Ansible - 5

         Conditions, Vaults and Roles in Ansible

                 =================================================

Conditions

---------

-> whenever we have different different scenarios, we put conditions according to the scenario


When statement

--------------

Sometimes you want to skip a particular command on a particular node.


--- # Condition Playbook

- hosts: demo

  user: ansible

  become: yes 

  connection: ssh

  task:

   - name: install apache on debian

     command: apt-get -y install apache2

     When: ansible_os_family == "Debian"

   - name: install apache for redhat

     command: yum -y install httpd

     When: ansible_os_family == "RedHat"


esc --> :wq!


Note: we can use command module for linux command in playbook.


===============================================================


Vault

                        -----

-> ansible allows keeping sensitive data such as passwords or key in encrypted files,rather than a plaintext in your playbooks.

it use AES256 technology to encryption to encrypt the file.

-> creating a new encrypted playbook.

ansible-vault create vault.yml


-> Edit the encrypted playbook

ansible-vault edit vault.yml


-> To change the password

ansible-vault rekey vault.yml


->to encrypt an existing playbook.

ansible-vault encrypt target.yml


->to decrypt an encrypted playbook

ansible-vault decrypt target.yml         

======================================================

Roles

-----

-> we can use two techniques for reusing a set of tasks:- includes adn roles

-> Roles are good for organising tasks and encapsulating data needed to accomplish those task.


Ansible Roles

=============

a) Default

b) Files

c) Handlers

d) Meta

e) Templates

f) Tasks

g) vars


-> we can organise palybooks into a directory structure called roles.

-> Adding more and more functionality to the playbooks will make it difficult to maintain in a single file.


Roles

------

-> Default = It stores the data about role/application default variables eg -> if you want to run to port 80 or 8080 then variables needs to define in this path.

-> Files = it contains files need to be transferred to the remote VM (static files)

-> Handlers = They are triggers or task we can segregate all the handlers required in playbook.

-> Meta = This directory contain files that establish roles dependencies eg-> Author name, Supported platform, Dependencies if any.

-> Tasks = It contains all the tasks that is normally in the playbook eg-> installing packages and copies files etc.

-> Vars = Variables for the role can be specified in the directory and used in your configuration files both vars and default stores variables.


[ansible@ip]$ mkdir -p playbook/roles/webserver/tasks

[ansible@ip]$ tree

o/p -> playbook

        |---->roles

                |---->webserver

                          |----->tasks

[ansible@ip]$ cd playbook/

[ansible@ip]$ tree

0/p  .

     |--->roles

            |--->webserver

                     |----->tasks

[ansible@ip]$ touch roles/webserver/tasks/main.yml

[ansible@ip]$ touch master.yml

[ansible@ip]$ vi roles/webserver/tasks/main.yml


-name: install apache

 yum: pkg=httpd state=latest


esc --> :wq!

[ansible@ip playbook]$ vi master.yml

--- # master playbook for webservers

- hosts : demo

  user : ansible

  become : yes

  connection : ssh

  roles:

   - webserver


[ansible@ip playbook]$ ansible-playbook master.yml


 Ansible is a tool that allows you to create and control three key areas within the operations environment of the software development lifecycle. The first one is IT automation which allows you to write instructions to automate the IT professional's work that you would typically do manually in the past, the second is configuration management which allows you to maintain consistency of all systems in the infrastructure and the third is automatic deployment which allows you to deploy applications automatically on a variety of environments. Now let us get started and understand Ansible and it's architecture.






Comments

Post a Comment

Popular posts from this blog

GIT - 3

 How to use git and create github account ========================================= AWS account-> create two EC2 instance (Linux) allow ssh and http port in security group. on first machine. ================ -> sudo su  -> yum upate -y -> yum install git -y -> git --version  or which git -> git config --global user.name "bhupinder" -> git config --global user.email "bhupinder@gmail.com" -> git config --list on second machine ================= -> sudo su  -> yum upate -y -> yum install git -y -> git --version  or which git -> git config --global user.name "Ajay" -> git config --global user.email "Ajay@gmail.com" -> git config --list
Read more

Docker - 6

 How to psuh docker image in dockerhub ===================================== Now go to putty -> Login as -> Sudo su -> yum update -y -> yum install docker -y -> service docker start -> docker run -it ubuntu /bin/bash Now create some files inside container Now create image of this container -> docker commit container1 image1 Now create account in hub.docker.com Now go to your server -> docker login -> enter your username and password Now give tag to your image -> docker tag image1 docker id/newimage -> docker push dockerid/newimage Now you can see this iamge in docker hub account Now create one instance in tokyo region and pull image from hub -> docker pull dockerid/newimage -> docker run -it --name mycon dockerid/newimage /bin/bash Some Important commands ===================== 1) Stop all running containers: docker stop $(docker ps -a -q) 2) Delete all stopped containers: - docker rm $(docker ps -a -q) 3) delete all images:- docker rmi -f $(do...
Read more

GIT - 1

 Introduction of GIT ==================== software configuration management   or source code management a) Centralised version control system b) Distributed version control system CVCS ---- drawbacks: --------- 1) It is not locally available, meaning you always need to be connected to a network to perform any action. 2) since everything is centralised, if central server gets failed, you will lose entire data. Eg- SVN tool. DVCS ---- In distributed version control system, every contributor has a local copy or 'clone' of the main repository. I.e. everyone maintains a local repository of their own which contains all the files and metadata present is Main repository. Difference between CVCS and DVCS CVCS ----- 1) In Cvcs, a client need to get local copy of source from server, do the changes and commit those changes to central source of server. 2) CVCS  system are easy to learn and setup. 3) working on braches is difficult in cvcs developer often  faces merge con...
Read more