Linux Tutorials

Easy methods to set up Ansible on Fedora 29 for IT and server automation

SEOClerks

How do I set up Ansible on Fedora 29 workstation? How can I arrange and take a look at Ansible playbooks utilizing my Fedora Linux desktop?

Introduction – Ansible is a free and open supply configuration administration software. It’s much like Chef or Puppet. It really works over SSH based mostly session and doesn’t want any software program or shopper/agent on distant servers. One can use Ansible to handle Linux, Unix, macOS, and *BSD household of working methods. This web page exhibits easy methods to set up ansible and arrange your first Ansible playbook on Fedora Linux 29.

Process to put in Ansible on Fedora 29

Replace your Fedora 29 system, run: sudo dnf replaceSet up Ansible on Fedora 29, run: sudo dnf set up ansibleImprove Ansible in Fedora 29, run: sudo dnf improve ansibleArrange ssh key-based authenticationTest Ansible

Step 1. Fedora Linux set up Ansible

Kind the next dnf command to replace Fedora field:
$ sudo dnf replace
$ dnf search ansible
Discover out details about the Ansible bundle, run:
$ dnf data ansible
Pattern outputs:

Out there Packages
Identify : ansible
Model : 2.7.5
Launch : 1.fc29
Arch : noarch
Dimension : 11 M
Supply : ansible-2.7.5-1.fc29.src.rpm
Repo : updates
Abstract : SSH-based configuration administration, deployment, and activity
: execution system
URL : http://ansible.com
License : GPLv3+
Description :
:
: Ansible is a radically easy model-driven configuration
: administration, multi-node deployment, and distant activity execution
: system. Ansible works over SSH and doesn’t require any software program
: or daemons to be put in on distant nodes. Extension modules
: will be written in any language and are transferred to managed
: machines routinely.
:
: This bundle installs variations of ansible that execute on
: Python3.

Putting in Ansbile on Fedora Linux

Lastly, sort the next dnf command:
$ sudo dnf set up ansible
How to install Ansible on Fedora Linux using dnf command

Discover the Ansible model

We are able to confirm the Ansible model by working the next command:
$ ansible –version
Pattern outputs:

ansible 2.7.5
config file = /and so on/ansible/ansible.cfg
configured module search path = [‘/house/vivek/.ansible/plugins/modules’, ‘/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python3.7/site-packages/ansible
executable location = /usr/bin/ansible
python model = three.7.2 (default, Jan three 2019, 09:14:01) [GCC eight.2.1 20181215 (Crimson Hat eight.2.1-6)]

First, create the important thing pair utilizing the ssh-keygen command in your Fedora Linux desktop/workstation:
$ ssh-keygen -t ed25519 -C “Desktop ssh key”
Subsequent, copy and set up the general public key in distant Linux/Unix/BSD servers utilizing the ssh-copy-id command:
$ ssh-copy-id -i $HOME/.ssh/id_ed25519.pub consumer@ubuntu-server-ec2
$ ssh-copy-id -i $HOME/.ssh/id_ed25519.pub ec2-user@freebsd-server-lightsail
$ ssh-copy-id -i $HOME/.ssh/id_ed25519.pub vivek@centos-server-linode
Take a look at password much less log in utilizing the ssh command:
$ ssh vivek@centos-server-linode
$ ssh ec2-user@freebsd-server-lightsail

Step three. Take a look at the Ansible

Sample Ansible Fedora Linux set upOur pattern Ansible setup
First create a listing file as follows on a management machine:
$ vi stock
Add hostnames/IP deal with of all distant Linux/*BSD servers:

## my vms/server hosted domestically ##
[lanhosts]
192.168.2.203
192.168.2.207

## my vms/servers hosted by AWS (EC2/Lightsail) ##
[awshosts]
vm1.cyberciti.biz

## my Linode VMs ##
[linodehosts]
vm2.cyberciti.biz

Subsequent run the uptime command command and lsb_release command on two hosts situated in my LAN i.e. lanhosts group as consumer vivek:
$ ansible -u vivek -i stock -m uncooked -a ‘uptime’ lanhosts
$ ansible -u vivek -i stock -m uncooked -a ‘lsb_release -a’ lanhosts
Testing Ansible on Fedora Linux

