Editing Ansible
Jump to navigation
Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | [[wikipedia:Ansible (software)]] ([[2012] | + | [[wikipedia:Ansible (software)]] ([[2012]]) is software for automate task, you can automates software provisioning, [[configuration management]], application deployment and general orchestration, ansible design is based on [[modules]], execute <code>ansible-doc -l</code> to view your available modules or check list of official modules in the documentation: https://docs.ansible.com/ansible/latest/modules/modules_by_category.html. |
== Installation and Basic Configuration == | == Installation and Basic Configuration == | ||
Install Ansible binaries using yum or apt-get depending on your linux distribution, or [[pip]] on [[MacOS]] on your computer, not necessary on your managed nodes, then allows server access to your managed clients configuring automatic [[ssh]] [[key authentication]]. | Install Ansible binaries using yum or apt-get depending on your linux distribution, or [[pip]] on [[MacOS]] on your computer, not necessary on your managed nodes, then allows server access to your managed clients configuring automatic [[ssh]] [[key authentication]]. | ||
− | * macOS: <code> | + | * macOS: <code>brew install ansible</code> |
− | * [[Ubuntu]] (latest version): <code>sudo | + | * [[Ubuntu]] (latest version): <code>sudo apt update && sudo apt install [[software-properties-common]] && sudo [[apt-add-repository]] -y [[ppa]]:ansible/ansible && sudo apt update && sudo apt install ansible -y</code><ref>https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ansible-on-ubuntu-18-04</ref> |
Ansible '''binaries''': | Ansible '''binaries''': | ||
− | + | /usr/bin/ansible | |
/usr/bin/[[ansible-playbook]] | /usr/bin/[[ansible-playbook]] | ||
− | + | /usr/bin/[[ansible-config]] View, edit, and manage ansible configuration. | |
/usr/bin/ansible-console REPL console for executing Ansible tasks | /usr/bin/ansible-console REPL console for executing Ansible tasks | ||
/usr/bin/[[ansible-galaxy]] Command to manage Ansible roles in shared repositories, the default of which is Ansible Galaxy https://galaxy.ansible.com | /usr/bin/[[ansible-galaxy]] Command to manage Ansible roles in shared repositories, the default of which is Ansible Galaxy https://galaxy.ansible.com | ||
− | /usr/bin/ | + | /usr/bin/ansible-pull Pulls playbooks from a VCS repo and executes them for the local host |
− | /usr/bin/ | + | /usr/bin/ansible-doc Displays information on modules installed in Ansible libraries |
/usr/bin/[[ansible-inventory]] Used to display or dump the configured inventory as Ansible sees it | /usr/bin/[[ansible-inventory]] Used to display or dump the configured inventory as Ansible sees it | ||
− | /usr/bin/ | + | /usr/bin/ansible-connection - |
/usr/bin/[[ansible-vault]] Encryption/decryption utility for Ansible data files | /usr/bin/[[ansible-vault]] Encryption/decryption utility for Ansible data files | ||
== Configuration files == | == Configuration files == | ||
There are at least two configuration files in Ansible: | There are at least two configuration files in Ansible: | ||
− | * <code> | + | * <code>/etc/ansible/[[hosts]]</code><ref>http://docs.ansible.com/ansible/latest/intro_inventory.html</ref>, text configuration file for managed nodes, or ''[[inventory]]'' in Ansible terminology, in [[INI]] or [[YAML]] format. |
− | * <code>/ | + | * <code>/etc/ansible/[[ansible.cfg]]</code><ref>https://docs.ansible.com/ansible/latest/installation_guide/intro_configuration.html</ref><ref>https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-configuration-settings</ref> general configuration file. |
== Basic Ansible operations == | == Basic Ansible operations == | ||
* Connect to remote host and verify python, it will not do a network ping to remote host, connect to host and test python: | * Connect to remote host and verify python, it will not do a network ping to remote host, connect to host and test python: | ||
− | :: <code> | + | :: <code>ansible HOSTNAME -m ping</code> (-m parameter stands for module)<ref>https://docs.ansible.com/ansible/2.5/modules/ping_module.html</ref> |
* Execute "uptime" in HOSTNAME: | * Execute "uptime" in HOSTNAME: | ||
Line 44: | Line 44: | ||
:: <code>ansible MACHINE_NAME -m shell -a COMMAND</code> | :: <code>ansible MACHINE_NAME -m shell -a COMMAND</code> | ||
