Automate EVERYTHING with Ansible!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
so you've been creating lots of linux virtual machines in your home lab environment and each one of those linux machines requires some additional configs or even maintenance over time and if you're tired of remoting in and executing the same tasks over and over and over let's see if we can use ansible to automate some of the most common tasks [Music] hey welcome back swine techno tim and today we're going to talk about automating things with ansible so we're not doing the same things over and over and over but real quick before we get started if you have a question about anything we cover in this video check out my live stream i stream on twitch every tuesday thursday and saturday so if you have a question about anything hop in and let's figure it out oh and another thing thanks ahead of time for the likes and comments because it lets me know if i'm on track and so let's get into it so you've spun up lots of virtual machines in your home lab environment and many of them are running linux and the way that you configure them or maintain them now is remoting in executing some commands and then doing that again and again for every single virtual machine you have and that's fine if you have one or two but what happens if you have 10 20 wouldn't it be nice to just execute one command sit back and watch it happen well that's where ansible can give it some help so ansible is a powerful automation tool it can help automate any repeatable task and the nice thing about ansible is it's agentless which means you don't need to install anything on your remote machines now i get it there are a few requirements but most linux machines have these and we'll cover those but with ansible you can automate almost anything that you can ssh into just think infrastructure network application containers security cloud you name it and that's why i think ansible is so powerful because you can automate repeatable tasks in a repeatable way using playbooks now i'll be the first to admit that ansible's new to me and when i set out to learn ansible i wanted to accomplish a few things i wanted to understand how to get it installed how to automate some of my most common tasks and then how to preserve those tasks so i can repeat them in the future and so i think i have those three things figured out and that's exactly what we're going to cover today and by the end of this video you'll be able to do the same thing so let's get started the first thing you're going to need to do on your local machine is make sure you have access to a linux like environment i'm using wsl on windows which gives me an ubuntu environment locally but this will also run find on a mac and of course linux in a quick call out i'll have documentation that you can find in the description so you can copy and paste these commands so what's the first command well the first command is we're going to update our ubuntu installation next we're going to install some dependencies then we're going to add an ansible repository then we're going to install ansible once ansible is installed we can run ansbolt-version to get some information about ansible and here we can see we have ansible 2.9.6 installed we can also see some information about our local environment which it shows which version of python we have installed which is a good call out because your servers will need python installed and they'll need at least version 3.5 now i'm not going to go into detail on how to get python installed or how to manage your python versions because there are a lot of ways to do that but you'll want to be sure that you have at least version 3.5 however you get that installed the only other requirement you'll need on your servers is just to make sure that you can ssh into those servers now as we all know there are a couple ways to ssh into your servers you can ssh in using just a password or you can ssh in using key based authentication now ansible recommends key based authentication and i do too and you should probably set that up however i don't want this tutorial to be a non-starter to where now you have to do all of that before you can start ansible so i'll cover how to use a password for your servers and then maybe you can use ansible to automate key based authentication so anyways you'll just want to make sure that you can ssh into your servers but let's get out of your server and go back to your development machine the next thing you'll want to do is create a file i'm going to use vs code but you can use any editor you'd like but we're going to create an inventory file an inventory file is just a file to list our servers it's an inventory of machines that we want to communicate with and maybe not important but this follows the any syntax so the ini and that's really just an fyi you don't need to know much about that but we'll create a new file called hosts and you can name this file anything you like and in this inventory file we start with an attribute now this can be anything you'd like it to be but it's a grouping for our servers so i can call this servers or i can call this ubuntu i'm going to organize mine by operating system so i'll call this one ubuntu and in here you want to list all of your servers now