Ansible IT automation tool can be used for configuration management and much more IT needs. It works using SSH and the main feature of ansible is it’s free from an agent (Agentless).

 

In this setup we are about to use 1 Ansible server and 3 clients, They are configured with static IP and hostnames will be resolved from DNS server.

 # ping ansiclient1.oel7.local -c 2
# ping ansiclient2.oel7.local -c 2
# ping ansiclient3.oel7.local -c 2

 

[root@ansible ~]# ping ansiclient1.oel7.local -c 2  
PING ansiclient1.oel7.local (192.168.107.226) 56(84) bytes of data. 
64 bytes from ansiclient1.oel7.local (192.168.107.226): icmp_seq=1 ttl=64 time=0.297 ms 
64 bytes from ansiclient1.oel7.local (192.168.107.226): icmp_seq=2 ttl=64 time=0.583 ms 
--- ansiclient1.oel7.local ping statistics --- 
2 packets transmitted, 2 received, 0% packet loss, time 1003ms 
rtt min/avg/max/mdev = 0.297/0.440/0.583/0.143 ms
[root@ansible ~]

[root@ansible ~]# ping ansiclient2.oel7.local -c 2 
PING ansiclient2.oel7.local (192.168.107.227) 56(84) bytes of data. 
64 bytes from ansiclient2.oel7.local (192.168.107.227): icmp_seq=1 ttl=64 time=1.23 ms 
64 bytes from ansiclient2.oel7.local (192.168.107.227): icmp_seq=2 ttl=64 time=0.760 ms 
--- ansiclient2.oel7.local ping statistics --- 
2 packets transmitted, 2 received, 0% packet loss, time 1004ms 
rtt min/avg/max/mdev = 0.760/0.998/1.237/0.240 ms
[root@ansible ~]

[root@ansible ~]# ping ansiclient3.oel7.local -c 2  
PING ansiclient3.oel7.local (192.168.107.228) 56(84) bytes of data. 
64 bytes from ansiclient3.oel7.local (192.168.107.228): icmp_seq=1 ttl=64 time=1.18 ms 
64 bytes from ansiclient3.oel7.local (192.168.107.228): icmp_seq=2 ttl=64 time=0.621 ms 
--- ansiclient3.oel7.local ping statistics --- 
2 packets transmitted, 2 received, 0% packet loss, time 1003ms 
rtt min/avg/max/mdev = 0.621/0.901/1.181/0.280 ms
[root@ansible ~] 

 

Install with EPEL repository.

 

If we need to install from Ansible repo we can find the one from below URL. There will be two packages in each version make sure to pick the noarch package instead of source.rpm.

 

We need dependencies to start with the ansible installation.

# wget https://releases.ansible.com/ansible/rpm/release/epel-6-x86_64/ansible-2.4.3.0-1.el6.ans.noarch.rpm
 # yum install PyYAML, python-crypto, python-jinja2, python-paramiko, python-setuptools, python-six, sshpass
 # rpm -ivh ansible-2.4.3.0-1.el6.ans.noarch.rpm 

 

But when we install from EPEL repo using below steps dependencies will be available from the same repository.

 

EPEL RHEL 6 based

 # wget http://mirrors.piconets.webwerks.in/fedora-mirror/epel/6/x86_64/epel-release-6-8.noarch.rpm

 

Install epel repo package once downloaded.

# rpm -ivh epel-release-6-8.noarch.rpm 

 

[root@ansible ~]# rpm -ivh epel-release-6-8.noarch.rpm  
warning: epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY Preparing... ########################################### [100%] 
1:epel-release 
########################################### [100%] 
[root@ansible ~] 

 

EPEL RHEL 7 based

 # wget https://ftp.yz.yamagata-u.ac.jp/pub/linux/fedora-projects/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
# rpm -ivh epel-release-7-11.noarch.rpm

 

To install from an RHEL extra channel repository we can refer to KB article from Red Hat.

 

To install Ansible on Ubuntu servers click here for repo.

 

 

Ansible provides PPA repo for all the Ubuntu versions from above URL.

 # sudo apt-get update
 # sudo apt-get install software-properties-common
 # sudo apt-add-repository ppa:ansible/ansible
 # sudo apt-get update
 # sudo apt-get install ansible

 

Once we install with the EPEL repo by following the search for the ansible package using “yum”.

 # yum search ansible 

 

[root@ansible ~]# yum search ansible 
ansible-doc.noarch : Documentation for Ansible 
ansible-inventory-grapher.noarch : Creates graphs representing ansible inventory 
ansible-lint.noarch : Best practices checker for Ansible 
python2-ansible-tower-cli.noarch : A CLI tool for Ansible Tower
ansible.noarch : SSH-based configuration management, deployment, and task execution system Name and summary matches only, use "search all" for everything.
[root@ansible ~] 

 

Install the ansible package using “yum”. Yum will manage to pull all the required dependencies from the repository.

