Hello Guys,

Today, we will learn the tool used to deploy automated scripts , if you have some prior work experience with servers, then you must have faced lots of difficulties with maintaing scripts, codes, or your project directories over server, so this tool will help you to deploy your codes in the best possible manner, with this tool you can keep track of your code on server, you can deploy multiple scripts on multiple server with just one command.

So, lets start with basic directory work flow of ansible, I hope you have already installed Ansible on your system.

    -test
      |--roles/
            |--falcon-project/

                        |--handlers/
                               |--main.yml
                        
                        |--tasks/
                               |--main.yml
                        
                        |--templates/
                                |--test.j2
                        
                        |--vars/
                                |--main.yml

      |--stagehost

      |--playbook.yml

So, this is the basic architecture for any ansible project. I will try to explain each directory or file one by one.

For working project directory ,please follow git hub project

Inside the directory test, you will see two files:

stagehost : this file basically stores the info of your server, its ip(public and private), ssh port : for eg.

testserver_Staging ansible_ssh_user=root ansible_ssh_host=128.199.xxx.xx private=10.xx.xx.xx ansible_ssh_port=1200

[testserver]
testserver_Staging

[testserver:vars]
project_name=reporting
project_root=/srv
project_repo=git@gitlab.com:tests/testing.git

You can also specify your server specific variables inside it, we will see that later.

Next,

playbook.yml

---
- hosts: testserver
  roles:
    - falcon-project

Here, in playbook file we have specified the server over which we want to execute the deployment, we have also specified the particular role , that we want to run over-it

Note: Since ansible follows yml , so be carefull of what you type and avoid indentation errors.

Now, inside the roles directory , we can specify as many as roles, here i have used a simple falcon project to be deployed on server.

Inside falcon you will see four sub directories: tasks, handlers, vars and templates.

Tasks

Here , we create the multiple tasks that needs to be executed one by one. For eg.

---

- name: Install required system packages.
  apt: pkg= { {  item } } state=installed update-cache=yes
  with_items: system_packages
  sudo: yes
  tags:
    - setup
    - testserverWeb


- name: Create the project_root directory.
  file: state=directory path={ { project_root } }
  sudo: yes
  tags:
    - testserverWeb
    - setup

- name: Pull Repository from git
  git: accept_hostkey=yes repo={ {project_repo} } dest={ {project_root} }/{ {project_name} }  version={ {repo_branch} }
  notify: restart nginx
  notify: restart uwsgi
  tags:
    - setup
    - testserverWeb
    - deploy

So, this file(main.yml) contains three tasks, each task has its name, (you can give any name) then the most important thing is to write a specific task.

For eg: In first task I am just installing packages to my server from apt-package. Items will be pulled up from the directory vars and this is how our main.yml will look inside the vars directory:

system_packages:
  - iftop
  - htop
  - python-pip
  - python-dev
  - python-virtualenv

next inside the task is sudo : yes for non root user.
Specify tags of your choice, tags plays an important role in ansible , we will see them later.

If you will notice carefully, variables inside double curly braces are the variables that are defined inside the host file, or we can specify a seperate directory group vars to specify the value of these variable, this type of initialization is to make your ansible scripting more dynamic.

Notify: part is to execute the command after the completion of a task, for eg: here i have restarted the nginx and uwsgi (inside third task), the restart tasks are specified under the handlers directory. For eg. main.yml inside handlers

---
- name: restart uwsgi
  service: name=uwsgi.service state=restarted
  sudo: yes

- name: restart nginx
  service: name=nginx.service state=restarted
  sudo: yes

There is one more directory naming templates it contains the files that we want deploy to the server.

Now , we will learn how to execute specific commands to achieve specific tasks.

First, cd into test directory:

then

ansible-playbook -i stagehosts playbook.yml

command will directly ssh into your server, and tasks execution will start one by one, if the tasks gets executed properly then for the first time it will be marked as changed , if the task gets failed then it will be marked failed, moreover running same tasks again & again will just marked as ok

To run the task in verbose mode just add -vvv at the end of a command.

Now ,suppose you are running task other than root then add --ask-sudo-pass and enter your sudo password for your server.

ansible-playbook -i stagehosts playbook.yml --ask-sudo-pass

Tags: if you will notice , only the third task contains the tag deploy, so this tag diffrentiate the 3rd task from the other two tasks. So to run only that particular tag ,just pass that tag from the command line:

ansible-playbook -i stagehosts playbook.yml --ask-sudo-pass --tags "deploy"

So, this statement will execute only one task with tag deploy .

The variables defined inside the double curly braces can be defined via command line also.

For eg:

project_name inside third task can be executed:

ansible-playbook -i stagehosts playbook.yml --ask-sudo-pass --tags "deploy" --extra-vars "project_name=test,project_repo=http//gitlab.com/test/X"

Commanly used ansible tasks

To copy a template from templates directory

- name: copy test file 
  sudo: yes
  template: src=test.j2 dest=/home/debian/test
  

here , test file is present inside the templates directory .

To update file permissions and owner

- name: Update the project log directory.
  file: group={ {ansible_ssh_user} } owner={ {ansible_ssh_user} } mode=777 state=directory path={ { project_log_dir } }
  sudo: yes

insert content into file

-   name: insert/update "Security" configuration block in /etc/mongod.conf
    blockinfile:
        dest: /etc/mongod.conf
        marker: "#security"
        content: |
                security:
                    authorization: enabled

To execute a command inside server

- name: Common | set timezone
  command: timedatectl set-timezone Asia/Kolkata
  sudo: yes

To create a cron task

-   name: Creates cron job to get the status
    ##this script will run once every hour , to make it run everymin just remove minute field
    cron: minute="0"
        name="Retrieve the status of mail sent"
        cron_file="email_status"
        user="root"
        job="/usr/bin/python /srv/status/abc.py"  
    sudo: true

Modify file using regex

---
- name: Setup alternate SSH port
  sudo: yes
  notify: "Restart ssh"
  lineinfile:
    dest: "/etc/ssh/sshd_config"
    regexp: "^Port"
    line: "Port "

  notify: "Restart ssh"

Ansible naming convention is pretty strict, you will find it difficult to learn at starting but with practice, it will be a piece of cake for you .

This is all for ansible tutorial. Please use this ansible-link for project work flow and a basic example.

Hope, you enjoyed learning ansible. Happy coding :)