Book Image

Ansible Playbook Essentials

By : Gourav Shah, GOURAV JAWAHAR SHAH
Book Image

Ansible Playbook Essentials

By: Gourav Shah, GOURAV JAWAHAR SHAH

Overview of this book

Ansible Playbook Essentials will show you how to write a blueprint of your infrastructure, encompassing multitier applications using Ansible's playbooks. Beginning with basic concepts such as plays, tasks, handlers, inventory, and YAML Ain't Markup Language (YAML) syntax that Ansible uses, you'll understand how to organize your code into a modular structure. Building on this, you will study techniques to create data-driven playbooks with variables, templates, logical constructs, and encrypted data, which will further strengthen your application skills in Ansible. Adding to this, the book will also take you through advanced clustering concepts, such as discovering topology information about other nodes in the cluster and managing multiple environments with isolated configurations. As you approach the concluding chapters, you can expect to learn about orchestrating infrastructure and deploying applications in a coordinated manner. By the end of this book, you will be able to design solutions to your automation and orchestration problems using playbooks quickly and efficiently.

Related Content you might be interested in

Current Title:

Small book image
Ansible Playbook Essentials
Gourav Shah | GOURAV JAWAHAR SHAH
Aug, 2015 | 168 pages
No titles found
Table of Contents (20 chapters)
Ansible Playbook Essentials
Ansible Playbook Essentials
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Setting Up the Learning Environment
Setting Up the Learning Environment
Free Chapter
1
Blueprinting Your Infrastructure
Blueprinting Your Infrastructure
Getting introduced to Ansible
Plays
Our first playbook
Review questions
Summary
2
Going Modular with Ansible Roles
Going Modular with Ansible Roles
Understanding roles
Naming roles
The directory layout for roles
Creating a site-wide playbook, nesting, and using include statements
Creating the www playbook
Creating a base role
Creating an Nginx role
Automating events and actions with handlers
Adding pre-tasks and post-tasks to playbooks
Running playbooks with roles
Review questions
Summary
3
Separating Code and Data – Variables, Facts, and Templates
Separating Code and Data – Variables, Facts, and Templates
Static content explosion
Separating code and data
Jinja2 templates
Facts and variables
Templating the Nginx configurations
Adding another layer – the MySQL role
Variable precedence
The best practices for variable usage
Review questions
Summary
4
Bringing In Your Code – Custom Commands and Scripts
Bringing In Your Code – Custom Commands and Scripts
The command modules
Deploying a WordPress application – a hands-on approach
Review questions
Summary
5
Controlling Execution Flow – Conditionals
Controlling Execution Flow – Conditionals
The conditional control structure
Refactoring the MySQL role
Conditional control structure in Jinja2 templates
Running a task only once
Executing roles conditionally
Review questions
Summary
6
Iterative Control Structures – Loops
Iterative Control Structures – Loops
The omnipotent with statement
Configuring WordPress requisites
The PHP5-FPM role
Creating MySQL databases and user accounts
Creating Nginx virtual hosts
Review questions
Summary
7
Node Discovery and Clustering
Node Discovery and Clustering
Node discovery with magic variables
Creating the load balancer role
Accessing facts for non-playbook hosts
Review questions
Summary
8
Encrypting Data with Vault
Encrypting Data with Vault
Ansible-vault
Using the Ansible-vault
Encrypting the database credentials
Using a password file
Adding the vault password file option to the Ansible configuration
Review questions
Summary
9
Managing Environments
Managing Environments
Approaches for managing environments
Creating a development environment
Review questions
Summary
10
Orchestrating Infrastructure with Ansible
Orchestrating Infrastructure with Ansible
Ansible as an orchestrator
Tagging the roles
Creating an orchestration playbook for WordPress
Review questions
Summary
References
References
Index
Index

Chapter 8. Encrypting Data with Vault

Using variables, we saw how to separate data and code. Often, the data provided is sensitive, for example, user passwords, data base credentials, API keys, and other organization-specific information. Ansible-playbooks, being a source code, are most commonly stored in version control repositories such as a git, which makes it even more difficult to protect this sensitive information in a collaborative environment. Starting with version 1.5, Ansible provides a solution called vault to store and retrieve such sensitive information securely, using proven encryption technologies. The objective of using vault is to encrypt data that can then be stored and shared freely with a version control system, such as git, without the values being compromised.

In this chapter, we will learn about the following topics:

  • Understanding the Ansible-vault

  • Securing data using the Ansible-vault

  • Encryption, decryption, and rekeying operations

Previous Section
End of Section 1
Next Section