Ansible
Ansible is configuration management, IT automation and provisioning tool. With the help of the Ansible automation tool, we can configure and manage the ‘n’ number of servers at a time. When executing a task Ansible use ssh to login to the remote machine. It is an agentless automation tool.
Environment setup.
To set up our environment I am using Oracle Virtual-box. In my virtual-box Manager, I have installed 2 Centos-7 Virtual machines. One is the Control machine, where we will install Ansible, I named it “ctrlmachine” the other one is the host machine or the machine in which we will execute the tasks.
ctrlmachine : 192.168.1.28
Remote node1: 192.168.1.29
To learn about Virtual-box installation please refer below links.
Ansible installation.
Login to ctrlmachine and install Ansible
To install Ansible packages we need to enable EPEL repository in Centos 7. To enable the EPEL repository click here.
Once you enabled the EPEL repository, you can install Ansible with the help of the yum package manager.
Execute the below command to install Ansible.
[root@localhost ~]# yum install ansible
To check the installed Ansible version
[root@ctrlmachine ~]# ansible --version ansible 2.7.0 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Ansible configuration
Ansible will use a password or public-private key mechanism to perform any task on remote nodes. Here we use key authentication, for this create an ssh key on ctrlmachine using below command
#ssh-keygen -t rsa -b 4096
The key file will be generated in /root/.ssh/id_rsa file.
Now copy the public key to our remote nodes using the ssh-copy-id command.
[root@ctrlmachine ~]# ssh-copy-id root@192.168.1.29 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.1.29's password: Number of key(s) added: 1
Now try logging into the machine, with “ssh ‘root@192.168.1.29′”
and check to make sure that only the key(s) you wanted were added.
Make sure that, we can log in to the node1 machine without entering a password by executing the below command.
[root@ctrlmachine ~]# ssh root@192.168.1.29 Last failed login: Tue Apr 2 06:33:03 EDT 2019 from 192.168.1.28 on ssh:notty Last login: Tue Apr 2 06:32:29 2019 from 192.168.1.26 [root@localhost ~]#
The same method we use to copy the public key of ctrlmachine to copy all remote nodes. Here I have done it for the first node.
Ansible hosts files
This file is used to add the remote node details. We can add remote node IP address or hostname, so Ansible ctrlmachine can understand which hosts need to connect. I am adding our first node IP address to this file.
[root@ctrlmachine ~]# vim /etc/ansible/hosts
In the last line of the file, I have added the IP address as follows, we can add more hosts and the group name is called “webserver”. You can give any name here.
[webserver]
192.168.1.29
Ansible Ad-hoc commands
We have installed Ansible and configured it now the time to run Ansible command. Here we will execute some basic command and understand it.
To reach all remote nodes from the host machine execute the ping command
# ansible -m ping all
Here -m is module all to execute in all nodes. The command was successful and we can see the output on the terminal.
Now execute ping command with our host group name and see the output.
Try some shell command
# ansible -m command -a "df -h" webserver
We can execute other commands in the same way or with the help of the shell module. In the next chapter, we will learn ansible playbooks.
