“Ansible automated operation and maintenance: Techniques and Best Practices,” the first chapter study notes

Ansible architecture and features

The first chapter is mainly about Ansible structure and characteristics, mainly includes the following:

    Ansible software

    Ansible architectural patterns

    Ansible properties

Ansible software

Ansible orchestration engine can complete configuration management, process control, resource deployment and so on. Ansible based on the Python language, built by Paramiko and PyYAML two key modules.

Ansible Applications

    Configuration Management

    Immediate opening service

    Application deployment

    Process Choreography

    Monitoring Alarms


Ansible architectural patterns

Ansible Maintenance mode is usually managed by the control unit and the machine. Ansible controlled machine tool is used to install software executing server or workstation maintenance instructions Ansible is to maintain the core. Managed machine is a server running business services, to be managed by the control unit via SSH.

Ansible management

Ansible is a model-driven configuration manager that supports multi-node distribution, remote task execution. Default SSH for remote connections. No need to install additional software on the managed nodes, may use various programming language extensions.

Ansible 管理系统由控制主机和一组被管节点组成。控制主机直接通过SSH控制被管节点,被管节点通过 Ansible 的资源清单来进行分组管理。

Ansible configuration management with the script the way Ubuntu server running Nginx services 3

Ansible scripting webservers.yml, i.e. PlayBook, wherein the nodes comprise hosts and managed in accordance with these hosts task lists (task) executed sequentially.

hosts including the web1, web2, web3.

Task List includes the following process:

    Install Nginx (Install Nginx)

    Creating Nginx configuration file (/etc/nginx/nginx.conf)

    Copy the configuration file based on SSH security certificate mode, restart Nginx service

    Ensure that the service is active Nginx

Ansible control executed on the host system ansible-playbook webservers.yml, Ansible will be connected in parallel mounted web1, web2, web3 above by SSH, configure, run Nginx service.

Ansible System Architecture

    Core Engine: the Ansible.

    The core module (core modules): Ansible resource distribution module to the remote node to execute a particular task or match a particular state.

    Custom module (custom modules)

    Plugin (plugins): complementary module functions by means of plug-in to complete the log, e-mail and other functions.

    Script (playbook): Ansible task defined profile, a plurality of tasks can be defined in a script, the Ansible performed automatically by the control operation of the plurality of tasks hosts simultaneously manage multiple remote hosts.

    Connector plug (connectior plugins): Ansible plug connector is connected to each host based, and is responsible for communication are managed nodes. Because support other connection methods except SSH connection methods, it is necessary to connect the plug.

    List of hosts (host inventory): the definition of Ansible management of host policy.

Ansible library using paramiko protocol, SSH or the like connected to the host through ZeroMQ. Ansible host control module Ansible pushed SSH protocol managed node are performed completely automatically deleted. Between the support and the control panel managed node local, SSH, ZeroMQ three connections, based default SSH connection, in the case of a large scale, using ZeroMQ connection faster execution.

Task execution mode

Ansible host system by the control operation of the managed node can be divided into two categories, i.e., ad-hoc and playbook.

    ad-hoc mode using a single module, to support the implementation of a single batch command.

    playbook mode Ansible primary management, a complete set of Functional playbook by a plurality of task. (Playbook can be understood through a combination of a plurality of ad-hoc operation profile)

Ansible properties

Ansible is based on consistency, security, high reliability, lightweight design automation tool, a powerful, easy to deploy, clearly described and other features, a good solution to the unified configuration, complex IT automation unified deployment, orchestration, etc. management issues.

Ansible Features

    The syntax is simple, easy to read

    Managed nodes do not need to be installed client software

    Based push (Push) mode

    To facilitate the management of small-scale scenes

    A large number of built-in module

    Very lightweight abstraction layer

Ansible contrast with other configuration management


Development language

Is there a client




Whether to support secondary development

not support

stand by

stand by

Server and the remote machine communication protocol

Standard SSL protocol

Use AES encryption

Use OpenSSH

Configuration File Format

Ruby syntax

Puppet SaltStack Ansible
Ruby Python Python

与其他自动化工具比较,Ansible 不需要安装客户端就可以轻松地管理、配置。

to sum up

The key idea is that the computer is Ansible a group, rather than a separate machine, or “multi-layer arrangement of” thinking. Avoid the certificate exchange, as well as the problem of reverse lookup DNS and NTP. YAML configuration file format, easy to use.

Leave a Reply