First Configuration After Ansible Installation Getting Started With Ansible

In previous article i explained about HowTo Install Ansible in RHEL 7. Getting started with ansible. Automation tool without agent is amazing because installing and configuring each and every Linux machine with agent is too much time taking process. SSH Key’s are our friends to configure and run ansible automation tool/provisioning tool. First Configuration Ansible After Installation Getting Started with Ansible.

First Configuration Ansible

When you install ansible successfully /etc/ansible/hosts file will be created

  • Group name can be mention using [Group-Name], space in group name is not allowed
  • Putting (#) hash before any line is called commented (will not execute/excluded)
  • Blank lines are ignored
  • You can mention IP/Host Name can be a member. (If DNS is configured properly use Names otherwise use IP Address)
  • One member can be in multiple groups
  • User Name on ansible host and remote host should be same for easy command execution

Generate SSH Key in ansible installed machine. We can’t call it as server because you can install ansible in any of the host and run checks and playbooks, all you need is SSH key based authentication

administrator@ansible-serv:~$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
file in which to save the key (/home/administrator/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
same passphrase again:
Your identification has been saved in /home/administrator/.ssh/id_rsa.
Your public key has been saved in /home/administrator/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6KsT/GCBwaIdOOplzgB0JKPz/iU9B4HD/G6hlyZu8RA administrator@ansible-serv
The key's randomart image is:
+---[RSA 4096]----+
|.*.o |
|* Bo . |
|*+ += . |
|o+ooEo o |
|. B. o= S |
| o oB= + |
| ..+B@ . |
| ooBo+ |
| .+o. |
+----[SHA256]-----+

Check the Public key generated and stored in .ssh/id_rsa.pub file

$ cat .ssh/id_rsa.pub

above key you have to copy to remote hosts. You can use ssh-copy-id command or manually edit the file .ssh/authorized_keys and paste

$ ssh-copy-id 192.168.1.32

it will ask you for password of remote host to authenticate and copy key

Configure ansible Groups and Un-Grouped Hosts

Examples to specify un-grouped and group hosts. You can make use of wildcard characters, first configuration ansible

Ex1: 

host1.example.com
host2.example.com

Ex2:

[testservers]

hostest01.example.com
hostst02.example.com

Ex3: 

www[01:06].arkit.co.in

Now edit /etc/ansible/hosts file and define groups and un-grouped hosts, first configuration ansible.

# vi /etc/ansible/hosts

192.168.1.32

[nagioservers]
192.168.1.32
192.168.2.54
192.168.2.55
:wq

One is un-grouped host and others are in group [nagioservers]

aravi@ansible-serv:~$ ansible -m ping 192.168.1.32

Check remote server partition space details

aravi@ansible-serv:~$ ansible -m command -a "df -h" 192.168.1.32

Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VG00-ROOT
 15G 458M 14G 4% /
tmpfs 3.9G 80K 3.9G 1% /dev/shm

Did not have a privilege to run commands on remote host but using sudo user can run. Below is the ansible command to run commands on remote host using sudo before command

$ ansible -m shell -a "/sbin/service httpd status" 192.168.1.32 -s
192.168.1.32 | SUCCESS | rc=0 >>
httpd (pid 32076) is running...

Run command on multiple hosts without configuring Key based authentication

Wow..!! it’s an amazing option to run commands on multiple hosts with existing password, but the thing is all the hosts should be accessible using same user name and password.

Example: User Name: ravi and Password: ****** 

To Avoid below errors 

# yum install sshpass
# ssh 192.168.2.54    ##Accept fingerprint to store in known_hosts

192.168.2.54 | FAILED! => {
 "failed": true,
 "msg": "ERROR! to use the 'ssh' connection type with passwords, you must install the sshpass program"
}

192.168.2.54 | FAILED! => {
 "failed": true,
 "msg": "ERROR! Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."
}
$ ansible -m ping nagioservers -k
SSH password:

execute command as different user

$ ansible -m command -a "free -m" -u admin

There are N number of things we can do using Ansible this is the First Configuration Ansible After Installation.

Conclusion

The main advantage is client less tool and simple language we can use to write Ansible PlayBooks in YAML format. No extra language is required to learn.

Related Articles

Jenkins Installation Step by Step Guide RHEL 7

Amazing tools to Find Duplicate Files

For more Documentation

Thanks for your wonderful Support and Encouragement

Ravi Kumar Ankam

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

Leave a Reply

Your email address will not be published. Required fields are marked *