Ansible

Ansible runs over SSH so there is no need for agent in slave nodes. This reduces dependency of the management toolchain, eliminates the possibility of the agent are down or out of date. Ansible is acquired by Red Hat in 2015.

see Ansible_in_Depth.pdf

Ansible is Simple IT Automation github
Ansible Galaxy | Find, reuse, and share the best Ansible content repository for Ansible roles
Why use Ansible for automation and orchestration | InfoWorld

Ansible Documentation
Ansible Resources - Videos
Ansible Blog | Ansible.com | Ansible
Ansible Blog | Ansible.com | Getting Started

Ansible Webinar On Demand Introduction To Ansible !important
Ansible Resources - AnsibleFest San Francisco 2017 Videos
Ansible Tutorial
Ansible Tutorial for Beginners: Playbook & Examples | Spacelift.io

Ansible » ADMIN Magazine
Jan-Piet Mens :: Configuration management with Ansible a bit old, links are dead
Review: Ansible shows the beef | InfoWorld
Lessons from using Ansible exclusively for 2 years.

afroisalreadyinu/practical-ansible-intro: A practical guide to Ansible
ansible/ansible-examples: A few starter examples of ansible playbooks, to show features and how they work together.
geerlingguy/ansible-for-devops: Ansible examples from Ansible for DevOps.
Servers For Hackers

YAML truthy
  true , True* , TRUE , yes , Yes , YES , on , On , ON , y , Y
YAML falsey
  false , False* , FALSE , no , No , NO , off , Off , OFF , n , N

module arg truthy
yes* , on , 1 , true
module arg falsey
no* , off , 0 , false

* recommended

Using Python 3:

[webserver]
SERVER_IP
SERVER2_IP

[webserver:vars]
ansible_python_interpreter=/usr/bin/python3

Blog

Ansible | Best practices, tips and more

Beginners

What is Ansible? A short DevOps Introduction - YouTube
Configuration Management With Ansible: A Whirlwind Tour - YouTube
Learn you some Ansible for great good! - YouTube
Michael DeHaan: Ansible - Python-Powered Radically Simple IT Automation - PyCon 2014 - YouTube
James Cammarata - Achieving Continuous Delivery: An Automation Story - PyCon 2015 - YouTube
Ansible for the Absolute Beginners - YouTube
Automate EVERYTHING with Ansible! (Ansible for Beginners) - YouTube

Ansible basic usage and common issues encountered
An Ansible Tutorial - Servers for Hackers
Ansible 101 — Medium
Ansible 101 | zaiste.net
Configuration Management 101: Writing Ansible Playbooks | DigitalOcean

Jeff Geerling
Ansible 101 - YouTube
Ansible - YouTube

Ansible 2.0 & Beyond - YouTube
V2 and beyond
Ansible 2.0 Has Arrived

Getting Started with Ansible | Ansible.com
Ansible Simply Kicks Ass | devo.ps
Automation made simple with Ansible // Speaker Deck
Ansible - The configuration management tool for humans
Ansible from Introduction to Amazon AWS
Top 5 Best and Worst Attributes of Ansible

Ansible Workshop
Ansible Q&A: It Can't Make Your Breakfast Yet - CenturyLink Cloud Developer Center

Admin UI

Ansible Tower | Ansible.com (commercial) web UI for Ansible, with logging and status
ansible/awx: AWX Project upstream project for Tower

This web UI for Ansible is so damn useful! - YouTube

AWX Project FAQ | Ansible.com
AWX » ADMIN Magazine

ansible-semaphore/semaphore: Open Source Alternative to Ansible Tower

Best Practices

Tips and tricks — Ansible Documentation
Ansible Best Practices: The Essentials
6 practices for super smooth Ansible experience by Maxim Chernyak
Best practices to build great Ansible playbooks | Theodo
fdavis/ansible-best-practices: This is my working example of Ansible best practices

Jan-Piet Mens :: Validate Ansible templates!

15 Things You Should Know About Ansible

How to use Vagrant provision with Ansible for playbook development – Linuxserver.io !important

Event-Driven

Event-Driven Ansible

Ansible Blog | Ansible.com | Event Driven Automation
Kubernetes Meets Event-Driven Ansible

Testing

How We Test Our Ansible Roles with Molecule - The Zapier Engineering Blog - Zapier
Molecule — Molecule 1.24.0 documentation

Inventory

Inventory is an INI-like file that describes the servers to manages, the grouping of them and the parameters for connection.

Ansible loads /etc/ansible/hosts by default. It's recommended to use -i option to pass different inventory files per use case.