you can list them by dns name or ip address either will work but you want to list all of the servers you want to communicate with in this group and you can keep your group generic and just call them servers hosts whatever you like but you want a list of all of your servers that you want to communicate with in this group and then what i typically do is create a folder for this so i'll create an inventory folder and place it inside of there and once we have this inventory file we can actually start executing some commands and so the command we're going to execute is ansible dash i and then we're going to pass an inventory file to it and that's the inventory file that we created then we're going to pass it a group name and that's right here this is ubuntu that's the group and then we're going to use the module ping and we access that module with the dash m and here's where password authentication comes in we're going to pass in dash dash user and that's a user on the server that we can use and you can see i have my lab environment account then we're going to use dash dash ask dash pass so what this is going to do now is prompt us for a password that we can type in now i get it i already talked about this we can use key base authentication but again i didn't want that to be a non-starter and have you convert all your machines over to key base authentication which i think you should before you started this tutorial so this is how we prompt for a password and if we run this it'll prop for an ssh password we'll type that in and we see lots of errors that's because we need one more thing you can see here in the error it says we must install ssh pass program so we'll need to install that on our local machine so we'll need to install ssh pass and now it's installed and now we can run that same command get prompted for a password and execute this against all of those hosts and you can see here it pinged those devices that device then pinged us back and it even showed us which version of python we're running so that's pretty cool that means ansible's running so what do we want to automate now well if you recall from a previous video i had a list of the top 11 things i do when spinning up a new linux server in that video i was doing them manually but also what i was doing in that video was defining what i wanted to automate with ansible and so from that video i've extracted a few things that i wanted to automate using ansible but before we can automate anything we can do this a few ways one we can use ad hot tasks and those are nice for one-off tasks that you do rarely or on occasion or for a few machines but for the tasks you want to repeat and maintain we use playbooks and so playbooks are a list of plays or tasks that we want to execute and repeat and maintain and these can be organized many different ways so i'm going to choose the most simple approach which is creating a folder called playbooks and in here creating a playbook that i want to execute and when you create that file you'll want to use the yaml extension because this is going to be in yaml syntax and being that it is yaml just a quick call out it is sensitive to spaces and tabs so get out your trusty t-square ruler when you write this but it's pretty easy so the first task or playbook i'm going to create is one to update my machines now all of my machines are ubuntu so i use apt and ansible has a built-in app module which is super handy and this module has a lot of parameters we can use and they're all documented on ansible site as well as some common examples but i'll show you how i update my machines using apt and so it's this simple so the first key is host and i'm going to say all hosts the next is called become now this isn't really obvious until you understand what it means but become in this context for me is going to mean become a sudoer or become root and so we'll need to elevate our privileges to execute this task and what is that task well the task name is apt and then apt has some parameters too which i'm going to tell it to update some cache and then i'm going to tell it to upgrade all my modules now if we look at what upgrade means we have some choices here we can use dist full no safe yes but for me i'm choosing yes because this is the safest way and this doesn't do a dis upgrade and you can configure this however you like but this playbook along with our inventory file is all we need to go out and update all of our machines so let's run it and here's the command we're going to run we're going to run ansible dash playbook and we're going to pass ansible dash playbook a playbook of app.yaml and that's our app playbook then again we're going to pass in the user we're going to use and we're going to say to prompt for a password and then we're going to say ask dash become pass and so what that's saying is hey when you become a sudoer ask for the password that's because on my servers when you actually type in a sudo command you have to type in your password as well and so we'll have a double prompt here one to connect via ssh and one to actually become a sudoer and then after that we're going to pass in an inventory file of inventory slash hosts and so we should be able to execute this now first it's asking for ssh password then it's asking for become