Using ansible for environment alignment and configuration

ansible is an IT automation tool for server environment alignment, configuration and ops type work.

The use case: fetch a zip from the client's server and run the contents of that zip over multiple nix boxes in the development environment after production releases have occurred.

To configure logging, make sure to set the path to the ansible log file:

ANSIBLE_LOG_PATH=/path/to/ansible.log
export ANSIBLE_LOG_PATH

Once ansible has been installed, either using the source or your distro's package managed, go to the terminal and setup a host file, named hosts

localhost ansible_python_interpreter='/usr/bin/python'

[myboxes]
10.0.0.1 ansible_ssh_user=usernamehere ansible_ssh_pass=usernamepasshere ansible_sudo_pass=ThisdoesntWorkNotInSudoers ansible_su_pass=SuPasswordhere

[databaseservers]
# boxa
10.0.0.2 ansible_ssh_user=user ansible_ssh_pass=what ansible_sudo_pass=what ansible_su_pass=what
# boxb
10.0.0.3 ansible_ssh_user=user ansible_ssh_pass=what ansible_sudo_pass=what ansible_su_pass=what

Now do not try run ansible commands if simplejson for python is not on the target machine. simplejson is a python package and may already be installed depending on your python version and environment.

If simplejson is not installed you can use the ansible raw module to execute a command without depending on simplejson being installed

>ansible -i hosts myboxes -m raw -a "yum -y install python-simplejson" --sudo -u yourname

That is only going to work if I (`whoami`) am in sudo. In this instance I am not.

I need su.

ansible -i hosts myboxes -m raw -a "yum -y install python-simplejson" --su

This works because I configured the host file with a password for each box using the configuration key ansible_su_pass. I should use ssh key pairs and I will.. but the beauty of it is I don’t have to. I can just provide the passwords in the file. Must save that file somewhere safe..

Here's the output:

Dependencies Resolved

================================================================
 Package                  Arch          Version               Repository   Size
================================================================
Installing:
 python-simplejson        x86_64        2.0.9-8.el5           base        141 k

Transaction Summary
================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 141 k
Downloading Packages:
python-simplejson-2.0.9-8.el5.x86_64.rpm                 | 141 kB     00:00
...Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : python-simplejson                                        1/1

Installed:
  python-simplejson.x86_64 0:2.0.9-8.el5

Complete!

Didn't quite get it? Using the command ansible -i hosts myboxes -m raw -a "yum -y install python-simplejson" --su resulted in the successful installation of python-simplejson.

Now that simplejson is installed, here's a couple of sample ansible commands:

ansible -i hosts databaseservers -m raw -a "locate *.repo" --su

ansible -i hosts databaseservers -a "mkdir ~/ops/deps"

ansible -i hosts databaseservers -m copy -a "src=./test.txt dest=~/ops/deps"

Of course these are simple examples, and more complex sets of steps can be executed as playbooks – recipes for sys admin type tasks. I'll write a follow up on playbooks.

Being able to run a command over multiple machines at once is definitely better than opening 5 shells.