Friday, 4 September 2020

Ansible playbooks gets started

 Ansible get started:

Install SSH (SSH must be installed for all devices for ansible to work)

 

https://linuxize.com/post/how-to-enable-ssh-on-ubuntu-18-04/

 

sudo apt update

sudo apt install openssh-server

sudo systemctl status ssh

sudo ufw allow ssh

 

Install ANSIBLE

 

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-ubuntu-18-04

 

// Install ANSIBLE

sudo apt-add-repository ppa:ansible/ansible

sudo apt update

sudo apt install ansible

 

// Manage Ansible Inventory files

sudo vim /etc/ansible/hosts

 

add the following :

 

[ansible_client]

172.19.11.25 ansible_ssh_user=jx2 ansible_ssh_pass=jx2jx2ftca!

 

 

// Check list of host

ansible-inventory --list –y

 

 

// Ping all host

ansible all -m ping (use the ssh_pass and ssh_user specified in inventory file)

 

// If its first time, the ansible client IP must be added to known host. SSH user@clientIP first to add IP to known hosts

 

// Install apache2 on client

https://www.scaleway.com/en/docs/how-to-install-apache-on-ansible/

 

https://www.youtube.com/watch?v=EcnqJbxBcM0


ANSIBLE correct setup to get going properly:

 

Inventory(host files):

sudo vim /etc/ansible/hosts

 

 

## db-[99:101]-node.example.com

 

[ansible_client]

172.19.11.25 ansible_ssh_user=jx2 ansible_ssh_pass=jx2jx2ftca!  ansible_sudo_pass=jx2jx2ftca! ansible_ssh_extra_args='-o StrictHostKeyChecking=no'

~

 

// Need to set ssh_user, ssh_pass, ansible_sudo_pass(sudo password), ansible_ssh_extra_arg(remove hostkey finger print checking)

 

// Sudo password

https://stackoverflow.com/questions/25582740/missing-sudo-password-in-ansible

// SSH finger print check:

https://stackoverflow.com/questions/23074412/how-to-set-host-key-checking-false-in-ansible-inventory-file

 

 

playbooks:

vim playbook.yml

 

---

- name: test apache installation

  hosts: ansible_client

  become: yes   // Usually become is good enough

  become_method: sudo

  tasks:

    - name: install apache2

      apt: name=apache2 update_cache=yes state=latest

 

become

equivalent to adding sudo: or su: to a play or task, set to ‘true’/’yes’ to activate privilege escalation

become_user

equivalent to adding ‘sudo_user:’ or ‘su_user:’ to a play or task, set to user with desired privileges

become_method

at play or task level overrides the default method set in ansible.cfg, set to ‘sudo’/’su’/’pbrun’/’pfexec’/’doas’

 

 

https://ansible-docs.readthedocs.io/zh/stable-2.0/rst/become.html

 

https://stackoverflow.com/questions/50512402/can-ansible-use-sudo-su-if-the-sudo-user-is-not-allowed-to-run-arbitrary-scr

 

Ping :

ansible all -m ping

 

syntax check:

sudo ansible-playbook apache.yml --syntax-check

 

 

run:

sudo ansible-playbook apache.yml



Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)