Navigate
X
    admin
  • 7 years ago
    • Categories: Linux

Quick Guide: How to install and configure ansible in Linux for Automation

 Why to install and configure Ansible in Linux. 

Using configuration management systems we can control large numbers of servers which makes system administrators life easy. In a nutshell we can control or manage huge number of server or systems from single central server with the help of automation tools.

There are many such tools are available for automation such as Chef or Puppet. However these tools are some what complex in nature. We have got great alternative to these options which is Ansible. Since its very much easy to install and configure Ansible in Linux.

This guide will quickly  guide you on how to install and configure Ansible in Linux.

How Ansible Works!

Ansible  does not use any agents for carrying out the automation tasks, which means that there are no background processes runs on the clients. Instead Ansible makes connection using SSH for carrying out its operations.

Setup details for Ansible installation.

Ansible management  server details:

OS: Red Hat Enterprise Linux Server release 7.2 (Maipo)
Hostname: ansimgmt
IP: 172.31.15.60
User: lradmin

Client machine details:

client 1

Hostname: web1
IP: 172.31.7.221

Client 2

Hostname: web2
IP: 172.31.25.35

Step1: Installing Ansible on management server.

For Linux Mint,Ubuntu and Debian
#apt-add-repository ppa:ansible/ansible 
#apt-get update && sudo apt-get install ansible
For  RHEL,CentOS and Fedora
#yum install ansible

Please note that there are no official Ansible repository for RedHat  , howerver we can still install Ansible by enabling epel repository under RHEL or Centos.

After installing the Ansible you can check the version using below command.

[root@ansimgmt ~]# ansible --version
ansible 2.3.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Oct 11 2015, 17:47:16) [GCC 4.8.3 20140911 (Red Hat 4.8.3-9)]
[root@ansimgmt ~]#

Step2: Setting up ssh for configuring Ansible.

For deployment or managing the client machine from our management server “ansimgmt” we need to setup password less ssh between them. In this demo we have configured lradmin user for password less ssh.

Generate the ssh keys on the management server for the user lradmin.

[root@ansimgmt root]# id
uid=0(root) gid=1001(lradmin) groups=1001(lradmin) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@ansimgmt root]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
5e:a3:5b:4c:dc:15:7d:96:59:a8:85:97:43:03:70:a2 root@ansimgmt
The key's randomart image is:
+--[ RSA 2048]----+
|          o.o+++=|
|         . o. *=+|
|        E    +.o.|
|         . ...   |
|        S = .    |
|       . = .     |
|        o o      |
|         o       |
|        .        |
+-----------------+

Here we are done with generating the keys now in the next step we need to copy the contents of “/root/.ssh/id_rsa.pub” to client system for the user lradmin.  Please follow the steps in this post  , so that password less communication between management server and client machine web1 and web2 can be configured.

Once you are done with password less configuration you can cross check the same by doing ssh as below. System should not ask any password during the procedure.

[root@ansimgmt ~]# id
uid=0(root) gid=1001(lradmin) groups=1001(lradmin) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@ansimgmt ~]# ssh lradmin@172.31.25.35
Last login: Mon Jun 19 02:03:34 2017 from ip-172-31-15-60.ap-south-1.compute.internal
[root@web2 ~]# hostname
web2
[root@web2 ~]# logout
Connection to 172.31.25.35 closed.
[root@ansimgmt ~]# ssh lradmin@172.31.7.221
Last login: Mon Jun 19 04:18:19 2017 from ip-172-31-15-60.ap-south-1.compute.internal
[root@web1 ~]# hostname
web1
[root@web1 ~]# logout
Connection to 172.31.7.221 closed.
[root@ansimgmt ~]#

Step3: Create inventory file for Ansible.

In the next step we need to create inventory file for the list of clients. Basically its list of client ip or hostname for machines which are being used for automation.

Please add below lines of code under file “/etc/ansible/hosts” on our management server.

[web]
172.31.7.221 ansible_user=lradmin
172.31.25.35 ansible_user=lradmin

The above lines of code describes that , list of client machines which comes under web category having Ansible user as lradmin.

Step4: Check the connection.

Now its time to check whether our configuration is properly setup or not. To do this we will be using ping module within Ansible.

#ansible -m ping web

In the above command we have used ping module for our web category server.  You can also check all the modules within Ansible here.

System should respond with below messages if everything is Ok.

[root@ansimgmt ~]# ansible -m ping web
172.31.25.35 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
172.31.7.221 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
[root@ansimgmt ~]#

Step4: Executing remote commands on the client machines.

Now we can able to run random commands on our client machines to pull out some information about them. So to do this we need to use “command” module within Ansible.

  • In case you wanted to have file-system utilisation of the client machine.
[root@ansimgmt ~]# ansible -m command -a "df -h" web
172.31.25.35 | SUCCESS | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/xvda2       10G  946M  9.1G  10% /
devtmpfs        478M     0  478M   0% /dev
tmpfs           496M     0  496M   0% /dev/shm
tmpfs           496M   13M  484M   3% /run
tmpfs           496M     0  496M   0% /sys/fs/cgroup
tmpfs           100M     0  100M   0% /run/user/1000
tmpfs           100M     0  100M   0% /run/user/0

172.31.7.221 | SUCCESS | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
/dev/xvda2       10G  1.6G  8.5G  16% /
devtmpfs        478M     0  478M   0% /dev
tmpfs           496M     0  496M   0% /dev/shm
tmpfs           496M   13M  484M   3% /run
tmpfs           496M     0  496M   0% /sys/fs/cgroup
tmpfs           100M     0  100M   0% /run/user/1000
tmpfs           100M     0  100M   0% /run/user/0

[root@ansimgmt ~]#

  • Checking the uptime of the client machines.
[root@ansimgmt ~]# ansible -m command -a "uptime" web
172.31.25.35 | SUCCESS | rc=0 >>
 04:48:37 up  3:42,  2 users,  load average: 0.00, 0.01, 0.05

172.31.7.221 | SUCCESS | rc=0 >>
 04:48:37 up  3:57,  2 users,  load average: 0.00, 0.01, 0.05

[root@ansimgmt ~]#

Conclusion:

Need for Automation within IT industry is getting increased day by day for reducing the cost as well time for carrying out the various tasks. There are tools or applications available in the market like Chef or Puppet. Ansilble is easy to install and configure. Also its agent less meaning that it does run any background process on clients.

 

View Comments (0)

Leave a Comment
Related Post
  1. TorGuard VPN review: Overview , Pricing of the product!!

    This is review post for Torguard VPN which has features and pricing details for Tor…

  2. What is Linux standard input output error and how to redirect stdout and stderr to file in Linux

    This article will quickly guide you about Linux standard input output error.Also we will learning…

  3. Quick Guide for Linux user access control list (ACL) Vlog

    In this video we are going to learn about Linux Access control list or Linux…