Ansible as an Ad-Hoc Orchestration Tool

08 November 2013
By Egor Minin, Configuration Manager

Let’s imagine a situation that you are joining a project where everyone understands that it has grown quite large and some sort of configuration management and orchestration tool is required. This understanding is followed by a lengthy decision making phase when typical products are brought up and discussed, such as Puppet, CFEngine, Chef. But still, things have to be done here and now and on a dozen of hosts. DataArt has experienced this before and is already aware of some other tools like cluster ssh and Fabric and even Marionette Collective. They all look appealing, but still all have their advantages and disadvantages. So let’s add another tool to the list and play around with it a bit, while discussions around a long-term solution are ongoing.

As you might’ve guessed from the title, it’s Ansible.

There are quite a few blog posts and articles which explain how to get started with that tool, but the best guide is probably on the official website http://www.ansibleworks.com/docs/intro_installation.html

Let’s assume we read that guide and are using Ansible from Git.

Now we would need an inventory file:

[all-hosts]
10.0.0.1
10.0.0.2
10.0.0.3
...

and we also need to make sure Ansible will see it, so we do the following:

$ export ANSIBLE_HOSTS=inventory.list

Now, let’s assume we were tasked with adding a user across the estate and there’s no centralized user management system.

You can obviously log in everywhere and do the good old useradd on each and every host but wait, here’s how this will work with ansible:

$ ansible all-hosts -u youruser -s -m user -a 'name=foobar 
\ password="$1$qwerty$ddcBTc7PFw8NLyQvzdnNx/"'

You’d need to encrypt the password with “openssl passwd” first though. And that pretty much all you’d need to do.

There is obviously a lot more you can do just out of the box – have a look at a list of modules that already exist in Ansible.

What is also great is that you don’t need anything extra on the hosts so you can just get cracking and do almost anything you need across your whole estate.

Next thing you might be wondering is “That all sounds good but what if there’s a need to do a bit more than just a simple command. More like a full blown scenario?” That is also very doable via playbooks.

Essentially they are a set of steps which are to be applied to your hosts from an inventory file. Playbooks are well described on the Ansible website http://www.ansibleworks.com/docs/playbooks.html

So using Ansible is rather easy and it has major advantages such as non-intrusive installation, reusable scenarios via playbooks and infrastructure as a configuration, so why not give it a try if you have the opportunity.

Tags: ,


Add Comment

Name Mail Website Comment