Supercharge Your Sysadmin Skills with Ansible Playbooks

Ansible has rapidly become one of the most popular open source automation tools used by system administrators around the world. This Agentless configuration management and automation platform allows sysadmins to simplify their workflows, manage IT infrastructure efficiently, and amplify productivity.

Learning Ansible as a sysadmin is a surefire way to supercharge your skillset. Ansible's intuitive workflows make it easier than ever to automate common sysadmin tasks. All of this material can be found on our Ansible Training Course. 

In this complete guide, you'll learn:

• What Ansible is and its key benefits
• How to install and configure Ansible on Linux and Windows
• The basics of ad-hoc commands for quick automation
• How to write Ansible playbooks for configuration management
• Advanced Ansible playbook features and techniques
• Real-world examples to apply Ansible to common sysadmin tasks

By the end, you'll have the knowledge to start leveraging Ansible for automation, saving time and unlocking new capabilities as a sysadmin. 

Let's get started!

What is Ansible?

Ansible is an open source automation platform, provided by Red Hat, that allows sysadmins to manage configurations, provision infrastructure, deploy applications, and orchestrate advanced IT processes.

Here are some key characteristics of Ansible:

• Agentless - Ansible does not require any agents or extra software to be installed on remote machines. It uses OpenSSH and WinRM to connect to nodes.
• Push-based - Ansible initiates all communication, pushing changes to managed nodes. Nodes do not need outbound access.
• Idempotent - Ansible playbooks are written to be idempotent, meaning tasks will only be executed if the current state does not match the desired state. This makes playbooks inherently consistent and repeatable.
• Human-readable - Ansible uses YAML to define playbooks and inventory files. These are easy to understand compared to complex DSLs or domain-specific languages.
• Batteries included - Ansible comes packaged with over 500 built-in modules covering a wide range of use cases like cloud, database, storage, networking, and more.

These attributes make Ansible a versatile choice for anything from configuring a few servers to managing complex enterprise infrastructure. Next, let's look at why Ansible is so valuable for sysadmins.

Why Should Sysadmins Learn Ansible?

There are many excellent reasons why Ansible should be part of every sysadmin's toolbox. Here are some of the top benefits of using Ansible:

Simplifies Complex or Multi-step Processes

Ansible playbooks allow you to codify and automate complex, multi-tier processes with orchestration. You can sequence ordered tasks, conditionally execute steps, and prompt for user input as needed.

For example, you could automate an intricate multi-machine deployment process for a clustered application.

Manages Infrastructure-as-Code

Ansible lets you define infrastructure specifications, configurations, and automations in simple YAML playbooks. These playbooks can then be treated like version-controlled source code.

This infrastructure-as-code approach leads to consistent, repeatable, and testable infrastructure management.

Streamlines Configuration Management

Ansible is a powerful configuration management tool. Playbooks can automate OS provisioning, software installation, security hardening, resource configuration and more.

Ansible ensures all your systems are kept in the desired state and compliant with baselines.

Facilitates Application Deployments

Deploying apps like websites, databases, custom services, etc. can be complex. Ansible provides extensive tools for automating deployments.

You can orchestrate rolling updates, create resource tiers, manage dependencies, and automate zero downtime deployments.

Improves Productivity for Sysadmins

When sysadmin tasks are codified into playbooks, more time can be spent on higher value work. Ansible lets you do more with less while reducing mistakes.

Ansible also makes it easy for new team members to quickly become productive based on existing playbooks.

As you can see, Ansible delivers huge value by augmenting a sysadmin's skillset. Now let's look at how to actually get started with Ansible.

Installing & Configuring Ansible

Ansible can be installed on Linux (RHEL, CentOS, Ubuntu), macOS, and Windows systems. We'll cover installation steps for CentOS and Ubuntu Linux here.

To follow along, you will need:

• A control node with Python 2 or 3
• Managed nodes to be configured by Ansible

Installing Ansible on CentOS/RHEL

On CentOS or RHEL, install Ansible using yum:

  sudo yum install ansible  

To confirm, check the version:

  ansible --version  

Installing Ansible on Ubuntu

For Ubuntu, use apt to install Ansible:

  sudo apt update sudo apt install ansible  

Check that Ansible is installed:

  ansible --version  

This installs Ansible on the control node. Managed nodes do not need any extra software installed.

