Gestiona tu despliegue usando Ansible
Ansible ayuda a automatizar el proceso de despliegue de aplicaciones, configuraciones y actualizaciones en tu despliegue. Este artículo ofrece instrucciones paso a paso sobre cómo usar Ansible para gestionar tu despliegue con eficacia.
Paso 1: Determina qué desplegar
Antes de empezar, identifica lo que necesitas desplegar, como aplicaciones, servicios, configuraciones y variables de entorno.
Paso 2: Configura tu proyecto de Ansible
Crea una estructura de directorios para tu proyecto de Ansible. Una forma fundamental de organizar el contenido de tu playbook es la función “roles” de Ansible. Para obtener más información, consulta Roles en la documentación de Ansible.
Las siguientes son dos estructuras de directorios de ejemplo para tu referencia:
Estructura de directorios de ejemplo n.º 1
production # inventory file for production servers
staging # inventory file for staging environment
group_vars/
group1.yml # here we assign variables to particular groups
group2.yml
host_vars/
hostname1.yml # here we assign variables to particular systems
hostname2.yml
library/ # if any custom modules, put them here (optional)
module_utils/ # if any custom module_utils to support modules, put them here (optional)
filter_plugins/ # if any custom filter plugins, put them here (optional)
site.yml # master playbook
webservers.yml # playbook for webserver tier
dbservers.yml # playbook for dbserver tier
roles/
common/ # this hierarchy represents a "role"
tasks/ #
main.yml # <-- tasks file can include smaller files if warranted
handlers/ #
main.yml # <-- handlers file
templates/ # <-- files for use with the template resource
ntp.conf.j2 # <------- templates end in .j2
files/ #
bar.txt # <-- files for use with the copy resource
foo.sh # <-- script files for use with the script resource
vars/ #
main.yml # <-- variables associated with this role
defaults/ #
main.yml # <-- default lower priority variables for this role
meta/ #
main.yml # <-- role dependencies
library/ # roles can also include custom modules
module_utils/ # roles can also include custom module_utils
lookup_plugins/ # or other types of plugins, like lookup in this case
webtier/ # same kind of structure as "common" was above, done for the webtier role
monitoring/ # ""
fooapp/ # ""
<!--NeedCopy-->
Estructura de directorios de ejemplo n.º 2
inventories/
production/
hosts # inventory file for production servers
group_vars/
group1.yml # here we assign variables to particular groups
group2.yml
host_vars/
hostname1.yml # here we assign variables to particular systems
hostname2.yml
staging/
hosts # inventory file for staging environment
group_vars/
group1.yml # here we assign variables to particular groups
group2.yml
host_vars/
stagehost1.yml # here we assign variables to particular systems
stagehost2.yml
library/
module_utils/
filter_plugins/
site.yml
webservers.yml
dbservers.yml
roles/
common/
webtier/
monitoring/
fooapp/
<!--NeedCopy-->
Paso 3: Configura tu inventario
Define tu archivo de inventario (inventory.ini). Un archivo de inventario normalmente enumera los hosts que quieres gestionar usando Ansible, junto con los detalles necesarios como nombres de host, direcciones IP y pertenencias a grupos. Por ejemplo:
# Hostname and ip address
[UBUNTU2004]
<ip address>
[UBUNTU2204]
<ip address>
[RHEL8]
<ip address>
[RHEL9]
<ip address>
[DEBIAN11]
<ip address>
- [DEBIAN12]
<ip address>
[SUSE15]
<ip address>
[all:children]
UBUNTU2004
UBUNTU2204
- RHEL8
RHEL9
DEBIAN11
DEBIAN12
SUSE15
- [all:vars]
ansible_user=<ansible execute user e.g root>
- ansible_password=<>
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
<!--NeedCopy-->
Paso 4: Crea playbooks de Ansible
- Crea playbooks (archivos .yml) para automatizar las tareas de despliegue. Esta sección proporciona playbooks de ejemplo para automatizar diferentes tareas de despliegue.
- ### Playbook de ejemplo para aplicar parches a distribuciones de Linux
Para aplicar parches a varias distribuciones de Linux usando Ansible, puedes crear un archivo de playbook YAML llamado patch-for-different-distribution.yml y rellenar el archivo con tareas similares a las siguientes. La directiva hosts define los hosts de destino del inventario (inventory.ini en este contexto) que están destinados a ejecutar las tareas del playbook.
