Ansible: Automating Infrastructure Management and Configuration
What is Configuration Management?
- Configuration management is a discipline that focuses on managing and controlling changes to a system’s configuration. It involves identifying and documenting the system’s components, their relationships, and their attributes.
- It ensures that changes to the system are properly planned, evaluated, approved, and implemented. Configuration management aims to maintain consistency, integrity, and traceability of the system’s configuration throughout its lifecycle.
- It facilitates efficient troubleshooting, maintenance, and version control of software, hardware, or any other complex system. Configuration management helps prevent unauthorized changes and ensures compliance with standards and regulations.
When do we use Configuration Management instead of IaC?
- Configuration Management is typically used when dealing with established systems or environments that have already been set up manually or with traditional infrastructure management approaches.
- It is useful in scenarios where the primary goal is to manage and track changes to the configuration of these existing systems. In contrast, Infrastructure as Code (IaC) is employed when creating new infrastructure or when adopting a more agile and automated approach to provisioning and managing infrastructure resources.
Common Tools Used in Configuration Management
- Ansible: An automation tool that enables configuration management, application deployment, and orchestration.
- Puppet: An open-source configuration management tool that helps automate the provisioning, configuration, and management of systems.
- Chef: A configuration management tool used for infrastructure automation and management.
- Kubernetes: An open-source container orchestration platform that helps manage and automate the deployment, scaling, and operation of containerized applications.
- SaltStack: A configuration management and remote execution tool that aids in managing and controlling infrastructure.
What’s this Ansible?
Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intraservice orchestration, and provisioning.
Ansible uses playbook to describe automation jobs, and playbook uses very simple language i.e. YAML (It’s a human-readable data serialization language & is commonly used for configuration files, but could be used in many applications where data is being stored)which is very easy for humans to understand, read and write. Hence the advantage is that even the IT infrastructure support guys can read and understand the playbook and debug if needed (YAML — It is in human-readable form).
How Ansible works?
In Ansible, there are two categories of computers: the control node and managed nodes. The control node is a computer that runs Ansible. There must be at least one control node, although a backup control node may also exist. A managed node is any device being managed by the control node.
Ansible works by connecting to nodes (clients, servers, or whatever you’re configuring) on a network, and then sending a small program called an Ansible module to that node. Ansible executes these modules over SSH and removes them when finished. The only requirement for this interaction is that your Ansible control node has login access to the managed nodes. SSH keys are the most common way to provide access, but other forms of authentication are also supported.
Exploring Ansible through Practical Hands-On Experience
Installation of Ansible on AWS EC2 (Master Node)
- Create a Master server (EC2 instance) and create one key pair
- Connect the master server with SSH and install Ansible on it with the following command:
sudo apt-add-repository ppa:ansible/ansible
sudo apt update
sudo apt install ansible -y- Now check whether Ansible properly install or not using the following command
cat /etc/ansible/hostsCreating Inventory
Ansible Inventory — Ansible automates tasks on managed nodes or “hosts” in your infrastructure, using a list or group of lists known as inventory. You can pass host names at the command line, but most Ansible users create inventory files. Your inventory defines the managed nodes you automate, with groups so you can run automation tasks on multiple hosts at the same time. Once your inventory is defined, you use patterns to select the hosts or groups you want Ansible to run against.
Ansible hosts file is a configuration file that contains a list of hosts or servers that Ansible can manage. The hosts file is located at /etc/ansible/hosts on the Ansible control node, and it is used to define the inventory of hosts that Ansible can manage.
- To edit the hosts file, you can use any text editor of your choice
sudo nano /etc/ansible/hostsBefore that, we need to create three Ansible node servers that will be connected to the Ansible master server.
Once the file is open, you can add the IP addresses or hostnames of the servers you want to manage. The format for adding hosts is as follows:
edit /etc/ansible/hosts file and add public key of ansible server instances
Let’s verify the inventory that we have created.
ansible-inventory --list -yCopy the private key to the master server where Ansible is set up
The below command is to copy private key to remote server from the local machine folder and after that copy the private key on ssh folder of the remote server.
sudo scp -i "an-access-key.pem" an-access-key.pem ubuntu@ec2-18-208-153-82.compute-1.amazonaws.com:/home/ubuntu/.sshTo grant read and write access to the user, you can use the following command:
chmod 600 an-access-key.pemTry a ping command using Ansible to the Nodes.
To test that Ansible is able to connect to your nodes, you can use the following command:
ansible servers -m pingWe can see all three pings are successful which indicates servers are in active states.
Let’s verify the inventory that we have created.
ansible-inventory --list -yThank you for reading this blog. If you found this blog helpful, please like, share, and follow me for more blog posts like this in the future.
I’d love to hear from you if there are any corrections or things you’d like to add to the blogs. Your feedback is valuable and always welcome! Please feel free to share any thoughts or suggestions you have.
— Happy Learning !!!
