DevOps Classroom Series – 31/Jul/2020

Ansible Configuration

  1. Create a user with any name (in this series i will be using name as Ansible) on both the machines Preview Preview
  • Add sudo permissions to the ansible user Preview
  • Since password prompts require human interaction, its not a good idea to use them
  • Now ensure ansible user on Ansible control node should be able to login into node
    • if you are using aws/key based authentication linux machines password authentication might be disabled. so enable it
    • To enable open file @ /etc/ssh/sshd_config and change the Password Authentication yes and restart sshd (sudo service sshd restart)
  • When ansible tries to login from ansible control node to ansible node it will ask for password every time. Is this ok for automation & shall we employ a secure and Automatable approach
    • Lets create a ansible key pair on the master and copy the public key of ansible key pair to node.
    • From there on whenever we try to access node from master, it will be secure and it will not ask password
    • Create a key pair Preview
    • Copy the public key to ansible node Preview
  • Now the connectivity is established
  • Lets try ansible now
  • To work with other nodes we need inventory, so create a file called as inventory with private ip address of node
172.31.8.187
  • Now lets use ansible command to verify connectivity
ansible -i inventory -m ping all

Preview

  • Let me add one more entry into the inventory
172.31.8.187
localhost

Preview

  • To resolve local host issue, copy the public key to local host Preview

Ansible Configuration

  • Try checking the version of ansible or ansible-playbook command Preview
  • Contents of /etc/ansible Preview
  • This ansible.cfg has configurations of ansible at the system level Preview
  • Whe you run ansible commands, ansible commands check for ansible configuration file in different locations in the following order
    • Is there Environmental variable called as ANSIBLE_CFG defined , ansible will use this and ignore the rest
    • ansible.cfg file present in the current directory from where you are executing commands. If found ignores the rest
    • Then it check in ~/.ansible.cfg if found ignores the rest
    • If ansible.cfg is not found in any of the above steps it will look into /etc/ansible/ansible.cfg

Ansible Inventory Parsing

  • In Ansible inventory is most building block of ansible architecture which contains
    • node information
  • Inventories are either files or directories. The default inventory is located at /etc/ansible/host
  • User can create any inventory and pass it to ansible commands using (-i or –inventory-file).
  • In Ansible config file we can define the path of inventory
  • Ansible supports two kinds of inventories
    • Static
    • Dynamic
  • In Ansible inventory along with node information, variable data also can be stored.
  • Ansible static inventory files can be in INI format or YAML format.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin