- Configuration management tools are idempotent
- They save the state of the target machines
- They always check if the target is already in the same state as the new state
- They will compare the state of the configuration
- They apply configuration changes only if a difference exists
- But scripts rerun the tasks unless some intelligence is applied to it
- Login to your AWS account
- Create a Ubuntu-based EC2 instance and install Ansible on it
- Create a key pair for this control machine
- Create 2 more instances, both CentOS with one as a web server and another as a database server
- Create a key pair for these instances which will help to
ssh
into the instance - Download both of the key pairs
ssh
into the control machine and copy the key pair for target machines from the local device to the control machine
- Automation - any system automation
- Change management - prod server changes
- Provisioning - setup physical/cloud servers
- Orchestration - large-scale automation framework
Let's begin by looking at the files in the working directory
- The
client-key.pem
file is the key used to ssh into the target machines from the control machine - There is an inventory file which contains a list of all the target machines
- There are 3 playbooks, one for the web server, one for the database server, and one with configuration for both
- There is a folder which has
index.html
file to be deployed on the web server
- Deploy the
index.html
file on the web server (using theweb-target.yaml
file) - Create a new database and a new user on the database server (using the
db-target.yaml
file)
- A playbook is like a YAML configuration file
- Each playbook contains multiple plays
- Each play contains tasks that will be executed
- These tasks are executed on the target machine
all:
hosts:
web01:
ansible_host: 172.31.81.92
web02:
ansible_host: 172.31.94.211
db01:
ansible_host: 172.31.81.236
children:
webservers:
hosts:
web01:
web02:
dbservers:
hosts:
db01:
vars:
ansible_user: ec2-user
ansible_ssh_private_key_file: client-key.pem
-
Login into the control machine which has the key for the target machines
-
Execute the following commands...
ansible playbook -i inventory target.yaml
httpd
service is installed and started on the web target machinemaria-db
service is installed on the database machine
ansible playbook -i inventory target.yaml
maria-db
service is started and enabled on the database machine
ansible playbook -i inventory web-target.yaml
-
The
index.html
file is pushed to the web target machine -
The output is available on
IP_address:80
of the web server
ansible playbook -i inventory db-target.yaml
- A database is created with the name
accounts
- A user is created with the name
my_user
Notice same commands repeated in target.yaml
and both the separate target files?
The repeated commands in db-target.yaml
and web-target.yaml
, despite being present in target.yaml, provide modularity and flexibility.
- target.yaml: Sets up both the web and database servers in a single run (initial setup or large changes).
- db-target.yaml and web-target.yaml: Allow focused updates or maintenance on just the web server or the database server without affecting the other.