github.io/content/blog/apprentice/ansible.en.md

105 lines
4.3 KiB
Markdown
Raw Normal View History

---
date: 2022-06-07T07:15:24Z
draft: false
aliases: []
categories: ['documentation']
series: ['apprentice']
tags: ['tools', 'tech']
chroma: true
toc: true
title: Ansible
description: Ansible quickstart guide!
---
Ansible is a cool tool that lets you manage lots of Linux servers and even some other devices.
All with just a bunch of yaml.
Although not necessarily as it supports a nice load of formats for everything.
Yaml being the most common, but "inventories" are usually ini format.
But still you should be able to do everything in json if you really want to.
## Configure ansible.cfg
This is the main Ansible config.
Ansible lets you have global stuff in /etc/ansible or project stuff in the working directory.
Anyway you'll likely want an ansible.cfg with your common global configuration options for Ansible itself.
### Example global ansible.cfg
This example ansibe.cfg lists a collection of the options I think are useful.
You may also generate a file with all options available commented out.
With comments describing them for most of the options by;
{{< highlight sh "lineNos=none" >}}ansible-config init --disabled -t all > ansible.cfg{{< /highlight >}}
{{< highlight cfg >}}{{% asset "apprentice/ansible/ansible.cfg" %}}{{< /highlight >}}
### Example project ansible.cfg
{{< highlight cfg >}}[default]
private_key_file = ~/.ssh/ansible_rsa
remote_user = ansible
inventory = all-machines
[privilege_escalation]
become = yes
{{< /highlight >}}
## Inventory
I think it's super neat that Ansible lets you use several file formats for most things.
Inventories being the one that supports most formats, I'm pretty sure.
As you may just have a text file list, or YAML, INI, TOML and JSON to use host groups.
You may even have scripts that generate the target hosts with groups and everything.
If you opt for the script inventory route that script has to output the inventory in JSON format.
There is also the possibility of creating your own inventory plugin with python.
For the script based inventory you have to support command-line arguments "--list" and "--host <hostname>".
Those have to output the whole inventory in JSON format for "--list".
And the host vars for "--host <hostname>".
### The simplest inventories
These are of course just lists of hosts, they could be in a text file or specified from the command-line as a comma separated list.
Then you've got INI file based inventories, and it quickly may become advanced after that.
Even with the INI based ones you may group hosts together.
Next up is three examples that effectively gives the same inventory.
Although the text file won't give host groups.
#### A text file inventory list
{{< highlight txt >}}{{% asset "apprentice/ansible/inv.txt" %}}{{< /highlight >}}
#### INI inventory
Now host groups come into the picture and the rest of the examples will all give the same inventory.
{{< highlight ini >}}{{% asset "apprentice/ansible/inv.ini" %}}{{< /highlight >}}
### Example YAML inventory
This one will give you the exact inventory as above.
{{< highlight yml >}}{{% asset "apprentice/ansible/inv.yml" %}}{{< /highlight >}}
### Example python inventory script
This one is kinda just stupid as it just json dumps a dict containing the whole inventory.
To do some real magic with this you'd want to make that whole dict generated by code.
Very useful if for some reason your inventory is highly dynamic.
{{< highlight py >}}{{% asset "apprentice/ansible/inv.py" %}}{{< /highlight >}}
## Inventory summary
So the takeaway in my opinion is that INI or TOML based inventories are best.
As the YAML based ones are no fun working with.
JSON is also not optimal to manually work with, but a script generating that JSON may be very useful.
Again if you have the need of a potentially very dynamic inventory.
There is also the inventory parameters, these let you override lots of settings on a per-host basis.
Here is a super simple inventory to test plays/playbooks against a docker container;
{{< highlight ini >}}[docker]
docker-test ansible_connection=docker ansible_user=root ansible_host=ansible
{{< /highlight >}}
You may use that inventory and run plays agains whatever container is named "ansible".
Or change the "ansible_host" parameter to the name of whatever container you'd like to use.
These optional parameters are "ansible_" something.
And you may control everything from connection and
INVENTORY PARAMETERS!