Getting started with Ansible on Ubuntu for better environment provisioning and configuration management.
Configuration Management is a crucial stage in DevOps lifecycle. It helps in the automation and orchestration of the IT infrastructure.
There are several tools for configuration management, for example, Puppet, Ansible, Chef, and SaltStack. And, of course, Ansible is one of the most popular tools in DevOps. It can manage thousands of servers and your complete IT infrastructure with ease.
We will cover the following in this article.
SSH key exchange
Ansible client setup
To keep it simple, let’s try using Ansible on two servers. One will be ansible-server and another one ansible-client with the following IP.
ansible-server – 10.0.0.1
ansible-client – 10.0.0.25
Installation is straightforward…the following needs to be done on all the servers where you want to use Ansible. In this case, on above both servers.
Run the below command to install the necessary software required for installing ansible.
As you can see, Ansible 2.8.1 is installed and it provides the necessary information such as configuration file location, python module.
Next, we need to do SSH key exchange so serve and a client can talk to each other.
SSH Key Exchange
Ansible connects to its client through SSH (Secure shell).
We will first generate a public key on the ansible-server, which needs to be copied to the ansible-client.
Ensure you are logged in as a root user.
Generate the key using ssh-keygen command as shown below
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
| =.+oo . |
| . B.B.= . |
| . o @oE + |
| . *oO * . |
| o++.S + . |
| .o +o . + |
| .o..o + |
| ..o o . |
| .o o. |
As you would have noticed, it has generated a public key in the .ssh folder. The complete path is /root/.ssh/id_rsa.pub
Note: ensure the private and public key files are not world readable. You can list the files to verify them.
Go to the .ssh folder
List the files
root@ubuntu:~# ls -l
-rw------- 1 root root 1679 Jun 19 00:37 id_rsa
-rw------- 1 root root 404 Jun 19 00:37 id_rsa.pub
If you notice permission is wrong, then you may change it by using chmod command
chmod 400 id_rsa
chmod 400 id_rsa.pub
Let’s copy the public key to Ansible host which IP address is 192.168.56.101
root@ansible-server:~/.ssh# ssh-copy-id -i ~/.ssh/id_rsa.pub email@example.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.25 (10.0.0.25)' can't be established.
ECDSA key fingerprint is SHA256:eXduPrfV0mhxUcpsZWg+0oXDim7bHb90caA/Rt79cIs.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'firstname.lastname@example.org'"
and check to make sure that only the key(s) you wanted were added.
You can see in the output above, 1 key has been added successfully. This indicates that the SSH key is exchanged.
Next, we will setup an Ansible client.
Ansible Client Setup
I assume you have already followed the Ansible installation steps on the client server as explained in previous steps.
Client or Host setup is nothing but making the Ansible server aware of the clients. And, to do so:
Login to Ansible server
Go to /etc/ansible
Add the following in hosts file by using your favorite editor
Save the hosts file
If you have followed all the steps correctly, you will get a SUCCESS message when you run the below command on the ansible-server.
Thea above pings to the client to test the connectivity and confirm if good or not.
I hope this gives you an idea to get it started with installation and playing around. Stay tuned for more Ansible tutorials or also check out this Udemy Mastering Ansible course.
Avi is a tech enthusiast with expertise in trending technologies such as DevOps, Cloud Computing, Big Data and many more. He is passionate about learning cutting-edge technologies and sharing his knowledge with others through… read more