Ansible
is a free and open source Configuration and automation tool. We can configure,
manage, deploy and automate a large number of client machines from a central
machine using Ansible. It communicates over SSH and it doesn’t require
installing any agent on the client machines. Ansible uses lots of Ad-hoc
commands, playbooks and roles that’s are written in YAML.
If
Ansible not installed, Follow the article Howto Install Ansible Master Nodes on CentOS 8
Step 1. Verify the Installation: Run
the following command to verify the installation by checking Ansible installed
version:
[root@LC-Ansible-Master
~]# ansible --version
ansible 2.9.7
config file = /etc/ansible/ansible.cfg
configured module search path =
['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location =
/usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, May 21
2019, 23:51:36) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
[root@LC-Ansible-Master
~]#
|
Step 2. Configuration Changes: Once
the ansible packages are installed, make changes in the below ansible
configuration file as per requirements such as inventory file, module
locations, tmp directories etc.
[root@LC-Ansible-Master
~]# vi
/etc/ansible/ansible.cfg
………………………………………………………
[defaults]
# some basic default
values...
#inventory = /etc/ansible/hosts
#library = /usr/share/my_modules/
#module_utils = /usr/share/my_module_utils/
#remote_tmp = ~/.ansible/tmp
#local_tmp = ~/.ansible/tmp
#plugin_filters_cfg =
/etc/ansible/plugin_filters.yml
#forks = 5
#poll_interval = 15
#sudo_user = root
#ask_sudo_pass = True
#ask_pass = True
#transport = smart
#remote_port = 22
#module_lang = C
#module_set_locale =
False
………………………………………………………
[root@LC-Ansible-Master
~]#
|
Step 3. Inventory File: Add
client machines IP address or hostname in the ansible host inventory file. The
default inventory file is /etc/ansible/hosts. The host inventory can be grouped
as per IT infra like windows client machines, Network devices, Linux machines,
web servers, databases servers etc.
In the
below example, a node (192.168.43.30) is added under webserverstest group in the
ansible host inventory file to manage using ansible:
[root@LC-Ansible-Master
~]# vi /etc/ansible/hosts
# This is the default
ansible 'hosts' file.
……………………………………………………..
[webserverstest] #Group Name
192.168.43.30 #Ansible client machine
to manage by Ansible
…………………………………………………….
[root@LC-Ansible-Master
~]#
|
Step 4. Password Less Authentication: Since
Ansible is an agent less configuration tool and use SSH protocol to communicate
with its clients for configuration and management. Create a user with sudo
privilege for ansible management on all the nodes and configure password less
authentication. It supports password less authentication and somewhere with
password while communicating with clients.
Follow
the article How toConfigure SSH Password Less Authentication on CentOS 8 to
configure password less authentication.
Step 5. Verify the Changes: Once
all the above configuration done, check the client connectivity and
accessibility using ansible:
[root@LC-Ansible-Master
~]# su - ansible-user
Last login: Sun Apr 26
12:34:42 EDT 2020 on pts/0
[ansible-user@LC-Ansible-Master
~]$
[ansible-user@LC-Ansible-Master
~]$ ansible
-m ping webserverstest
192.168.43.30 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python":
"/usr/libexec/platform-python"
},
"changed":
false,
"ping":
"pong"
}
[ansible-user@LC-Ansible-Master
~]$
|
Done!
Client is accessible and ready to manage using ansible.
No comments:
Post a Comment