− | * List available | + | * List available modules: |
− | :: <code> | + | :: <code>ansible-doc -l</code> |
* Execute a user defined task definition or playbook: | * Execute a user defined task definition or playbook: | ||
Line 60: | Line 60: | ||
== Ansible tunning/configuration == | == Ansible tunning/configuration == | ||
− | Configuration of ansible is done in <code> | + | Configuration of ansible is done in <code>/etc/ansible/ansible.cfg</code>, you can tune some configurations. Check official documentation <ref>https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-configuration-settings-locations</ref> or some example configuration file.<ref>https://github.com/opentable/ansible-examples/blob/master/ansible.cfg</ref>. |
== Ansible privileges == | == Ansible privileges == | ||
Line 67: | Line 67: | ||
<code>vi create_user.yml</code> | <code>vi create_user.yml</code> | ||
− | + | <pre> | |
− | + | #!/usr/bin/env ansible-playbook --ask-become-pass | |
− | + | ||
− | + | - hosts: REMOTE_SERVER | |
− | + | become: yes | |
− | + | tasks: | |
− | + | ||
− | + | - user: | |
− | + | name: USERNAME | |
− | + | shell: /bin/bash | |
− | + | groups: sudo | |
− | + | append: yes | |
− | + | password_lock: yes | |
− | + | ||
− | + | - authorized_key: | |
− | + | user: USERNAME | |
− | + | state: present | |
+ | key: "{{ lookup('file', '/home/USERNAME/.ssh/id_ed25519_USERNAME.pub') }}" | ||
+ | |||
+ | </pre> | ||
<code>./create_user.yml</code> | <code>./create_user.yml</code> | ||
Line 102: | Line 105: | ||
Intermediate | Intermediate | ||
# [[Install and configure sysstat using Ansible]] | # [[Install and configure sysstat using Ansible]] | ||
− | # | + | # Modify ssh client Ansible uses to connect: change it from Paramiko to openssh client and modify <code>ControlPersist</code> in <code>ssh_args</code> option. Do it in your <code>ansible.cfg</code> file. (Note than Ansible will use a different <code>ControlPath</code> that your openssh configuration. Default to: <code>~/.ansible/cp</code>) |
# Read about Ansible [[Roles]] (similar to modules in [[puppet]] and cookbooks in [[Chef]]): https://linuxacademy.com/blog/linux-academy/ansible-roles-explained/: <code>[[ansible-galaxy]] init <ROLE_NAME></code> | # Read about Ansible [[Roles]] (similar to modules in [[puppet]] and cookbooks in [[Chef]]): https://linuxacademy.com/blog/linux-academy/ansible-roles-explained/: <code>[[ansible-galaxy]] init <ROLE_NAME></code> | ||
# Read about Reusable Playbooks: Dynamic vs. Static and Tradeoffs and Pitfalls Between [[include]]s and imports <ref>https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse.html?extIdCarryOver=true&sc_cid=701f2000001OH7YAAW#differences-between-static-and-dynamic</ref> | # Read about Reusable Playbooks: Dynamic vs. Static and Tradeoffs and Pitfalls Between [[include]]s and imports <ref>https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse.html?extIdCarryOver=true&sc_cid=701f2000001OH7YAAW#differences-between-static-and-dynamic</ref> | ||
Line 111: | Line 114: | ||
# Read Release Notes: [[Ansible changelog and versions]]: v2.9<ref>https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst</ref>, v2.8<ref>https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst</ref>, v2.7<ref>https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst</ref>. | # Read Release Notes: [[Ansible changelog and versions]]: v2.9<ref>https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst</ref>, v2.8<ref>https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst</ref>, v2.7<ref>https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst</ref>. | ||
# Read Ansible Code: <code>[[git clone]] https://github.com/ansible/ansible.git</code> | # Read Ansible Code: <code>[[git clone]] https://github.com/ansible/ansible.git</code> | ||
+ | |||
== Related terms == | == Related terms == | ||
* [[Ansible Molecule]] | * [[Ansible Molecule]] | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== See also == | == See also == | ||
Line 134: | Line 129: | ||
Original Source: https://en.wikiversity.org/wiki/DevOps/Ansible | Original Source: https://en.wikiversity.org/wiki/DevOps/Ansible | ||
− | + | ||
[[Category:Server administration]] | [[Category:Server administration]] | ||
[[Category:Infrastructure as Code]] | [[Category:Infrastructure as Code]] |
Advertising: