The configuration management system is designed to allow administrators and operations teams to easily control a large number of servers. They allow you to control many different systems in an automated manner from a central location.
Although there are many popular configuration management systems available for Linux systems, such as Chef and Puppet, these systems are usually more complex than many people want or need. Ansible is an excellent alternative to these options because it requires less overhead to get started.
In this tutorial, we will discuss how to install Ansible on an Ubuntu 18.04 server and introduce some basic knowledge of how to use the software.
Ansible works by configuring client computers with Ansible components installed and configured.
It communicates through a normal SSH channel to retrieve information from remote computers, issue commands, and copy files. Therefore, the Ansible system does not require any other software to be installed on the client computer.
This is a way for Ansible to simplify server management. Any server that exposes an SSH port can be placed under Ansible's configuration umbrella, no matter what stage it is in the life cycle. This means that any computer you can manage through SSH, you can also manage through Ansible.
Ansible adopts a modular approach and can be easily extended to use the functions of the main system to handle specific scenarios. Modules can be written in any language and communicate in standard JSON.
The configuration file is mainly written in YAML data serialization format because of its expressiveness and similarity with popular markup languages. Ansible can interact with the host through command line tools or its configuration scripts (called Playbooks).
To follow this tutorial, you need:
sudo permissions. Note that the example in this tutorial specifies three Ansible hosts, but the commands and configuration shown can be adjusted for any number of clients.~/.ssh/id_rsa) without password protecting it.Students who don’t have a server can buy from here, but I personally recommend you to use the free Tencent Cloud Developer Lab for experimentation, and then buy server.
To start using Ansible as a method of managing various servers, you need to install Ansible software on at least one computer.
To get the latest version of Ansible for Ubuntu, you can add the project's PPA (Personal Package Archive) to your system. However, before performing this operation, you should first update the package index and install the software-properties-common package. This software can more easily manage this and other independent software repositories:
sudo apt update
sudo apt install software-properties-common
Then type the following command to add Ansible PPA:
sudo apt-add-repository ppa:ansible/ansible
Press ENTER to accept the PPA addition.
Next, refresh the system's package index again so that it knows the packages available in the PPA:
sudo apt update
After this update, you can install Ansible software:
sudo apt install ansible
Your Ansible server now has all the software needed to manage the host.
As mentioned earlier, Ansible mainly communicates with client computers via SSH. Although it can of course handle password-based SSH authentication, using SSH keys can make things easier.
On the Ansible server, use the cat command to print the contents of the SSH public key file of the non-root user to the output of the terminal:
cat ~/.ssh/id_rsa.pub
Copy the generated output to the clipboard, then open a new terminal and use SSH to connect to one of your Ansible hosts:
ssh sammy@ansible_host_ip
Switch to the root user of the client computer:
su -
As the root user, open authorized_keys in the ~/.ssh directory:
nano ~/.ssh/authorized_keys
In the file, paste the SSH key of the Ansible server user, then save the file and close the editor (press CTRL + X, Y and then press ENTER). Then run the exit command to return to the non-root users of the host:
exit
Finally, because Ansible uses the python interpreter located in /usr/bin/python to run its modules, you need to install Python 2 on the host so Ansible can communicate with it. Run the following command to update the host's package index and install the python package:
sudo apt update
sudo apt install python
After this, you can run the exit command again to close the connection with the client:
exit
Repeat this process for each server you want to use Ansible server control. Next, we configure the Ansible server to connect to these hosts using Ansible's hosts file.
Ansible keeps track of all the servers it knows through the hosts file. Before we start communicating with other computers, we need to set up this file first.
Open the file with sudo permissions as shown below:
sudo nano /etc/ansible/hosts
Inside the file, you will see many example configurations that have been commented out (preceded by # lines). These examples don't actually work for us because the hosts listed in each host are already composed. However, if we want to implement more complex scenarios in the future, we will keep these examples in the file to help us configure.