Next, we'll cover some key Ansible configuration like the hosts inventory and configuration file.

Configuring Ansible Inventory

The Ansible inventory specifies the managed nodes that playbooks will run against. This is defined in a file (default /etc/ansible/hosts) with a simple INI-like format:

  [webservers] web1.example.com web2.example.com [dbservers] db1.example.com db2.example.com  

Individual nodes or groups like [webservers] and [dbservers] can be specified. The location of the inventory can be configured in ansible.cfg. Dynamic inventory sources can also be used instead of static files.

Configuring Ansible Configuration File

Global Ansible settings are specified in /etc/ansible/ansible.cfg. Common options to configure include:

• inventory - Path to the Ansible inventory file
• roles_path - Path to the Ansible roles directory
• remote_user - Default SSH user name for managing nodes
• ask_pass - Ask for SSH passwords when needed

With Ansible installed and configured, we can move on to running ad-hoc commands.

Running Ansible Ad-Hoc Commands

Ansible ad-hoc commands allow you to execute one-off tasks on remote nodes without having to write a full playbook. They are useful for quickly doing simple automation and system administration tasks.

Here is the syntax for ansible ad-hoc commands:

  ansible [pattern] -m [module] -a "[module options]"  

• pattern is the inventory hosts to run against, like webservers
• -m specifies the module (action plugin) to execute
• -a are arguments passed to the module

For example, to reboot all nodes in the [webservers] group:

  ansible webservers -m reboot -a  

Some useful modules for ad-hoc commands include:

• ping - Test connectivity to nodes
• command - Execute commands on remote nodes
• shell - Execute shell commands on remote nodes
• apt - Install/remove Debian packages
• yum - Install/remove RPM packages
• service - Manage services

Ad-hoc commands let you easily perform one-off automation. But Ansible really excels when you orchestrate tasks using playbooks.

Intro to Ansible Playbooks

Ansible playbooks are files written in YAML format that define automation policies and orchestrate tasks. They provide a repeatable, consistent way to configure systems and deploy software.

A playbook contains:

• Inventory to specify nodes to configure
• Variables that can be used throughout the playbook
• Tasks that define what will be executed on nodes
• Modules like apt, copy, template, etc. that are called by tasks
• Handlers that can trigger tasks when notified by other tasks
• Roles that can be reused across playbooks

Here is a simple Ansible playbook example:

  --- - name: Install and configure webserver hosts: webservers vars: http_port: 80 max_clients: 200 tasks: - name: Install Apache apt: name: apache2 state: latest - name: Copy index.html file template: src: index.html dest: /var/www/html - name: Restart Apache service: name: apache2 state: restarted handlers: - name: restart apache service: name: apache2 state: restarted  

This playbook does the following:

• Installs the latest Apache package
• Copies an index.html template
• Restarts Apache to pick up the changes

Playbooks like this can be executed like:

  ansible-playbook configure-webservers.yml  

Now let's explore some more advanced playbook features.

Advanced Ansible Playbook Features

Ansible offers many powerful directives for writing sophisticated playbooks. Here are some highlights:

Variables

Variables store values that can be substituted into playbooks and referenced as {{ variable_name }}.

They allow parameterizing playbooks so values can be injected at runtime.

Conditionals

when statements let you conditionally control whether tasks run based on variables, facts, or other tests:

  tasks: - name: Install PostgreSQL apt: name: postgresql when: pg_install | bool  

Loops

Loops iterate over a list variable to minimize repetition in playbooks:

  vars: users: - alice - bob - charlie tasks: - name: Create users user: name: "{{ item }}" loop: "{{ users }}"  

Templates

Templates combine variables with file contents. Ansible will replace all {{ variables }} in a template file before copying to nodes.

Roles

Roles are ways to group tasks, variables, templates and modules together into reusable units. This helps keep large playbooks organized.

We've covered the key capabilities you need to start being productive with Ansible as a sysadmin. Now let's look at how to apply Ansible to common sysadmin and infrastructure tasks.

Using Ansible for Common Sysadmin Tasks

Ansible makes it easy to automate manual, repetitive sysadmin work.