password oh which is nice this must be newer because i don't remember this happening before but it defaults to your ssh password well let's give that a shot i'll just hit enter so now it's gathering facts so it's going out and communicating with all of our servers there it goes it's going it's going now it's going to execute that task or that playbook app and on the service it's running an apt update and an app upgrade and this might take some time depending on how long it takes to upgrade those modules on those remote servers one of these lab servers i've had off for quite some time and there we go eventually you see they all succeeded so if we scroll through here it looks like most of my machines were up-to-date pat on the back for myself up to date no that's really because i ran this earlier but anyways you can see that one machine the alpha machine did change and you can see here that one had some changes so in this context it means that this machine had updates and it applied those updates and the other ones are unchanged but they didn't fail they weren't skipped and they weren't unreachable so overall this one was a success so let's create another one so if you remember from my linux video most of my ubuntu servers are virtualized and they're virtualized using proxmox and on every virtual machine i spin up i need to install the qemu guest agent so let's create a new playbook so i'll create a new file called qemu guest agent dot yaml and in here i'm going to do a few things so i gave this one a name and this is just metadata so i can identify it later but i said install the latest qemu guest agent and i'm going to run this on all of my hosts then for the name it's kind of repetitive but this is install the qemu guest agent now i have a name key twice because i could have a playbook that's full of different plays that have many different tasks but in my simplified lab scenario i kind of like to break them up and so this is going to run the aptitude module again and we're going to install the package called qemu guest agent and we want to make sure that it's it's present and we're going to say update the cache and we'll need to become root or become a sudoer and so we'll run almost the same command again the ansible dash playbook we'll pass it the new playbook qemu guest agent yaml and then the same arguments we used before so we can execute this enter our password default so it's going to gather facts again now it's going to try to install the agent and you can see it was successful on all of them and all of these machines already have the agent installed but you saw in the last example what would happen if one didn't okay so we've automated two things the next one is kind of the same but as you know i use z shell and so this command is just going to make sure that z shell is installed on all of my servers and so this one's very similar to the last but it's just a different package name gathering facts running the task and outputting the results the next task that i typically automate is the time zone but i also set up my ntp server too and so i figured i automate those two things but i'll use a template at the same time and so let's create a new playbook called time zone and in this time zone we're going to do a couple of things this one has multiple tasks what i was talking about earlier so this playbook is set time zone and configure time sync d that's because i want to point it to my ntp server and so here i'm going to say run on all hosts become root or become a sudoer and the first task is to set the time zone and so i set my time zone to america chicago and i get it like you should probably use utc especially if you're co-located but all of my lab servers are here in my basement so i usually set the time zone so it's a little bit easier for me i know i'll run into problems if i ever go with a hybrid cloud solution i don't like doing date math in all of my databases and i'll figure that out later when i get there famous last words right so anyways the next task what we're going to do is actually stop timesyncd and that's because we want to stop the service before we copy over our template and i'll include a template here in a second so we're going to copy over a file or a template to replace the one that's on that machine and the file is timesyncd.conf and the destination is going to be timesyncd.conf on the destination machine and so the template source we haven't defined yet so let's create a new folder called templates and in here i'm going to paste my time sync d conf that i want to use and this is one from a machine that i've already configured and you can see this is pretty typical so i have this set internally to my own ntp server and then i fall back to cloudflare's ntb server and this can be whatever you like it's not important the important part is is that we're going to use this to transfer to all of those machines and so if we go back into our playbook now we're saying hey for the source go one folder higher go into the templates folder and use that file we just created timesyncd conf and on the destination machine put that in etsy systemd timesyncd.com so essentially it's going to overwrite that file and so that's why we need the service stop first so that we can overwrite this file and