Getting Started with Ansible: A Quick Guide

Ansible is a great tool that helps us configure a large number of servers quickly, using only the IPs and passwordless authentication enabled for the servers.

In the past, before we had Ansible or similar server management tools, if we wanted to configure a server, like installing Nginx, we would have to SSH into each server and run a script to install Nginx. This approach worked for one, two, or even ten servers, but it wasn't feasible for hundreds of servers. That's where tools like Ansible and Puppet became essential.

Why choose Ansible? With many tools available like Puppet and Chef, why pick Ansible? Ansible is easy to use and understand because it uses YAML files to write playbooks or commands for the server, whereas Puppet has its own declarative language. Additionally, Ansible uses a push model, meaning commands are executed directly on target nodes, while Puppet primarily follows a pull model, where managed nodes (agents) periodically fetch updates from a central server. Unlike Puppet, which typically requires an agent on managed nodes, Ansible is agentless, making it easier to set up and maintain. This also allows Ansible to be faster, as it does not require a continuous connection between the control node and the managed nodes.
Let's quickly start with setting up Ansible and learning how to use it.

First, quickly set up a VM on a platform of your choice. Here, I am using AWS with an Ubuntu image.

As you can see, an instance is running. I have created an Ubuntu machine with 1 GB of memory and 1 vCPU, which is sufficient for this experiment.

If your main operating system is not Linux, I suggest creating another Linux machine for this experiment. Setting up Ansible is easier and more compatible on Linux.

Now we have two machines: one is our main machine, and the other is the machine we created.
So, let's install Ansible on our main machine.

Firstly run sudo apt update to make sure your system is up to date

then after updating your system run sudo apt install ansible then press y to continue

After the installation is complete, ensure Ansible is installed properly by running this command:
ansible --version

Hurray! We are now closer to learning it.

Now, our next step is to set up passwordless authentication.

To set up passwordless authentication, run this command in your main machine to generate a public and private key:

ssh-keygen

here id_ed25519.pub in .ssh folder we need to copy that public key and ssh into the machine or the worker machine we created and paste it in the ~/.ssh/authorized_keys

Now, please confirm on your main machine by SSHing into the worker machine.

Troubleshooting Step: if you have followed everything correctly and still get this error ubuntu@13.232.32.38: Permission denied (publickey). your system is not able to detect the private key for sshing
make sure to run this ssh-add ~/.ssh/<yourkeyname> or add this to ~/.ssh/config

Host <your worker ip>
  User ubuntu
  IdentityFile ~/.ssh/<yourkeyname>

Yay! As you can see, we are now able to log in successfully without needing a password or PEM file.

Now lets start with the very basic
lets create a file in our worker named ` yagya.txt ` using ansible its pretty easy
firstly lets create a inventory file in our host or main machine

Add all your worker IPs to the inventory file. But hold on, we can group the machines IPs. For example, if we want to run a script only on the database servers, there might be more servers than just the database ones in the inventory file. To manage this, we create a section like this:

So, after creating the inventory file with all our worker IPs, we can create a file on the worker server by running this command using Ansible:
ansible -i inventory all -m "shell" -a "touch yagya.txt"

As you can see here, we didn't create any playbook but directly ran a command. These types of commands are called ad-hoc commands, which we can use to run small commands on the worker servers.

Here, -i refers to the inventory file, which contains a list of all the IPs. I used all to target all sections and IPs in the inventory file. To target a specific section, you can specify the section name instead of all. The -m shell option indicates that the command should run in the shell, and -a is used to specify the command we want to execute on the worker server.

As you can see from the yellow line, this means the command executed successfully. We can also add a -v option to see what Ansible is doing behind the scenes, or -vvv for very detailed information.

We can also copy a file to the worker servers using this command.

It's time to write playbooks.

Here, as you can see, we create a YAML file that starts with a list. The - symbol indicates a list of values, so we can have multiple playbooks in a single file.

I have created a single playbook named "install and start docker." The hosts field defines all the groups of workers specified in the inventory. Setting become: true allows us to run commands in root mode.

The tasks section is also a list, which includes three commands. First, we install Docker. I have used Ansible's built-in support for apt and systemd, but you can use shell option as well. Here is an example:

name: blah blah
shell: “echo “ramm”

Secondly, I started Docker using the built-in support for systemd.

Now lets run our playbook using this command which is :

ansible-playbook -i inventory playbook.yaml

here to run a playbook we use ansible-playbook command along with the inventory name and playbook name

As you can see all the changes were done and were successful

Hurray! We learned how to create a basic playbook and run ad-hoc commands. The tutorial ends here, but the learning doesn't stop.

As an assignment, I want you to explore Ansible Galaxy and learn what it is used for.

Thank you for reading my blog. I hope this was helpful. Please feel free to reach out to me on my social media or in the comments if you have any questions.

I have uploaded this Ansible playbook and the inventory file here:

https://github.com/yagyagoel1/ansible_docker

Thank you,

Yagya Goel

Github

Linkedin

Twitter