Introduction to Configuration Management (Part 1)
Configuration Management Tools Unveiled (Part 2)
Demystifying Ansible: A Michelin Star Chef in Your IT Kitchen (Part 3)
Unwrapping the Power of Ansible: A Practical Journey with Pi-hole (Part 4)

Hello Muser!

In our previous newsletter, we delved deep into the creation of an Ansible playbook to automate the installation and configuration of Pi-hole. If you've been following along, you now have a playbook ready to roll. But how do you actually use that playbook?

Today, we're going to walk you through executing that playbook from the command line, understanding its output, and verifying its success. Let's get started!

Running the Playbook

To run the playbook, navigate to the directory containing your playbook and inventory file. Then, use the following command:

ansible-playbook -i hosts pihole.yaml

Here's a quick breakdown:

• ansible-playbook: This is the command to run an Ansible playbook.

• -i hosts: This specifies the inventory file named "hosts" that we created in the previous newsletter.

• pihole.yaml: This is the name of our playbook.

Understanding the Output

As the playbook runs, Ansible will display a real-time log of its actions.

For instance, this is what my successful run looks like:

PLAY [Install Pi-hole]**********************************

TASK [Gathering Facts]**********************************
ok: [10.0.0.233]

TASK [system : Update all packages]*********************
changed: [10.0.0.233]

TASK [system : Upgrade all packages]********************
ok: [10.0.0.233]

TASK [dependencies : Install dependencies]**************
ok: [10.0.0.233]

TASK [pihole : Check if Pi-hole is already installed]***
ok: [10.0.0.233]

TASK [pihole : Create /etc/pihole directory] ***********
changed: [10.0.0.233]

TASK [pihole : Create setupVars.conf] ******************
changed: [10.0.0.233]

TASK [pihole : Install Pi-hole] ************************
changed: [10.0.0.233]

TASK [pihole : Remove Password] ************************
changed: [10.0.0.233]

PLAY RECAP *********************************************
10.0.0.233                 : ok=9    changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

For each playbook run, you'll see:

• PLAY [Install Pi-hole]: This indicates the start of the playbook run.

• TASK [role_name : task_name]: This shows which task from which role is currently being executed.

• changed: If you see this next to a task, it means that the task made changes on the target host.

• ok: This indicates that the task ran successfully without making any changes (because they weren't needed).

• failed: If a task fails, you'll see this keyword. You'll need to investigate the error message to understand the cause.

Testing the Playbook's Success

After running the playbook, it's crucial to verify that Pi-hole was installed correctly.

1. Access the Pi-hole Admin Console: Open a web browser and navigate to http://your_server_IP/admin. You should see the Pi-hole admin dashboard. If you can access this, it means Pi-hole was installed successfully. Keep in mind, our playbook removes the admin password which may be a security risk. If you'd like to set the password, you can ssh back into your vm and run pihole -a -p.

2. Check DNS Resolution: On a device in your network, set its DNS server to the IP address of your Pi-hole server. Try accessing a few websites. If they load correctly, it means Pi-hole is resolving DNS queries.

3. Test Ad Blocking: Visit a website known for displaying ads. If you see fewer ads than usual, Pi-hole is likely blocking them.

4. Review Pi-hole Logs: Back in the Pi-hole admin console, navigate to the 'Query Log'. Here, you can see all DNS queries processed by Pi-hole and whether they were allowed or blocked.

A Couple Of Highlights

I think this is a good point to review why this is so powerful through the lens of some of our vocabulary terms:

1. Idempotent: You can run this playbook over and over. Ansible is written in such a way that it should not have any side effects or breakages because it’s run multiple times. That means you can be confident that your system doesn’t end up in a bad state just because you run ansible-playbook -i hosts pihole.yaml more than once. Set up a scheduled task to run it every week if you want! You’ll just guarantee that Pi-hole is installed, even if someone removes it.

2. Declarative: You’ve stated the end-goal of the playbook. Ansible does the hard work of figuring out if it needs to happen and then what needs to happen.

3. Push vs Pull: You didn’t have to install any agent software on your box. Good ol’ SSH is tried and true here.

What’s Next?

You’ve now followed a tutorial on how to write, version control, and execute an Ansible playbook. But what if you don’t want to install Pi-hole?

How can you create and write your OWN playbooks, roles, and tasks to accomplish the work YOU want done?

Next time we’ll look at something that I don’t think gets covered enough in tutorials:

How to read the documentation!

Documentation for Ansible (and many other devops tools) can be overwhelming so I’ll be doing the guided tour I wish that I had when I started! Stay tuned!

Have any questions or experiences to share about writing playbooks? Leave a comment below. Also, your comments help me understand what you're curious about, and what topics you'd like to see covered next! I'd love to hear from you!

Enjoyed this post? Don't miss our next one where we'll explore different tools available for configuration management. Subscribe now and share with your colleagues who might find this useful!

Keep learning and keep growing,

Darrell