Ansible-Install-configuration-administration.

 In this post i would like to discuss on the Ansible tool, how to install configure and use cases of the tool.

Ansible introduction

• Ansible is an open source configuration and management tool and Ansible was developed by ​​ Michael DeHann
• RedHat was acquired Ansible in 2015.
• All the latest RedHat and Centos OS comes with a pre-installed Ansible package,Ansible is built on python language.
• Ansible is agentless communication mechanism. It has a control server(where ansible is running) which is used to establish communication with the remote (unix & linux) systems that have SSH installed and running.
• Control server is compatible to run only on the linux systems.
• We should have python 3.5 or greater or Python 2.6 or greater on both the server and the client for ansible to work.​​ 
• Ansible can be installed on a cloud server to manage other cloud servers from a central location, or it can also be configured to use on a personal system to manage cloud or on-premises systems. 
• Ansible works by configuring client machines from an control-server with Ansible components installed and configured
• Ansible is declarative programming type , that means that we have to just tell what to do without define step by step.
• Ansible can interact with clients through either command line tools or through its configuration scripts called Playbooks.
• Ansible will run on module mechanism , there are some modules are available.

Ansible installation & Configurations 

in my case i'm using Centos7 on GCP, and created the 3 VM's, 1 vm is for control-server,2 vm's for nodes.

please follow the below steps on control server

login to the control-server( on which ansible installed) with root /sudo user and execute the commands

1. Latest packages and security patches on the system by using below command

      sudo yum -y update

2. Install EPEL(Extra Packages for Enterprise Linux) Repository , We need to install EPEL repository in to the system for open source software packages which are not available in default YUM repository. 

      sudo yum -y install epel-release

3. To install the latest version of Ansible 

sudo yum -y install ansible

 4. check the ansible version 

      ansible --version

Configurations in Ansible:

After installing ansible we have to check the configuration part that are importance on the ansible system
by default Ansible path will be : /etc/ansible , under this directory structure will be like below:

Here, 

• ansible.cfg is the config file for ansible,and under this file we will have so default values that run the ansible command

• hosts is the key file for the ansible , ansible will read this file to communicate to the remote servers/group of the servers, we can give ip's or host names of the remote servers, those can be declare as a group as well will discuss deep while adding the hosts entries.

will talk roles little bit later.

lets start modifying the ansible.cfg & hosts for our demo.

just enable the inventory , sudo_user from ansible.cfg file by Vi editor and save

inventory -- is the file which has ansible config paths

sudo_user  -- is the user type that run ansible

in my case inventory path will be my custom path : /opt/ansible/hosts

inventory      = /opt/ansible/hosts
sudo_user      = root

now, copy the hosts file from /etc/ansible to /opt/ansible 

and add the node Ip's which we have created on GCP on hosts file and save the file.we can give host names or Ip's of remote servers as a group or as a un-group. Group can be define under square brackets "[]"

we can add 100's of remote servers can add in the hosts file by grouping the different group names like [webservers],[appservers],[dbservers]

here i'm using only 2 vm nodes as ungrouping.

now we can try to connect to the nodes servers from control-sever by ssh, we will get the error because we have not created the users and copy the ssh keys to the nodes.

as i told above, ansible will communicate over ssh, for that we have to follow the below steps.

on control-server:

create the user with ansible:

useradd ansible

passwod ansible

provide the new password for the ansible user.

then, execute visudo and add the line under the tag and save

## Allow root to run any commands anywhere

ansible ALL=(ALL)     NOPASSWD: ALL

above steps has to be performed on node-01 & node-02.

now we have to go to the path : /etc/ssh/sshd_config and add the below lines on control-server

and restart the sshd service by :  systemctl restart sshd

then from control server  login with ansible user and generate the ssh key with ssh-keygen command it will create the .ssh folder under the user home directory

go to the .ssh path : /home/ansible/.ssh

then execute the command to copy the ssh keys to node-01 & node-02

sudo ssh-copy-id -i id_rsa.pub  ansible@node-01

for node-01:

now try to login from control-server to node-01 by ssh 

ssh node-01

for  Node-02 :

now we have completed the installation and configuration on Ansible.

try to apply some adhoc command to test the connectivity from control-server to nodes 01&02.

ansible -m ping all

will discuss other topics in next posts .. keep learning!!

•