The inventory file can be a program as long as it emits the correct JSON upon invocation.

Using Ansible’s in-memory inventory to create a variable number of instances — Catalyst Cloud 1.0 documentation

Connection Modes

see Scaling_and_Performance_of_the_Ansible_Management_Toolchain.pdf

Local: affects the local system only, used for "pull" and "push-pull" topology
Paramiko: Python SSH module (obsolete since 1.2)
SSH with Control Persist: default mode, SSH connection is kept alive for a timeout (say 30 minutes)
Accelerated: temporary daemon will be created that only allows connections only from the initiating user, the communication is encrypted with AES keys exchanged in SSH, 2.5x faster than SSH

Jan-Piet Mens :: Ansible: pull instead of push

Variables

Variables — Ansible Documentation
Using filters to manipulate data — Ansible Documentation
Tests — Ansible Documentation
Template Designer Documentation — Jinja Documentation (3.2.x)
Simplifying JSON Response Mocks With Jinja - sasheldon.com

[Howto] Introduction to Ansible variables – /home/liquidat
How to Use Different Types of Ansible Variables (Examples) | Spacelift.io

Fact

Jan-Piet Mens :: Ansible: it's a fact

You can use set_fact to dynamically create variables:

- set_fact:
    myvar: "{{ result.stdout | from_json }}"

ansible.builtin.set_fact module – Set host variable(s) and fact(s). — Ansible Documentation

Discovering variables: facts and magic variables — Ansible Documentation fact caching
Fast Caching facts ansible – Erik's Blog

Modules

Working With Modules — Ansible Documentation
Index of all Modules — Ansible Documentation

Command Module Deep Dive for Networks

Playbooks

Intro to playbooks — Ansible Documentation

Playbooks contain Plays; Plays contain Tasks; Tasks invoke modules.
Handlers are tasks that can be run once after tasks.

sed - Ansible playbook shell output - Stack Overflow
ansible.builtin.debug module – Print statements during execution — Ansible Documentation

Amon - What I learned from a year using Ansible extensively install, test playbook with docker

Insanely complete Ansible playbook, showing off all the options
How To Create Ansible Playbooks to Automate System Configuration on Ubuntu | DigitalOcean

Jinja templates

Jinja2: lstrip_blocks to manage indentation | Ansible
Jinja2 for better Ansible playbooks and templates - codecentric Blog : codecentric Blog

Alternatives

pstadler/flightplan: Run sequences of shell commands against local and remote hosts.
Welcome to Fabric! documentation

pdsh

chaos/pdsh: A high performance, parallel remote shell utility
pdsh Parallel Shell » ADMIN Magazine

Parallel SSH

sudo apt-get install pssh
parallel-ssh -h pssh-hosts -A -P -I < pssh-command

Note: cannot sudo

How to run remote commands on multiple Linux servers with Parallel-SSH - TechRepublic

unsorted notes

Play
target
vars
handlers
tasks

Variable hierarchy
inventory
cli
playbook
module facts

directive
vars, vars_files, vars_prompt
module
local_action
script

async, poll

In pull mode, each managed node pull the config from git and run locally, without connecting to any controlling host machine.

AnsibleModule class, lib/ansible/module_common.py

Role

Breakdown a playbook into a predefined directory structure for better modularization.
Roles — Ansible Documentation

Point of entry: meta/main.yml
Can declare dependency for other roles here.

The easiest way to create a role is with ansible-galaxy:

ansible-galaxy init <role>

A Worked Example of Role Versioning
Ansible roles explained in practice
Evan Stoner — Ansible Pattern: Using Wrappers to Parameterize...
Being a Star in Galaxy ● Future500 B.V.

Creating Ansible Roles from Scratch: Part 1 | Azavea Labs
Creating Ansible Roles from Scratch: Part 2 | Azavea Labs

Ansible: Roles - Servers for Hackers

Error Handling

Error handling in playbooks — Ansible Documentation
Error Catching in Ansible — Hey There Fancy Pants
deployment - How to do proper error handling in ansible? - Server Fault

葉秉哲 (William Yeh)

softarch-school/ansible-workshop: Ansible Workshop - Hands-On Materials.
William-Yeh/build-docker-with-ansible: Build Docker images with Ansible - A half-blood approach

Ansible Vault

Encrypting content with Ansible Vault — Ansible Documentation

ansible vault - alessandromazzoli.comalessandromazzoli.com
Safely storing Ansible playbook secrets | On Web Security
OpenSSL the Ansible vault.. using PBKDF2 | On Web Security
Python for Network Engineers | Articles
Specify sudo password for Ansible - Stack Overflow