- name: Upgrade and Reboot RHEL & Debian family Linux distros
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
vars:
- reboot_connect_timeout: 5
reboot_post_reboot_delay: 15
reboot_timeout: 600
tasks:
- # Upgrade RHEL family OS packages
- name: Upgrade RHEL Family OS packages
- ansible.builtin.yum:
name: '*'
state: latest
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "7"
# Upgrade RHEL family OS packages
- name: Upgrade RHEL Family OS packages
ansible.builtin.yum:
name: '*'
state: latest
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "8"
# Upgrade RHEL family OS packages
- name: Upgrade RHEL Family OS packages
- ansible.builtin.yum:
- name: '*'
state: latest
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "9"
# Ubuntu Family upgrade
- name: Update repositories cache
apt:
update_cache: yes
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "20"
- name: Update all packages to their latest version
- apt:
name: "*"
state: latest
- when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "22"
# Debian Family upgrade
- name: Upgrade the OS (apt-get dist-upgrade)
apt:
- upgrade: dist
- when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "11"
- name: Upgrade the OS (apt-get dist-upgrade)
- apt:
upgrade: dist
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
- # Reboot after upgrade
- name: Reboot host
reboot:
connect_timeout: ""
post_reboot_delay: ""
- reboot_timeout: ""
<!--NeedCopy-->
Playbook de ejemplo para instalar entornos .Net
El siguiente playbook de ejemplo instala diferentes versiones de entornos .Net en las distribuciones de Linux específicas.
- name: Install dotnet runtime environment on Linux distros
hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
- tasks:
# Install dotnet runtime environment on RHEL7
- name: Enable the rhel-7-server-dotnet-rpms repository
command: subscription-manager repos --enable=rhel-7-server-dotnet-rpms
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "7"
- name: Install dotnet runtime environment on RHEL7
ansible.builtin.yum:
name: rh-dotnet60-aspnetcore-runtime-6.0
state: present
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "7"
- name: Remove /usr/bin/dotnet if it exists
file:
path: /usr/bin/dotnet
state: absent
- name: Create a symbolic link
- file:
- src: /opt/rh/rh-dotnet60/root/usr/lib64/dotnet/dotnet
dest: /usr/bin/dotnet
state: link
# RHEL8 linux vda install dotnet runtime environment
- name: Install dotnet-runtime-8.0
- ansible.builtin.dnf:
- name: dotnet-runtime-8.0
- state: present
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "8"
- name: Install aspnetcore-runtime-8.0
- ansible.builtin.dnf:
- name: aspnetcore-runtime-8.0
state: present
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "8"
# RHEL9 linux vda install dotnet runtime environment
- name: Install dotnet-runtime-8.0
- ansible.builtin.dnf:
- name: dotnet-runtime-8.0
- state: present
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "9"
- name: Install aspnetcore-runtime-8.0
- ansible.builtin.dnf:
- name: aspnetcore-runtime-8.0
state: present
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "9"
# Ubuntu20.04 linux vda install dotnet runtime environment
- name: Register Microsoft key and feed
- shell: |
- wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
- dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "20"
- name: Install dotnet-runtime-8.0
- ansible.builtin.apt:
- name: dotnet-runtime-8.0
state: present
update_cache: yes
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "20"
- name: Install aspnetcore-runtime-8.0
ansible.builtin.apt:
- name: aspnetcore-runtime-8.0
state: present
update_cache: yes
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "20"
- # Ubuntu22.04 linux vda install dotnet runtime environment
- name: Install dotnet-runtime-8.0
ansible.builtin.apt:
name: dotnet-runtime-8.0
state: present
update_cache: yes
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "22"
- name: Install aspnetcore-runtime-8.0
ansible.builtin.apt:
name: aspnetcore-runtime-8.0
state: present
update_cache: yes
- when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "22"
# Debian11 linux vda install dotnet runtime environment
- name: Register Microsoft key and feed
shell: |
wget https://packages.microsoft.com/config/debian/11/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
