Ansible and the Red Hat Certified Engineer (RHCE) – The Ansible RHCE
With the release of Red Hat Enterprise Linux 8 in May 2019 the company shifted the focus of their premier administration certification to automation with Ansible, we now have the Ansible RHCE. The new System Administration 3 course that follows on from the RHCSA course is now based on Ansible and, of course is the associated exam EX294. To sit this RHCE exam you must already have your RHCSA certification having passed the EX200 exam.
NOTE: The System Administration 1 and System Administration 2 courses that make up the RHCSA certification have not changed that much from previous versions in the move the RHEL 8. There are some updates that relates to new features in 8.
Ansible is configuration management tool that can configure Linux devices as well as windows and other network devices such as routers. It is agent-less and, as such, we only need to install Ansible on the system that we deem as the controller. This could even be our Linux desktop or laptop. Being agent-less gives us advantages over similar tools such as Puppet.
Ansible Removes Complexity
The design of Ansible is meant for simplicity and the absence of complexity. The PLaybooks used to configure systems are text files that are easily read as well as written. They also act a documentation of how is a system is and should be setup.
Ansible is Agentless
Ansible only needs the controller, and as we mentioned before, this could be your Linux desktop. Connections will be made to Linux systems using OpenSSH and to Windows(R) we can use WinRM. Without the need of installing any agent we can be deploying configurations bringing systems to the desired state very quickly. On Linux, in general there should be a Python interpretor and Windows should have Powershell.
Ansible Architecture
- Control Nodes:: The management system where Ansible is installed, Ansible only needs to be installed on a single system
- Managed Hosts:: Systems that are managed by Ansible. Linux requires Python to be installed and Windows(R) systems should have PowerShell and the DotNet Framework installed. Other devices such as Cisco, Juniper and VyOS can also be managed using Ansible
- Playbooks:: These are YAML files that contain one or more *Plays* to be run across selected Managed Hosts. YAML is a markup language, _Yet Another Markup Language_. Playbooks are plain text files conforming to the YAML formatting standards
- Plays:: Plays are created with Playbook YAML files. Each play will contain one or more *tasks* to be run on the selected hosts. A Playbook will contain a list of one of more plays. A play will contain a list of one or more tasks
- Tasks:: The finals and lower element of a Playbook is the task. These are located within Plays and define individual configuration requirements that need to be attained on the managed host. Tasks will execute modules on the managed hosts written in Python, PowerShell or other languages specific to the managed host.
- Red Hat Ansible Tower:: Ansible Tower is an Enterprise Framework giving you a Web Interface to manage your infrastructure. Ansible Tower is not part of the objectives for the EX294 Exam.
Installing Ansible
Ansible needs to be installed on your Control Node. On Red Hat Enterprise Linux 8 we need to enable to repository and then install Ansible. We can use the command *# subscription-manager repos* to list the repository names so we do not need to remember the exact name of the repository that we need to enable. On CentOS, ansible is in the default repositories but add the *epel* repository to get a much later version of Ansible. Ansible can also be installed on other Linux distributions, there is no requirement to have it installed on RHEL 8, or in fact, Enterprise Linux at all.
RHEL 8 # subscription-manager repos # subscription-manager repos --enable ansible-2-for-rhel-8-x86_64-rpms # yum install ansible # ansible --version
CentOS 7 # yum -y install epel-release # yum makecache # yum install -y ansible # ansible --version
The video follows, the next bog on getting Ansible up and running is here…