Ansible: Using Vault - Servers for Hackers

Edguim

Use Ansible as a cross-platform package manager
Edgium
Edgium packages

martinrusev/edgium: Collection of Ansible playbooks to quickly install up todate Linux packages

API

Python API — Ansible Documentation
Jan-Piet Mens :: Obtaining remote data with Ansible's API
Running Ansible Programmatically - Servers for Hackers
Running Ansible 2 Programmatically - Servers for Hackers
Extending Ansible – Tyler Turk's Blog

Ansible: Post-Install Setup
Puppet to Ansible - Big Bubbles (no troubles)

Part 1: Getting Started with Ansible
Part 2: Deploying Applications with Ansible
Part 3: Ansible and Amazon Web Services
Part 4: Ansible Tower
Part 5: Ansible Galaxy
tomoconnor/parallax: My collection of ansible templates, sensible defaults and an example of where to start from.

Briefs on Ansible Newsletter (ended)
ansible | Search Results | Technology Conversations

Ansible vs. Ansible Tower
Shell Scripts vs Ansible: Fight!

#perfmatters

Making Ansible a Bit Faster · Adam’s Tech Blog
How to accelerate your Ansible Playbooks

Tuning Ansible » ADMIN Magazine
Ansible Performance Tuning (for Fun and Profit)
Ansible Configuration Settings — Ansible Documentation

forks = 10
callback_whitelist = timer, profile_tasks
pipelining = True

Monitoring

Agile Testing: Deploying monitoring tools with ansible
Ansible for Server Monitoring | Cambridge Web Design and Development by Will Hall Online

Ansible + Nagios/Monit + Collectd = EPIC WIN

Tips and Tricks

Ansible tips & tricks
Ansible Tips and Tricks

Studio Cliffano

Make Your Life Easier by Creating Utilities and Delegating Playbooks

Outage Recovery With Ansible
A Shiny New Way to Manage VMware Guests

Graduating Past Playbooks
reinteractive | Blog | Ansible (Real Life) Good Practices
6 practices for super smooth Ansible experience by Maxim Chernyak
group_vars/all can be a folder, create group_vars/all/{config,secret}, add the latter to .gitignore FTW
Best practices to build great Ansible playbooks - Theodo
10 Things you should start using in your Ansible Playbook

Deploying a GlusterFS Storage Cluster withf Ansible on DigitalOcean — Medium
Provisioning Gluster Servers with Ansible

Videos

Ansible Webinars and Training I Ansible
Ansible Resources - Videos

Ansible Essentials

Ansible Trips and Tricks Webinar #1 - YouTube
Ansible Tips & Tricks Webinar #2 - YouTube
tips n tricks webinar #3 - YouTube
Ansible Tips & Tricks webinar #4 - YouTube
Ansible Tips & Tricks webinar #5 - YouTube

CLI Example

ansible HOST --become -m MODULE -a MODULE_ARGS

ansible HOST -m setup | grep release

Playbook example

Your Debian-based data center in a box
pigmonkey/spark: Arch Linux Provisioning with Ansible
wardviaene/ansible-demo

ansible-playbook PLAYBOOK -i HOSTS --user root --ask-pass

- hosts: all
   user: root   # server user
   sudo: yes    # is it super user
- name: With module and args as keys
  apt:
    name: "{{ item }}"
    update_cache: yes
    cache_valid_time: 3600
  with_items:
    - htop
    - ngrep
    - vim
- name: With action YAML multiline
  action: apt >
    pkg={{ item }}
    state=installed
    update-cache=yes
  with_items:
    - python-dev
    - gcc
    - python-setuptools
    - git-core
- name: Single line
  apt: pkg={{ item }} state=installed update-cache=yes
  with_items:
    - libmysqlclient-dev
    - mysql-server
    - redis-server
    - mysql-client
    - nginx
    - apache2

Notes for ansible-for-devops

Pretask
Ad hoc command
Apt cache valid time
--force-handlers
Mywiki.Wooldridge.org/dotfiles
Magic variable

Precedence
-e
Inventory, connection
Play, include
Inventory, others
Facts
Role default

119
Digital ocean
122， 125
Dynamic inventory scripts
addhost, groupby
Doc, leanpub
124
Custom inventory

www.sudo.ws
245,246 selinux link

248 tower user guide,free?
260 debug

265 rolespec, ci
266 Serverspec

267 vagrant
Vagrant commands except init expects a vagrantfile in the current folder
Up, halt, suspend, ssh, sshconfig
current folder is mapped to /vagrant