano as follows:
sudo nano /etc/ansible/ansible.cfg
Once the Config is adjusted, we restart the server once.
Normally I would create the folder structure on the Ansibleserver. This looks normal:
/home/tom/"ansible environment" you can use more than one folders: -lab/ --group_vars/ --group1-file --group2-file ... --/playbooks --playbook1.yml --playbook2.yml ... -inventory(file)
How the individual files look like I explain below still exactly.
Setup Windows Server we want to management
Actually you can now directly manage a Windows server with it. All you have to do is run this Powershell script on the server you want to manage:
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
The script configures WinRM for you. You can customize it for your needs.
I have extended mine a little bit. I also configure the Windows Firewall.
File structure of the Ansible Environment
In order to manage our environment and run the playbooks on the correct maschine, it needs some files to get the necessary information.
inventory file (no file extension) [windows] 10.0.0.6 domainmemberserver1.lab.local domainmemberserver2.lab.local DC02.lab.local DC01.lab.local [FirstADDC] DC01.lab.local [ADDC] DC02.lab.local [CTXDC] 10.0.0.6
You can group your servers here. It is important that the group name is used later case sensitive in the playbooks.
A system can also be stored in several groups. You can use the FQDN (your Ansible Server must be able to resolve the DNS name for this) or the IP address.
The files in the folder group_vars
The group-specific parameters and information are stored in the group_vars. For example, the user and password that Ansible is supposed to use. I will show you as an example the file “windows” out of the folder group_vars. In my case such a file looks like this:
ansible_user: adminuser ansible_password: password123! ansible_port: 5986 ansible_connection: winrm ansible_winrm_server_cert_validation: ignore
What we still need is a Playbook. I have chosen a simple one for the beginning. The playbook simply creates a folder structure on the target systems. Here you can also see that the group “windows” was always written in small letters like in the inventory and also in the group_vars file.The Ansible module win_file (https://docs.ansible.com/ansible/2.4/win_file_module.html) is used here.
---
-
hosts: windows
tasks:
-
name: create folders
win_file:
path: "C:\\Temp\\folder\\subfolder"
state: directory
Let it run!
Once you have setup Ansible and created the files, you can try out the Playbook directly. You can simply start this Playbook with the following command:
ansible-playbook createfolder.yml (-i hostname or ip if you want not run the playbook on the hole "windows" group)
I very much hope you enjoyed the article. In the next article I’ll explain how you can create the playbooks in Microsoft Visual Studio code and run them from there on the Ansible server.
So have a nice day and leave a comment or like if you enjoyed. 🙂
Your content helped me a lot to take my doubts, thank you very much.
—
–
hosts: localhost
#getting data from Sites.yml and adding to hosts
name: “Storing Sites data and adding to hosts”
tasks:
– name: getting the site details
add_host:
name: “{{item.value.site_IP}}”
groups: sitename
loop: “{{lookup(‘dict’,Sites)}}”
when: item.key == Site
#Sites data stored below var file (Sitename,IP and domain name)
vars_files:
– /etc/ansible/Americas/group_vars/Sites.yml
# get the input from user which site he wants the account
vars_prompt:
name: Site
prompt: “Enter site name”
private: no
–
# sitename is the value from Sites file about servers acccording Sites
name: adding the users according to site servers
hosts: sitename
gather_facts: true
tasks:
# creating domain account if the site belongs to Active Directory
– name: create domain account
win_domain_user:
name: “{{user}}”
# domain_server: “{{item.value.site_domain}}”
firstname: “{{user}}”
password: “{{password}}”
state: present
when: “ansible_os_product_type == \”domain_controller\””
#Adding user to specific groups as per user’s job
– name: adding to domain groups
win_domain_group_membership:
name: “{{gps.1}}”
members:
– “{{ user }}”
state: present
loop: “{{wingroups | subelements(‘grps1′,’skip_missing=True’)}}”
loop_control:
loop_var: gps
when: gps.0.name == grouptype and ansible_os_product_type == “domain_controller”
#Groups data stored in below file
vars_files:
– /etc/ansible/Americas/group_vars/windowsgroups.yml
#creating workgroup account if site belongs to workgroup
– name: Create work group account
win_user:
name: “{{user}}”
password: “{{password}}”
state: present
when: ansible_os_product_type == “server”
#Adding user to specific groups as per user’s job
– name: adding groups
win_group_membership:
name: “{{item.1}}”
members:
– “{{ user }}”
state: present
loop: “{{wingroups | subelements(‘grps’,’skip_missing=True’)}}”
when: item.0.name == grouptype
#Groups data stored in below file
vars_files:
– /etc/ansible/Americas/group_vars/windowsgroups.yml
#get the data from user about Username,password and sitename
vars_prompt:
–
name: user
private: false
prompt: ” Enter user name”
–
name: password
private: true
prompt: ” Enter password”
–
name: grouptype
prompt: “Enter the group type”
private: no
– /etc/ansible/Americas/group_vars/Sites.yml
Sites:
ABCD:
site_name: ABCD
site_IP: 10.0.0.10
site_domain: atoz
XXXX:
site_name: XXXX
site_IP: 10.0.0.8
site_domain: null
this code is working fine which i have writtern but,
i need a help on this , if one site has multiple servers , am not sure how to proceed
Eg:
XXXX:
site_IP:
– name: Master
IP: “10.0.0.6”
– name: Remote
IP: “10.0.0.7”
site_domain: ~
site_name: XXXX
Hey, I am working on a blog series about ansible to deploy a whole environment. Follow me. It will ne online in a few Days
Hey,
I just stumbled over this post when I tried to learn a bit more about ansible.
Nice tutorials, just a short bug report: At the “Setup Ansible Server” at update repository and package index the commands are not displayed but some theme informations instead. I hope it helps
GrĂĽĂźe aus Sachsen
mainmovs.com
Mobile betting