Ansible through Ubuntu (WSL) on Windows 10

Windows Subsystem for Linux (WSL) allows you to run Linux straight from your Windows Desktop. I use this on a daily basis for running Ansible scripts without having to install VM’s. Make sure you installed al latest updates.

Enable WSL feature

Open up a Powershell box as Administrator (search powershell, right click and run as Administrator).

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

This will initiate the installation and once finished ask if you would like to reboot your system. Go ahead and do that. When the reboot is done search for ‘bash’ and open that, it will first require a few anwsers. Simply fill out all the questions and once that is done you will have Ubuntu up and running.

Install Ansible

Now you are basicly in a Linux environment so you can install Ansible the typical way. Again, in the ‘bash’ window of course, use these instructions:

sudo apt-get -y install python-pip python-dev libffi-dev libssl-dev
sudo pip install ansible

Should you get any permission errors (i did not have this time, but given the nature of how WSL works that could happen) install pip with the –user flag. This will cause it to install ansible in the users home dir, not globally.

You are done. Using the following command you can check what ansible version is now installed:

ansible --version

If you need the most recent version check out my other post here.

Please follow and like us:
error

Install latest version ansible on Ubuntu 16.04 / 18.04

Ubuntu doesn’t ship with the newest version of ansible out of the box, sadly. You have to manually configure the PPA on your system in order to upgrade to the stable version. Follow these commands to install the PPA:

$ sudo apt update
$ sudo apt upgrade
$ sudo apt install software-properties-common
$ sudo apt-add-repository ppa:ansible/ansible

Hit Enter when asked, and once the process is done update your apt repos:

$ sudo apt update

Now you can either upgrade or simply install ansible:

$ sudo apt install ansible

This should be all, use the following to verify the ansible version:

$ ansible --version
Please follow and like us:
error

Vyos configuration using Ansible

The goal is to create configurations for VyOS devices and applying them using Ansible. I have used Vyos as my home router, VPN endpoint device (with 1300+ ipsec tunnels) as well as a datacenter router connected to the AMS-IX using 10Gbps uplinks.

Prerequisites

Make sure you have a Vyos installation (can be virtual, can be a box, can even be a Unify Edgerouter) with ssh enabled.

Inventory file

[vyos]
10.0.1.1 ansible_user=ansible-adm ansible_network_os=vyos

Sample Playbook

---

- name: VYOS | Config eth1
  hosts: vyos
  connection: network_cli
  tasks:
    - name: VYOS | BACKUP
      vyos_config:
      backup: yes
    - name: VYOS | Apply eth1 config
      vyos_l3_interface:
        name: eth1
        ipv4: 10.0.2.1/24
        state: present

Run ansible playbook:

$ ansible-playbook -i hosts vyos.yml --ask-pass
SSH password:

PLAY [VYOS | Config eth1] *************************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************************
ok: [10.0.1.1]

TASK [VYOS | BACKUP ] *************************************************************************************************************************************************************
changed: [10.0.1.1]

TASK [VYOS | Apply eth1 config] *************************************************************************************************************************************************************
changed: [10.0.1.1]

PLAY RECAP **************************************************************************************************************************************************************
10.0.1.1               : ok=2    changed=2    unreachable=0    failed=0

Configure DNS server on VyOS

---
- hosts: vyos
  connection: network_cli
  tasks:
  - name: VYOS | DNS servers and hostname
    vyos_system:
      host_name: "{{inventory_hostname}}"
      domain_name: my.vyos.test
      name_server:
        - 1.1.1.1
        - 8.8.4.4
Please follow and like us:
error

Ansible – One role to rule them all

Ansible Role is a concept that deals with ideas rather than events. Its basically another level of abstraction used to organize playbooks. They provide a skeleton for an independent and reusable collection of variables, tasks, templates, files, and modules which can be automatically loaded into the playbook. Playbooks are a collection of roles. Every role has specific functionality.

For example, to install Nginx, we need to add a package repository, install the package and set up configuration. Roles allow us to create very minimal playbooks that then look to a directory structure to determine the configuration steps they need to perform.

Role directory structure

In order for Ansible to correctly handle roles, we should build a directory structure so that Ansible can find and understand. We can do this by creating a Roles directory in our working directory.

The directory structure for Roles looks like this:

rolename
 - files
 - handlers
 - meta
 - templates
 - tasks
 - vars

A role’s directory structure consists of files, handlers, meta, templates, tasks, and vars. These are the directories that will contain all of the code to implement our configuration. We may not use all of the directories, so in real practice, we may not need to create all of these directories.

Ansible will search for and read any yaml file called roles/nginx/tasks/main.yml automatically. Here is the main.yml file;

---
- name: Installs Nginx
  apt: pkg=nginx state=installed update_cache=true
  notify:
    - Start Nginx

- name: Upload default index.php for host
  copy: src=index.php dest=/usr/share/nginx/html/ mode=0644
  register: php
  ignore_errors: True

- name: Remove index.html for host
  command: rm /usr/share/nginx/html/index.html
  when: php|success

- name: Upload default index.html for host
  copy: src=index.html dest=/usr/share/nginx/html/ mode=0644
  when: php|failed

As we can see, the file just lists the steps that are to be performed, which makes it reads well.

We also made a change how we references external files in our configuration. Our src lines reference a static_files directory. This is unnecessary if we place all of our static files in the files subdirectory. Ansible will find them automatically.

Now that we have the task portion of the playbook in the tasks/main.yml file, we need to move the handlers section into a file located at handlers/main.yml.

- name: Start Nginx
  service: name=nginx state=started

Move index.html and index.php pages out of the static_files directory and put them into the roles/nginx/files directory.

So now we can create a very very simple playbook with the following content:

---
- hosts: test_group
  roles:
    - role: nginx

Run it!

$ ansible-playbook -s test.yml

PLAY [test_group] ******************************************************************** 

GATHERING FACTS *************************************************************** 
ok: [127.0.0.1]

TASK: [nginx | Installs Nginx] ************************************************ 
ok: [127.0.0.1]

TASK: [nginx | Upload default index.php for host] ***************************** 
ok: [127.0.0.1]

TASK: [nginx | Remove index.html for host] ************************************ 
changed: [127.0.0.1]

TASK: [nginx | Upload default index.html for host] **************************** 
skipping: [127.0.0.1]

PLAY RECAP ******************************************************************** 
127.0.0.1              : ok=4    changed=1    unreachable=0    failed=0  
Please follow and like us:
error