Ansible is a free and opensource automation tool that allows system administrators to configure and control hundreds of nodes from a central server without the need of installing any agents on the nodes.
Ansible is agent-less, that means no need of any agent installation on remote nodes, so it means there are no any background daemons or programs are executing for Ansible, when it’s not managing any nodes.
Ansible can be used in IT infrastructure to manage and deploy software applications to remote nodes.
STEP:1 Create "ansibletest" user [code] [root@asmstand ~]# useradd ansibletest [root@asmstand ~]# passwd ansibletest Changing password for user ansibletest. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully. [/code]
Add "ansibletest" user to sudo users list [code] [root@asmstand ~]# vi /etc/sudoers [root@asmstand ~]# cat /etc/sudoers | grep ansibletest ansibletest ALL=(ALL) ALL [/code]
STEP:2 Install Python3
[code] [ansibletest@asmstand ~]$ sudo yum update [sudo] password for ansibletest: Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager rhel-7-server-rpms | 3.5 kB 00:00:00 No packages marked for update [ansibletest@asmstand ~]$ sudo yum install python3 Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager Package python3-3.6.8-13.el7.x86_64 already installed and latest version Nothing to do [ansibletest@asmstand ~]$ python3 -V Python 3.6.8 [/code]
Since I used "yum update" in "STEP:2"everything got up to date and there is no new packages to install, so we see "Nothing to do"
STEP:4 Installing ANSIBLE automation tool
To get Ansible for Linux, first ensure that the RHEL7 EPEL (Extra Packages for Enterprise Linux) repository is installed
Install the EPEL repository configuration package using the following command. [code] [ansibletest@asmstand ~]$ sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm [sudo] password for ansibletest: Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager epel-release-latest-7.noarch.rpm | 15 kB 00:00:00 Examining /var/tmp/yum-root-q_W9OQ/epel-release-latest-7.noarch.rpm: epel-release-7-12.noarch Marking /var/tmp/yum-root-q_W9OQ/epel-release-latest-7.noarch.rpm to be installed Resolving Dependencies --> Running transaction check ---> Package epel-release.noarch 0:7-12 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================== Package Arch Version Repository Size ======================================================================================== Installing: epel-release noarch 7-12 /epel-release-latest-7.noarch 24 k Transaction Summary ======================================================================================== Install 1 Package Total size: 24 k Installed size: 24 k Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : epel-release-7-12.noarch 1/1 Verifying : epel-release-7-12.noarch 1/1 Installed: epel-release.noarch 0:7-12 Complete! [/code]
[code] [ansibletest@asmstand ~]$ yum list ansible Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager Repo rhel-7-server-rpms forced skip_if_unavailable=True due to: /etc/pki/entitlement/1057386071849396893-key.pem Available Packages ansible.noarch 2.9.9-1.el7 [/code]
STEP:5 Testing the Ansible Automation Tool
To test Ansible, first ensure that ssh is up and running. [code] [ansibletest@asmstand ~]$ sudo systemctl status sshd [sudo] password for ansibletest: ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2020-05-24 19:14:32 CDT; 1h 14min ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 7985 (sshd) Tasks: 1 CGroup: /system.slice/sshd.service └─7985 /usr/sbin/sshd -D May 24 19:14:32 asmstand.oracledbashop.com systemd[1]: Starting OpenSSH server daemon... May 24 19:14:32 asmstand.oracledbashop.com sshd[7985]: Server listening on 0.0.0.0 port 22. May 24 19:14:32 asmstand.oracledbashop.com sshd[7985]: Server listening on :: port 22. May 24 19:14:32 asmstand.oracledbashop.com systemd[1]: Started OpenSSH server daemon. May 24 20:29:05 asmstand.oracledbashop.com sshd[5252]: Accepted password for ansibletest from 192.168.56.1 port 64725 ssh2 [/code]
Next, we need to modify the hosts file in the /etc/ansible directory to define host machines.
The hosts the file will be the inventory where you will have all your remote nodes. [code] [ansibletest@asmstand ~]$ cd /etc/ansible [ansibletest@asmstand ansible]$ ls ansible.cfg hosts roles [/code]
Now open hosts file with your favorite editor and define the remote node as shown. [code] [dbservers] 192.168.56.112 [/code]
Where "192.168.56.112" is my test database machine.
Next, generate SSH keys from which we will copy the public key to the remote node. [code] [ansibletest@asmstand ansible]$ sudo ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:1AfmzFEnm9Bu0YqDxwlk1THFqjYLdvvlcX91hrZqm30 root@asmstand.oracledbashop.com The key's randomart image is: +---[RSA 2048]----+ | .o.*+==o | | ..* ++*o | | .+=+++ | | .. *.= | | S. + . | | o = o +| | . + + .oo+| | o .=.oE| | o=oo.o| +----[SHA256]-----+ [/code]
Copy the generated SSH key to the remote node run the command. [code] [ansibletest@asmstand ansible]$ ssh-copy-id -f root@192.168.56.112 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansibletest/.ssh/id_rsa.pub" Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.56.112'" and check to make sure that only the key(s) you wanted were added. [/code]
Test the connectivity to remote node with out password [code] [ansibletest@asmstand ansible]$ ssh 192.168.56.112 Last login: Mon May 25 00:10:17 2020 from 192.168.56.107 [/code]
Now use Ansible to ping the remote node as shown. [code] [ansibletest@asmstand ansible]$ ansible -i /etc/ansible/hosts dbservers -m ping 192.168.56.112 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } [ansibletest@asmstand ansible]$ ansible all -m ping 192.168.56.112 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } [/code]
We can also test remote node "df -h" and "hostname" commands [code] [ansibletest@asmstand ansible]$ ansible -m command -a "df -h" dbservers 192.168.56.112 | CHANGED | rc=0 >> Filesystem Size Used Avail Use% Mounted on devtmpfs 1.4G 0 1.4G 0% /dev tmpfs 1.4G 0 1.4G 0% /dev/shm tmpfs 1.4G 9.4M 1.4G 1% /run tmpfs 1.4G 0 1.4G 0% /sys/fs/cgroup /dev/sda3 15G 6.7G 8.3G 45% / /dev/sda1 66G 16G 50G 24% /u01 Softwares 934G 310G 624G 34% /media/sf_Softwares tmpfs 285M 24K 285M 1% /run/user/42 tmpfs 285M 0 285M 0% /run/user/54321 tmpfs 285M 0 285M 0% /run/user/0 tmpfs 285M 0 285M 0% /run/user/54322 [ansibletest@asmstand ansible]$ ansible -m command -a "hostname" dbservers 192.168.56.112 | CHANGED | rc=0 >> clone.oracledbashop.com [/code]
No comments:
Post a Comment