web_development:devops:ansible

Ansible

sudo apt-get update
sudo apt-get upgrade -y

sudo apt-get install software-properties-common
sudo apt-add-repository --yes --update ppa:ansible/ansible
sudo apt-get update
sudo apt-get install ansible -y
sudo apt-get install python -y

- Because Ansible requires a Python interpreter (in order to run its modules), we need to install Python as well.

cd /etc/ansible


you should see:
ansible.cfg
hosts
roles (dir)
sudo vim /etc/ansible/hosts

add the group and IP addresses:

[groupname]
192.168.1.128
192.168.1.256

[groupname:vars]
ansible_user=root
ansible_password=P@ssword123
sudo vim /etc/ansible/ansible.cfg

might want to un-comment this line only if you have to

#host_key_checking = False

Next, we need to make it possible for our node to access the Ansible server. We do this via Secure Shell (SSH). Copy the server's SSH public key to the node. If your server doesn't have a key yet, generate one with the command:

ssh-keygen
cat ~/.ssh/id_rsa.pub

Here's what you do with the output of that command:

1.) Copy the text from the key.
2.) Log into your node server.
3.) Issue the command sudo -s.
4.) Open the authorized_keys file with the command sudo nano ~/.ssh/authorized_keys.
5.) Paste the contents of the server key at the bottom of this file.
6.) Save and close the file.
If you want to simplify this process, issue the command (from the Ansible server):

ssh-copy-id NODE_IP

Where NODE_IP is the IP Address of the node to be added.

To test the newly added key, go back to your Ansible server and SSH to the node machine. Instead of being prompted for the user's password, you should be prompted for the SSH key passphrase.

Complete this for all of the nodes you want connected to Ansible.

Next, make sure Ansible knows the location of our node. Issue the command:

sudo nano /etc/ansible/hosts

In that file, create a new group for your nodes (in our case, we've only connected one node) and associate the IP addresses like so:

[group_name]
ALIAS NODE_IP

Where group_name is the name of the group to be created, ALIAS is an alias for the node, and NODE_IP is the IP address of your node. If you have more than one node, list them like so:

[webservers]
WEB1 192.168.1.100
WEB2 192.168.1.101
WEB3 192.168.1.102

Save and close that file. You can now test this by pinging all of your added nodes with the command:

ansible -m ping all

One thing to note is that Ansible will attempt to connect with the user running the command. So if you issue the Ansible command with user jack, it will attempt to connect to the nodes with that user. If that user isn't on your nodes, you need to instruct Ansible which user to use. To do this, follow these steps:

1.) Create a new directory (on the Ansible server) with the command sudo mkdir /etc/ansible/group_vars.
2.) Create a new file with the command sudo nano /etc/ansible/group_vars/servers.
3.) In that file, add the following line: ansible_ssh_user: USERNAME (Where USERNAME is the username on the remote node).
4.) Save and close that file.
Congratulations, Ansible is installed and communicating with a node. You're now ready to start creating playbooks.

ansible <host> --module <modulename>

E.G. $ ansible linux -m ping 
ansible linux -a "cat /etc/os-release" 

- do something like this to run a commend on each node and tell us what OS release it is on

ansible linux -a "sudo reboot"

Play book (.YAML file) -

---
  - name: iluvnano
    hosts: linux
    tasks:
      - name: ensure nano is there
        apt:
          name: nano
          state: latest

- iluvnano.yml file

ansible-playbook iluvnano.yml
  • web_development/devops/ansible.txt
  • Last modified: 2020/09/18 02:50
  • by jimboobrien