then we're going to start the service right afterwards and so that's our next task is make sure time sync d has started and the nice part is we can use this module called systemd and we can pass in a parameter of the service name and then pass in a parameter for the state we want which is started and so again really quick what this is going to do set our time zone stop the service transfer a file start this service let's give it a shot so we're going to run that same command we've been running but now we're going to pass it in our time zone playbook so let's execute that it's going to ask for a password or become password or a sudo password now it's going to gather some facts now it's going to execute those tasks the first task which is set our time zone the next one stop the service the next one copy over the file and the next one start the service back up and you can see here it had a lot of work to do so on all of these servers we're gonna see changed now in a task when we're copying over a template we'll always see at least one changed that's because we're copying that file over but you can see it went successfully so now on all of these servers i have the time zone set i have my ntp server set and i've updated the time sync d config with the config that we transferred from my local machine so this is super awesome a couple of weeks ago i knew barely anything about ansible i just knew it was an agent-lens automation tool and after spending a couple of hours with it and creating all of my playbooks i realize how powerful it is and the more i learn about ansible and the more i use it i'll organize my playbooks in a more efficient way and probably use some best practices like my ssh keys but my challenge to you is if you're using a password to write a playbook to automate switching over to key based authentication i'd love to see that and so what do you think about ansible are using ansible at work at home in your home lab are using ansible for more than just servers if so let me know in the comments section below and while you're in the comments don't forget to give this video a thumbs up and consider subscribing if you haven't already and if you have more questions you can always join my live stream i stream on twitch every tuesday thursday and saturday so if you have a question about this video or any of my videos hop in my stream and let's figure it out and so thanks so much for watching and until next time stream on my friends human uh i i just my first dell server all right r720 it's overwhelming all the new knowledge i need i get it yeah but uh start with something you like start with something fun i mean that's you know my very first rancher video was about a minecraft server because that was something i thought was fun and again it's you know i always try to pair you know what i want to do with something you know i want to learn and so for me i was like hey i want to learn about how to get minecraft you know i want to learn about docker how do i learn about that well i run a minecraft server that's not docker well that sounds kind of fun let's figure that out so i i always pair you know what i want with or what i want with what i want to learn
Info
Channel: Techno Tim
Views: 55,568
Rating: undefined out of 5
Keywords: techno tim, homelab, ansible, automation, clientless, automate with ansible, ansible tutorial, ansible 101, guide, step by step, playbooks, inventory, how to install ansible, wsl, most common ansible tasks, best playbooks for ansible, homelab automation, home lab, getting started with ansible, ask-become-pass, sshpass, module, hybrid cloud deployment, open source, automate, accelerate, collaborate, integrate, infrastructure, applications, networks, containers, security, cloud, red hat, devops, dev ops
Id: w9eCU4bGgjQ
Channel Id: undefined
Length: 18min 31sec (1111 seconds)
Published: Sat Dec 26 2020
Related Videos
Ansible 101 - Episode 1 - Introduction to Ansible
Jeff Geerling
227K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.1M
My HUGE (but small) 1U Server Upgrade
Techno Tim
116K
Put Wildcard Certificates and SSL on EVERYTHING - Traefik Tutorial
Techno Tim
85K
Virtualize vs. Containerize (Which should I choose?)
Techno Tim
74K
Cloud Native Distributed Storage in Kubernetes with Longhorn
Techno Tim
32K
The Discovery That Transformed Pi
Veritasium
7.6M
AlphaGo - The Movie | Full award-winning documentary
DeepMind
28M
Manage Windows like Linux with Ansible
Red Hat Summit
79K
you need to learn Ansible RIGHT NOW!! (Linux Automation)
NetworkChuck
439K
Homelab Services Tour -- What am I running on my Homelab?
Techno Tim
143K
Network UPS Tools (NUT Server) Ultimate Guide
Techno Tim
33K
'Tesla as the World’s Biggest Robot Company:' Elon Musk on AI and U.S. Innovation | WSJ
Wall Street Journal
1.5M
Simple Hacks For A More Organized Shop/Garage
Hometown Acres
754K
How Imaginary Numbers Were Invented
Veritasium
9.6M
Kubernetes Crash Course for Absolute Beginners [NEW]
TechWorld with Nana
266K
The Problem with Solar Energy in Africa
Real Engineering
2.4M
you need to learn Docker RIGHT NOW!! // Docker Containers 101
NetworkChuck
1.2M
Solid State Batteries - Autumn 2021 mass production in Japan. Is it FINALLY happening?
Just Have a Think
1.2M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.