 # yum install ansible.noarch

 

[root@ansible ~]# yum install ansible.noarch This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. 
Setting up Install Process 
Resolving Dependencies
--> Running transaction check 
---> Package ansible.noarch 0:2.4.2.0-1.el6 will be installed 
--> Processing Dependency: PyYAML for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-crypto for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-crypto2.6 for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-httplib2 for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-jinja2-26 for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-keyczar for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-paramiko for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-setuptools for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-simplejson for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: python-six for package: ansible-2.4.2.0-1.el6.noarch 
--> Processing Dependency: sshpass for package: ansible-2.4.2.0-1.el6.noarch 
--> Running transaction check 
Installed: 
ansible.noarch 0:2.4.2.0-1.el6  
Dependency Installed: 
PyYAML.x86_64 0:3.10-3.1.el6 
libyaml.x86_64 0:0.1.3-4.el6_6 
python-babel.noarch 0:0.9.4-5.1.el6 
python-crypto.x86_64 0:2.0.1-22.el6  
python-crypto2.6.x86_64 0:2.6.1-2.el6 
python-httplib2.noarch 0:0.7.7-1.el6 
python-jinja2-26.noarch 0:2.6-3.el6 
python-keyczar.noarch 0:0.71c-1.el6  
python-markupsafe.x86_64 0:0.9.2-4.el6 
python-paramiko.noarch 0:1.7.5-2.1.el6 
python-pyasn1.noarch 0:0.0.12a-1.el6 
python-setuptools.noarch 0:0.6.10-3.el6  
python-simplejson.x86_64 0:2.0.9-3.1.el6 
python-six.noarch 0:1.9.0-2.el6 
sshpass.x86_64 0:1.06-1.el6 
Complete!
[root@ansible ~] 

 

Here we are not going to use any customized ansible configuration.

 

Ansible configuration can be located under /etc/ansible/.

# more /etc/ansible/ansible.cfg 

 

Default host file will be under /etc/ansible/

# more /etc/ansible/hosts 

 

Define below servers as a group of hosts under /etc/ansible/hosts in the name of oel7_clients.

[oel7_clients]
ansiclient1.oel7.local
ansiclient2.oel7.local
ansiclient3.oel7.local 

 

Add ansible user across all the servers and create the password.

 # groupadd -g 1500 ansible
# useradd -u 1500 -g 1500 -c "Ansible configuration Management" -s /bin/bash ansible

 

Create the password for ansible user.

# passwd ansible 
Changing password for user ansible. 
New password:  
Retype new password:  
passwd: all authentication tokens updated successfully.  

 

Configure Ansible user SUDO entry with a no-password option.

# visudo
ansible ALL=(ALL) NOPASSWD: ALL 

 

Save and exit from visudo.

 

Switch to ansible user and create an SSH key.

# su - ansible
$ ssh-keygen 

 

$ ssh-keygen  
Generating public/private rsa key pair. 
Enter file in which to save the key (/home/ansible/.ssh/id_rsa):  
Created directory '/home/ansible/.ssh'. 
Enter passphrase (empty for no passphrase):  
Enter same passphrase again:  
Your identification has been saved in /home/ansible/.ssh/id_rsa. 
Your public key has been saved in /home/ansible/.ssh/id_rsa.pub. 
The key fingerprint is: 63:56:ef:8e:f2:da:17:86:03:15:01:bc:f3:d5:0e:51 ansible@ansible.oel7.local 
The key's randomart image is: 
+--[ RSA 2048]----+ 
| ...oo .E | | . . . | | o. o | | +. .o . | | S+ o.o | | o .+.o . | | o.. | | .. o. |  | .++.. | 
+-----------------+ 
[ansible@ansible ~] 

 

Copy the created SSH key across all the ansible clients from “Ansible server”.

 $ ssh-copy-id ansiclient1.oel7.local
 $ ssh-copy-id ansiclient2.oel7.local
 $ ssh-copy-id ansiclient3.oel7.local

 

Log in and check all the clients to make sure it works without a password. Repeat the check for all client servers.

[ansible@ansible ~]$ ssh ansiclient1.oel7.local
[ansible@ansiclient1 ~]$ exit
logout Connection to ansiclient1.oel7.local closed.
[ansible@ansible ~] 

 

Let us quickly run a ping test using ansible module. Here we are trying to ping the group “oel7_clients” of hosts.

$ ansible oel7_clients -m ping

 

The output will be exactly as shown below with ping pong response.

ansible@ansible ~]$ ansible oel7_clients -m ping 
ansiclient3.oel7.local | SUCCESS => { 
    "changed": false,  
    "ping": "pong" } 
ansiclient2.oel7.local | SUCCESS => { 
    "changed": false,  
    "ping": "pong" } 
ansiclient1.oel7.local | SUCCESS => { 
    "changed": false,  
    "ping": "pong" }  

 

That’s it we have successfully installed and run Ansible.

 

If you face difficulty to start with Ansible journey we are done with the installation part, by following let us see how to work with Ansible in upcoming articles.

Помог ли вам данный ответ? 0 Пользователи нашли это полезным (0 голосов)