In this article, we will learn how to configure Ansible on CentOS 7 which is an Automation configuration management system. This system can control a large number of client machines with an easy administration, which can be automated from a central location.
Ansible communicates over SSH tunnels and it doesn’t need to install any software on the client machine and it can retrieve information from the remote ansible machines which issues commands and copies the files.
The Ansible configuration files mainly use the YAML data formation as it can be due to expressive and similarity of popular languages. The clients can be communicated using the command line tools or using with the playbooks.
Prerequisites
- We need CentOS 7 and root user.
- Needed SSH keys for the users.
Installing Ansible on CentOS 7
Since we need to install Ansible software on one machine, it will not be available in the CentOS default repository. Hence, we should add the Ansible personal package to archive the system.
Below is the command to add to the repository –
$ sudo yum install epel-release -y Output: Loaded plugins: fastest mirror Loading mirror speeds from cached hostfile * base: mirror.fibergrid.in* extras: mirror.digistar.vn * updates: mirror.digistar.vn Resolving Dependencies --> Running transaction check ---> Package epel-release.noarch 0:7-9 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: epel-release noarch 7-9 extras 14 k Transaction Summary ================================================================================ Install 1 Package Total download size: 14 k Installed size: 24 k Downloading packages: epel-release-7-9.noarch.rpm | 14 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : epel-release-7-9.noarch 1/1 Verifying : epel-release-7-9.noarch 1/1 Installed: epel-release.noarch 0:7-9 Complete!
Once the Epel repository is updated, we need to update the system so that we have the dependencies installed perfectly.
$ sudo yum update –y Output: Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.fibergrid.in * epel: epel.mirror.angkasa.id * extras: mirror.digistar.vn * updates: mirror.digistar.vn Resolving Dependencies --> Running transaction check ---> Package NetworkManager.x86_64 1:1.0.6-31.el7_2 will be updated ---> Package NetworkManager.x86_64 1:1.4.0-14.el7_3 will be an update --> Processing Dependency: libjansson.so.4()(64bit) for package: 1:NetworkManager-1.4.0-14.el7_3.x86_64 ---> Package NetworkManager-libnm.x86_64 1:1.0.6-31.el7_2 will be updated ---> Package NetworkManager-libnm.x86_64 1:1.4.0-14.el7_3 will be an update ---> Package NetworkManager-tui.x86_64 1:1.0.6-31.el7_2 will be updated ---> Package NetworkManager-tui.x86_64 1:1.4.0-14.el7_3 will be an update ---> Package NetworkManager-wifi.x86_64 1:1.0.6-31.el7_2 will be updated ---> Package NetworkManager-wifi.x86_64 1:1.4.0-14.el7_3 will be an update ---> Package alsa-lib.x86_64 0:1.0.28-2.el7 will be updated ---> Package alsa-lib.x86_64 0:1.1.1-1.el7 will be an update … … Fetched 19.5 kB in 1s (18.2 kB/s) Reading package lists... Done Complete!
Once the package repository is updated, we will install the Ansible using the below command –
$ sudo yum install ansible -y Output: Loaded plugins: fastestmirror epel/x86_64/metalink | 4.8 kB 00:00:00 epel | 4.3 kB 00:00:00 (1/3): epel/x86_64/group_gz | 170 kB 00:00:01 (2/3): epel/x86_64/updateinfo | 721 kB 00:00:03 (3/3): epel/x86_64/primary_db | 4.5 MB 00:00:09 Loading mirror speeds from cached hostfile * base: mirror.fibergrid.in * epel: mirror.rise.ph * extras: mirror.digistar.vn * updates: mirror.digistar.vn Resolving Dependencies --> Running transaction check ---> Package ansible.noarch 0:2.2.1.0-1.el7 will be installed --> Processing Dependency: sshpass for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-six for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-setuptools for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-paramiko for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-keyczar for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-jinja2 for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: python-httplib2 for package: ansible-2.2.1.0-1.el7.noarch --> Processing Dependency: PyYAML for package: ansible-2.2.1.0-1.el7.noarch --> Running transaction check .. .. Verifying : python-jinja2-2.7.2-2.el7.noarch 3/19 Verifying : python-setuptools-0.9.8-4.el7.noarch 4/19 Verifying : python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch 5/19 Verifying : python-markupsafe-0.11-10.el7.x86_64 6/19 Verifying : python-httplib2-0.7.7-3.el7.noarch 7/19 Verifying : python2-ecdsa-0.13-4.el7.noarch 8/19 Verifying : libtomcrypt-1.17-23.el7.x86_64 9/19 Verifying : python-backports-1.0-8.el7.x86_64 10/19 Verifying : ansible-2.2.1.0-1.el7.noarch 11/19 Verifying : libtommath-0.42.0-4.el7.x86_64 12/19 Verifying : python2-pyasn1-0.1.9-7.el7.noarch 13/19 Verifying : PyYAML-3.10-11.el7.x86_64 14/19 Verifying : python2-crypto-2.6.1-10.el7.x86_64 15/19 Verifying : python-babel-0.9.6-8.el7.noarch 16/19 Verifying : python-six-1.9.0-2.el7.noarch 17/19 Verifying : python2-paramiko-1.16.1-1.el7.noarch 18/19 Verifying : sshpass-1.05-5.el7.x86_64 19/19 Installed: ansible.noarch 0:2.2.1.0-1.el7 Dependency Installed: PyYAML.x86_64 0:3.10-11.el7 libtomcrypt.x86_64 0:1.17-23.el7 libtommath.x86_64 0:0.42.0-4.el7 libyaml.x86_64 0:0.1.4-11.el7_0 python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7 python-httplib2.noarch 0:0.7.7-3.el7 python-jinja2.noarch 0:2.7.2-2.el7 python-keyczar.noarch 0:0.71c-2.el7 python-markupsafe.x86_64 0:0.11-10.el7 python-setuptools.noarch 0:0.9.8-4.el7 python-six.noarch 0:1.9.0-2.el7 python2-crypto.x86_64 0:2.6.1-10.el7 python2-ecdsa.noarch 0:0.13-4.el7 python2-paramiko.noarch 0:1.16.1-1.el7 python2-pyasn1.noarch 0:0.1.9-7.el7 sshpass.x86_64 0:1.05-5.el7 Complete!
Ansible Hosts Configuring
We need to keep track of all the servers and clients from ‘hosts’ file, we also need to create the hosts file so that we can start communicating with the other client or server machines.
$ sudo nano /etc/ansible/hosts
When we open the configuration file, we will see that all the commented lines and none of the configuration in the files works, as we need to add the below demo machines.
General Syntax for adding the Host or Client in the Group adds
[group_name] Alias anisible_ssh_host=your_ansible_server_ip_address
Sample Configuration File
[Ansible_server] Client1 ansible_ssh_host=192.168.0.10 Client2 ansible_ssh_host=192.168.0.11
We needed to configure so that SSH keys are copied to all the client machines so that they are authorized without any password.
In our scenario, we are using two client machines and all the client machines are accessible using the SSH keys without prompting for the password.
With the current configuration if we try to connect to the host with Ansible the command fails because the SSH keys are connected with the root user and we will see the below error
Client1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh.",
"unreachable": true
}
We will create a file which tells that the servers will connect using the root user of the client machines.
$ sudo mkdir /etc/ansible/group_vars $ sudo vi /etc/ansible/group_vars/servers --- Ansible_ssh_user: root We have to put the “---“ in the starting of the YAML file.
If you want to specify all the servers at a place we needed to provide those details at /etc/ansible/group_vars/all.
Executing the Simple Ansible Commands
To test our configuration we run the below command which will ping all the clients in the configuration file.Watch movie online The Transporter Refueled (2015)
$ ansible –m ping all
Output:
Client1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Client2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
We can also ping the individual clients with the below example.
$ ansible –m ping servers $ ansible –m ping clien1
We can use the shell module to run a terminal command from the Anisble to the client.
$ ansible –m shell –a ‘df –h’ client1 Output: Client1 | SUCCESS | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 42G 2.6G 39G 7% / devtmpfs 1.9G 0 1.9G 0% /dev tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs 1.9G 8.4M 1.9G 1% /run tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/sda1 494M 163M 332M 33% /boot /dev/mapper/centos-home 21G 33M 21G 1% /home tmpfs 379M 0 379M 0% /run/user/0
Like the above example we will check for the free memory for the client1
$ ansible –m shell –a ‘free –m’ client1 Output: Client1|SUCCESS|rc=0 >> total used free shared buff/cache available Mem: 3.7G 868M 1.9G 8.4M 1.0G 2.6G Swap: 2.0G 0B 2.0G
In the above article, we have learnt about – how to install and configure the Ansible and configure the clients, communicate with the client or servers and run simple commands and tasks so that we can test the configuration and execute the simple tasks remotely. We will cover the Playbooks in the further articles.
No comments:
Post a Comment