Ansible contd

How Operations Team work on multiple servers

• Organizations will have lot of servers and lot of admins
• Creating individual logins on each server for every admin is not a feasible solution.
• An effective way is organization creates a service account for the admins to login and perform administration.
  
• For the lab activities our service account’s name would be devops
• Having username and password is not a sensible option then how to solve this problem

How to setup key pair based authentication in linux machines

• Key pair is combination of two keys public and private using alortihms, we will be using RSA
• Create a key pair ssh-keygen
  
• Copy the public key to linux machine ssh-copy-id username@ipaddress
  
• connect to the machine using private key ssh -i <path-to-private key> username@ipaddress
• Generally private keys created will have extension of .pem
• i.e we create a Service account public and private key. Copy the service account public key to all the servers. disable password based authentication

Setting up sudo permissions

• We need to add devops user to the sudoers group (Wheel)
• Execute sudo visudo
  

Environment

• We need atleast two linux machines
  • one is Ansible control node
  • others is/are nodes
• We will be creating a service account called as devops in all machines
• We will be creating a key pair in Ansible control node
• Copy the public key into the nodes
• Optional: Disable password based authentication

Mac

• Softwares
  • Git brew install git
  • Visual Studio Code brew install --cask visual-studio-code
  • AWS CLI/Azure CLI brew install awscli or brew install azure-cli
• Package manager: Homebrew https://brew.sh/