- dpkg -i packages-microsoft-prod.deb
- rm packages-microsoft-prod.deb
- when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "11"
- name: Install dotnet-runtime-8.0
ansible.builtin.apt:
- name: dotnet-runtime-8.0
- state: present
- update_cache: yes
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "11"
- name: Install aspnetcore-runtime-8.0
- ansible.builtin.apt:
- name: aspnetcore-runtime-8.0
state: present
- update_cache: yes
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "11"
- # Debian12 linux vda install dotnet runtime environment
- name: Register Microsoft key and feed
- shell: |
wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
- name: Install dotnet-runtime-8.0
ansible.builtin.apt:
name: dotnet-runtime-8.0
state: present
- update_cache: yes
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
- name: Install aspnetcore-runtime-8.0
ansible.builtin.apt:
name: aspnetcore-runtime-8.0
- state: present
update_cache: yes
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
- # Sles15 linux vda install dotnet runtime environment
- name: Register Microsoft key and feed
shell: |
- sudo rpm -Uvh https://packages.microsoft.com/config/sles/15/packages-microsoft-prod.rpm
sudo ln -s /etc/yum.repos.d/microsoft-prod.repo /etc/zypp/repos.d/microsoft-prod.repo
when:
- ansible_facts['distribution'] == "SLES"
- ansible_facts['distribution_major_version'] == "15"
- name: Install dotnet-runtime-8.0
community.general.zypper:
name: dotnet-runtime-8.0
state: present
- update_cache: yes
when:
- ansible_facts['distribution'] == "SLES"
- ansible_facts['distribution_major_version'] == "15"
- name: Install aspnetcore-runtime-8.0
community.general.zypper:
name: aspnetcore-runtime-8.0
state: present
update_cache: yes
when:
- ansible_facts['distribution'] == "SLES"
- ansible_facts['distribution_major_version'] == "15"
# Amazon2 linux vda install dotnet runtime environment
- name: Install dotnet-runtime-8.0
ansible.builtin.yum:
name: dotnet-runtime-8.0
state: present
when:
- ansible_facts['distribution'] == "Amazon"
- ansible_facts['distribution_major_version'] == "2"
- name: Install aspnetcore-runtime-8.0
ansible.builtin.yum:
name: aspnetcore-runtime-8.0
state: present
when:
- ansible_facts['distribution'] == "Amazon"
- ansible_facts['distribution_major_version'] == "2"
<!--NeedCopy-->
Playbooks de ejemplo para actualizar el VDA de Linux
Para automatizar las actualizaciones del VDA de Linux usando Ansible, puedes crear dos playbooks separados. Un playbook, como get_the_build.yml, está dedicado a descargar y transferir el paquete del VDA de Linux a las máquinas de destino (hosts). El otro playbook, por ejemplo linux_upgrade.yml, contiene tareas diseñadas para actualizar el VDA de Linux en las máquinas de destino usando el paquete descargado previamente.
- #### Playbook de ejemplo get_the_build.yml
- hosts: localhost
name: Get the latest release build to local
vars:
build_url: <linux vda download link> # replace with your actual value.
- local_tmp: "/tmp/" # replace with your actual value.
- remote_tmp: "/tmp/" # replace with your actual value.
- linuxvda_file_name : "linux vda rpm/deb file name" # replace with your actual value.
tasks:
- name: Download the file
get_url:
- url: ""
- dest: ""
tags:
- get
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
name: Copy a file to remote location
- tasks:
- name: Copy vda to the remote machine
- ansible.builtin.copy:
src: ""
dest: ""
remote_src: no
- tags:
- copy
<!--NeedCopy-->
Playbook de ejemplo linux_upgrade.yml
- name: Upgrade Linux VDA and Reboot RHEL & Debian Linux distros
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
- vars:
remote_tmp: "/path/to/remote/tmp" # replace with your actual path
- rhel7_file_name: "rhel7_file.rpm" # replace with your actual file name
rhel8_file_name: "rhel8_file.rpm" # replace with your actual file name
rhel9_file_name: "rhel9_file.rpm" # replace with your actual file name
ubuntu2004_file_name: "ubuntu2004_file.deb" # replace with your actual file name
- ubuntu2204_file_name: "ubuntu2204_file.deb" # replace with your actual file name
- debian11_file_name: "debian11_file.deb" # replace with your actual file name
debian12_file_name: "debian12_file.deb" # replace with your actual file name
- suse15_file_name: "suse15_file.deb" # replace with your actual file name
amazon2_file_name: "amazon2_file.rpm" # replace with your actual file name
tasks:
# Upgrade RHEL linux vda packages
- name: Upgrade RHEL7 linux vda packages
ansible.builtin.yum:
name: ""
state: present
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "7"
# Upgrade RHEL linux vda packages
- name: Upgrade RHEL8 linux vda packages
ansible.builtin.yum:
name: ""
state: present
- when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "8"
# Upgrade RHEL linux vda packages
- name: Upgrade RHEL9 linux vda packages
- ansible.builtin.yum:
name: ""
state: present
when:
- ansible_facts['distribution'] == "RedHat"
- ansible_facts['distribution_major_version'] == "9"
# Ubuntu20.04 linux vda upgrade
- name: Ubuntu20.04 linux vda upgrade
ansible.builtin.apt:
deb: ""
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "20"
- name: Ubuntu22.04 linux vda upgrade
ansible.builtin.apt:
deb: ""
when:
- ansible_facts['distribution'] == "Ubuntu"
- ansible_facts['distribution_major_version'] == "22"
# Debian Linux VDA upgrade
- name: Debian11 Linux VDA upgrade
ansible.builtin.apt:
deb: ""
- when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "11"
- name: Debian12 Linux VDA upgrade
ansible.builtin.apt:
deb: ""
when:
- ansible_facts['distribution'] == "Debian"
- ansible_facts['distribution_major_version'] == "12"
# Sles15 Linux VDA upgrade
- name: Sles15 Linux VDA upgrade
- community.general.zypper:
name: ""
state: present
when:
- ansible_facts['distribution'] == "SLES"
- ansible_facts['distribution_major_version'] == "15"
# Amazon2 Linux VDA upgrade
- name: Amazon2 Linux VDA upgrade
ansible.builtin.yum:
name: ""
when:
- ansible_facts['distribution'] == "Amazon"
- ansible_facts['distribution_major_version'] == "2"
# Reboot after upgrade
- name: Reboot host
reboot:
connect_timeout: ""
post_reboot_delay: ""
reboot_timeout: ""
<!--NeedCopy-->
Playbook de ejemplo para montar un servidor de Network File System (NFS) como directorio de inicio
El siguiente playbook de ejemplo monta un servidor NFS como directorio de inicio en los hosts de destino:
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
vars:
nfs_server = <nfsserver ip address> # replace with your actual values
mount_points = /home/<domain realm>/user1,/home/<domain realm>user2 # replace with your actual values
nfs_shares = user1,user2 # replace with your actual values
owners = user1,user2 # replace with your actual values
groups = group1,group2 # replace with your actual values
tasks:
- name: Enable NFS as home directory
ansible.builtin.command:
cmd: "/opt/Citrix/VDA/bin/ctxreg create -k 'HKLM\\System\\CurrentControlSet\\Control\\Citrix' -t 'REG_DWORD' -v 'CheckUserHomeMountPoint' -d '0x00000001' --force"
register: result
failed_when: result.rc != 0
check_mode: no
- name: Mount NFS shares
ansible.builtin.mount:
path: ""
src: ":"
fstype: nfs
opts: rw,nolock
state: mounted
loop: ""
- name: Set owner, group and mode for NFS client paths
ansible.builtin.file:
path: ""
owner: ""
group: ""
mode: ""
loop: ""
<!--NeedCopy-->
Playbooks de ejemplo para la ejecución remota de comandos
Playbook de ejemplo para modificar la configuración del registro
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
vars:
registry_key: "your_registry_key" # E.g. registry_key = HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\icawd
registry_type: "your_registry_type" # E.g. registry_type = REG_DWORD
registry_value: "your_registry_value" # E.g. registry_value = AdaptiveScalingEnabled
registry_data: "your_registry_data" # E.g. registry_data = 0x00000000
tasks:
- name: Execute AdaptiveScaling redirection script
ansible.builtin.command:
cmd: "/opt/Citrix/VDA/bin/ctxreg create -k \"\" -t \"\" -v \"\" -d \"\" --force"
register: result
failed_when: result.rc != 0
check_mode: no
<!--NeedCopy-->
Playbook de ejemplo para bloquear la versión secundaria de RHEL
- hosts: <host1,host2,host3> # replace with your actual hosts in the inventory file.
vars:
rhel_minor_version: "9.3" # replace with your actual minor version such as 9.3, 8.8
tasks:
- name: Lock system to a specific minor version
ansible.builtin.command:
cmd: "subscription-manager release --set="
register: result
failed_when: "'Error' in result.stderr"
<!--NeedCopy-->
Gestiona tu despliegue usando Ansible
Copiado
Error