Here are some examples of applying Ansible to simplify common sysadmin responsibilities:

Server Provisioning

Provision bare metal and cloud servers by installing the OS, standard packages, configuring users, hardening security policies, and more:

  - name: Provision server hosts: all roles: - base - security - users  

Configuration Management

Manage system configurations like sudo policies, cron jobs, log settings, users/groups, and much more:

  - name: Apply system configuration hosts: webservers tasks: - name: Set sudo policies copy: src: sudoers dest: /etc/sudoers - name: Add sysadmin user user: name: bob groups: wheel  

Application Deployment

Deploy apps across clusters of servers, orchestrating rolling updates, managing dependencies, creating resources, and automating zero downtime deployments:

  - name: Deploy application hosts: appservers roles: - { role: common, tags: common } - { role: database, tags: database } - { role: webserver, tags: webserver } - { role: queue, tags: queue } - { role: app, tags: app }  

Configuration Drift Remediation

Proactively scan for and remediate configuration drift to ensure servers adhere to baseline standards:

  - name: Detect and remediate configuration drift hosts: all tasks: - name: Scan for non-compliant configurations command: /usr/bin/compliance-scanner - name: Reapply baseline configuration import_role: name: config_baseline  

And many more use cases! Ansible provides modules covering virtually every sysadmin need from storage administration to network device configuration.

Recap & Next Steps

In this article, we covered the benefits of learning Ansible as a sysadmin and walked through core concepts like:

• Installing and configuring Ansible control nodes
• Running ad-hoc commands for quick automation
• Ansible playbook syntax and advanced features
• Applying Ansible for infrastructure and application management

Ansible delivers immense value for sysadmins through powerful, human-readable automation.

To take your Ansible skills to the next level:

• Work through in-depth Ansible training like Red Hat's RHCE course
• Study Ansible best practices for writing production-grade playbooks
• Explore Ansible community roles on Ansible Galaxy to automate common tasks
• Implement version control for your Ansible projects using Git
• Integrate Ansible into your CI/CD pipelines and cloud infrastructure

As you gain experience with Ansible, you'll be able to streamline and scale more aspects of systems administration. Ansible lets you work smarter, open up new career opportunities, and focus on more impactful work - making it an indispensable tool for any ambitious sysadmin.

Frequently Asked Questions About Ansible

What programming language is Ansible written in?

Ansible is primarily written in Python and takes advantage of Python libraries. However, Ansible playbooks use YAML format, which is easier for humans to read and write compared to JSON or XML.

Does Ansible require agents on remote nodes?

No agents are needed on remote nodes managed by Ansible. It uses native OpenSSH on Linux and WinRM on Windows servers to connect and execute tasks.

Can Ansible manage network devices like routers and switches?

Yes, Ansible has extensive network automation capabilities through Ansible Network modules. It can manage network gear from vendors like Cisco, Juniper, Arista and more.

Does Ansible integrate with popular cloud providers?

Absolutely. Ansible integrates smoothly with AWS, Azure, Google Cloud, OpenStack, and more. It can provision infrastructure, orchestrate deployments, and manage configurations across cloud environments.

Can Ansible scale to manage enterprise infrastructure?

Ansible is used by many organizations to automate infrastructure at massive scales. Ansible control nodes can be scaled out, playbook execution parallelized, and workflows distributed. Ansible is a powerful option for enterprise automation.

If you enjoyed this article you might enjoy our first article Ansible for Beginners: A Comprehensive Guide to Get Started with IT Automation

In the world of DevOps and automation, Ansible plays a pivotal role in orchestrating and managing IT infrastructure efficiently. At JBI Training, we offer a selection of courses to empower you with the skills required to excel in Ansible and DevOps practices.

• Ansible: Dive into the world of Ansible, a powerful automation tool. Learn how to automate repetitive tasks, configure and manage systems, and streamline your IT operations.
• DevOps Introduction: Gain an introduction to the DevOps philosophy and practices. Understand the principles of collaboration between development and operations teams, and explore how DevOps can accelerate software delivery.
• DevOps Essentials / DevOps with Azure: Deepen your understanding of DevOps with our Essentials course. Learn about essential DevOps tools, practices, and cultural principles. Alternatively, explore DevOps with Azure, focusing on the integration of Azure services within the DevOps pipeline.

Enroll in these courses and equip yourself with the knowledge and tools to navigate the world of Ansible automation and DevOps. Learn to streamline operations, accelerate software delivery, and foster collaboration between development and operations teams.