The hosts file is very flexible and can be configured in several different ways. The syntax we will use is as follows:
[ group_name]
alias ansible_ssh_host=your_server_ip
In this example, group_name is an organization tag that allows you to use a word to refer to any server listed under it, while alias simply refers to the name of a specific server.
Therefore, in our scenario, we imagine that we will use Ansible to control three servers. At this point, these servers can be accessed from the Ansible server by typing:
ssh root@ansible_host_ip
If you have set the password correctly, you should not be prompted to enter the password. For demonstration purposes, we will assume that the IP addresses of our host are 203.0.113.1, 203.0.113.2 and 203.0.113.3. We will set it up so that we can refer to these individually as host1, host2 and host3, or as a group named servers.
This is the block we should add to the hosts file for this purpose:
[ servers]
host1 ansible_ssh_host=203.0.113.1
host2 ansible_ssh_host=203.0.113.2
host3 ansible_ssh_host=203.0.113.3
The host can be in multiple groups, and the group can configure parameters for all its members. Let's try it now.
With our current settings, if we try to connect to any of these hosts using Ansible, the command will fail (assuming you are not running as root). This is because your SSH key is embedded for the root user on the remote system, and Ansible will try to connect as the current user by default. The connection attempt will receive this error:
host1 | UNREACHABLE!=>{"changed":false,"msg":"Failed to connect to the host via ssh.","unreachable":true}
On the Ansible server, we are using a user named sammy. Ansible will try to connect to each host with ssh sammy@server. If the sammy user is also not on the remote system, this will not work.
We can create a file that tells all servers in the "server" group to connect as the root user.
For this, we will create a directory named group_vars in the Ansible configuration structure. In this folder, we can create YAML format files for each group to be configured:
sudo mkdir /etc/ansible/group_vars
sudo nano /etc/ansible/group_vars/servers
We can put the configuration here. YAML files start with "---", so make sure you don't forget this part.
---
ansible_ssh_user: root
Save and close this file when you are done.
If you want to specify configuration details for each server, regardless of group association, you can put these details in the file /etc/ansible/group_vars/all. You can configure each host by creating a file named with an alias in the /etc/ansible/host_vars directory.
Now that we have set up the host and have enough configuration details to allow us to successfully connect to our host, we can try our first command.
Ping all the servers you configured by typing the following command:
ansible -m ping all
host1 | SUCCESS =>{"changed":false,"ping":"pong"}
host3 | SUCCESS =>{"changed":false,"ping":"pong"}
host2 | SUCCESS =>{"changed":false,"ping":"pong"}
This is a basic test to ensure that Ansible is connected to all its hosts.
all means all hosts. We can easily specify a group:
ansible -m ping servers
We can also specify a single host:
ansible -m ping host1
We can specify multiple hosts by separating them with colons:
ansible -m ping host1:host2
- Part of the m ping command is an instruction for Ansible to use the "ping" module. These are basically commands that can be run on the remote host. The ping module operates in a variety of ways, like the normal ping utility in Linux, but it checks Ansible connections.
The ping module does not really accept any parameters, but we can try another command to see how it works. We pass parameters to the script by typing -a.
The "shell" module allows us to send terminal commands to a remote host and retrieve the results. For example, to find out the memory usage on the host1 machine, we can use:
ansible -m shell -a 'free -m' host1
host1 | SUCCESS | rc=0>>
total used free shared buffers cached
Mem:3954227372601493-/+ buffers/cache:1193834
Swap:000
In this way, your Ansible server has been configured and you can successfully communicate and control your host.
In this tutorial, we configured Ansible and verified that it can communicate with each host. We also use the ansible command to perform simple tasks remotely.
To learn more about the related tutorials on installing and configuring Ansible, please go to [Tencent Cloud + Community] (https://cloud.tencent.com/developer?from=10680) to learn more.
Reference: "How to Install and Configure Ansible on Ubuntu 18.04"
Recommended Posts