First Configuration After Ansible Installation Getting Started With Ansible
In previous article i explained about HowTo Install Ansible in RHEL 7. Getting started with ansible. Automation tool without agent is amazing because installing and configuring each and every Linux machine with agent is too much time taking process. SSH Key’s are our friends to configure and run ansible automation tool/provisioning tool. First Configuration Ansible After Installation Getting Started with Ansible.
First Configuration Ansible
When you install ansible successfully /etc/ansible/hosts file will be created
- Group name can be mention using [Group-Name], space in group name is not allowed
- Putting (#) hash before any line is called commented (will not execute/excluded)
- Blank lines are ignored
- You can mention IP/Host Name can be a member. (If DNS is configured properly use Names otherwise use IP Address)
- One member can be in multiple groups
- User Name on ansible host and remote host should be same for easy command execution
Generate SSH Key in ansible installed machine. We can’t call it as server because you can install ansible in any of the host and run checks and playbooks, all you need is SSH key based authentication
administrator@ansible-serv:~$ ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. file in which to save the key (/home/administrator/.ssh/id_rsa): Enter passphrase (empty for no passphrase): same passphrase again: Your identification has been saved in /home/administrator/.ssh/id_rsa. Your public key has been saved in /home/administrator/.ssh/id_rsa.pub. The key fingerprint is: SHA256:6KsT/GCBwaIdOOplzgB0JKPz/iU9B4HD/G6hlyZu8RA administrator@ansible-serv The key's randomart image is: +---[RSA 4096]----+ |.*.o | |* Bo . | |*+ += . | |o+ooEo o | |. B. o= S | | o oB= + | | ..+B@ . | | ooBo+ | | .+o. | +----[SHA256]-----+
Check the Public key generated and stored in .ssh/id_rsa.pub file
$ cat .ssh/id_rsa.pub
above key you have to copy to remote hosts. You can use ssh-copy-id command or manually edit the file .ssh/authorized_keys and paste
$ ssh-copy-id 192.168.1.32
it will ask you for password of remote host to authenticate and copy key
Configure ansible Groups and Un-Grouped Hosts
Examples to specify un-grouped and group hosts. You can make use of wildcard characters, first configuration ansible
Ex1: host1.example.com host2.example.com Ex2: [testservers] hostest01.example.com hostst02.example.com Ex3: www[01:06].arkit.co.in
Now edit /etc/ansible/hosts file and define groups and un-grouped hosts, first configuration ansible.
# vi /etc/ansible/hosts 192.168.1.32 [nagioservers] 192.168.1.32 192.168.2.54 192.168.2.55 :wq
One is un-grouped host and others are in group [nagioservers]
aravi@ansible-serv:~$ ansible -m ping 192.168.1.32
Check remote server partition space details
aravi@ansible-serv:~$ ansible -m command -a "df -h" 192.168.1.32 Filesystem Size Used Avail Use% Mounted on /dev/mapper/VG00-ROOT 15G 458M 14G 4% / tmpfs 3.9G 80K 3.9G 1% /dev/shm
Did not have a privilege to run commands on remote host but using sudo user can run. Below is the ansible command to run commands on remote host using sudo before command
$ ansible -m shell -a "/sbin/service httpd status" 192.168.1.32 -s 192.168.1.32 | SUCCESS | rc=0 >> httpd (pid 32076) is running...
Run command on multiple hosts without configuring Key based authentication
Wow..!! it’s an amazing option to run commands on multiple hosts with existing password, but the thing is all the hosts should be accessible using same user name and password.
Example: User Name: ravi and Password: ******
To Avoid below errors
# yum install sshpass # ssh 192.168.2.54 ##Accept fingerprint to store in known_hosts 192.168.2.54 | FAILED! => { "failed": true, "msg": "ERROR! to use the 'ssh' connection type with passwords, you must install the sshpass program" } 192.168.2.54 | FAILED! => { "failed": true, "msg": "ERROR! Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host." }
$ ansible -m ping nagioservers -k SSH password:
execute command as different user
$ ansible -m command -a "free -m" -u admin
There are N number of things we can do using Ansible this is the First Configuration Ansible After Installation.
Conclusion
The main advantage is client less tool and simple language we can use to write Ansible PlayBooks in YAML format. No extra language is required to learn.
Related Articles
Jenkins Installation Step by Step Guide RHEL 7
Amazing tools to Find Duplicate Files
Thanks for your wonderful Support and Encouragement