Step four. Writing your first Ansible playbook to handle Linux/Unix servers

First, replace your stock file to point consumer title and methodology to turn out to be sudo on the distant server. Right here is my up to date hosts file displayed with the cat command:
cat stock
Pattern config file:

[all:vars]
ansible_user=‘vivek’ # Username for ssh connection
ansible_become=sure # Run instructions as root consumer?
ansible_become_pass=‘PasswordForVivekUser’ # Password for sudo consumer i.e. ansible_user password
ansible_become_method=sudo # How do I turn out to be root consumer? Use sudo.
 
## my vms/server hosted domestically ##
[lanhosts]
192.168.2.203 ansible_python_interpreter=‘/usr/bin/python2’
192.168.2.207 ansible_python_interpreter=‘/usr/bin/python3’
 
## my vms/servers hosted by AWS (EC2/Lightsail) ##
[awshosts]
vm1.cyberciti.biz
 
## my Linode VMs ##
[linodehosts]
vm2.cyberciti.biz

A playbook is nothing however scripts/instructions that executed on the distant field. Create a playbook named take a look at.yml as follows utilizing a textual content editor akin to vim command/nano command:
vim take a look at.yml
Append the next code:


– hosts: lanhosts
 
duties:
– title: Get hostname for testing goal
command: /bin/hostname
changed_when: False
register: hostname
 
– debug: var=
with_items:
– hostname.stdout

Playbooks in Ansible use Yaml. Subsequent, run it as follows from Fedora Linux workstation/management machine:
$ ansible-playbook -i stock take a look at.yml
How to run ansible playbook

A be aware about password saved in an insecure format

Take a detailed take a look at the next config listing in stock file:

ansible_become_pass=’PasswordForVivekUser’

It’s a dangerous thought to retailer password and different delicate info in clear textual content format. Allow us to repair this:
$ vim stock
Discover:

ansible_become_pass=’PasswordForVivekUser’

Change:

ansible_become_pass=”

Save and shut the file. Subsequent create a brand new encrypted information file named passwords.yml, run the next command:
$ ansible-vault create passwords.yml
Set the password for vault. After offering a password, the software will begin no matter editor you’ve gotten outlined with $EDITOR. Append the next:

my_user_password: your_password_for_ansible_user

Save and shut the file. Run it as follows:
$ ansible-playbook -i stock –ask-vault-pass –extra-vars ‘@passwords.yml‘ take a look at.yml
Securely store password run Ansible playbooks on Fedora LinuxClick on to enlarge
For extra info learn: Easy methods to set and use sudo password for Ansible Vault.

Including consumer utilizing the Ansible playbook

Say you’ll want to add a brand new consumer named wwwjobs all hosts in lanhosts group. Create a brand new playbook named add-user.yml:


– hosts: lanhosts
duties:
– title: Add a brand new consumer to my Linux VMs with password disabled however enable ssh log in
consumer:
title: wwwjobs
remark: “Account to run jobs for our internet server”
shell: /bin/bash
teams: sudo
append: sure
password: *
– title: Add ssh key for consumer wwwjobs for log in goal
authorized_key:
consumer: vivek
state: current
manage_dir: sure
key: “”

Run it as follows:
$ ansible-playbook -i stock –ask-vault-pass –extra-vars ‘@passwords.yml‘ add-user.yml

Easy methods to add and take away packages

On this instance, we’re going to add and take away packages utilizing the apt command for all hosts situated in linodehosts group. Create a file named ubuntu-software.yml:


– hosts: linodehosts
duties:
– title: Add an inventory of software program on Linode VMs …
apt:
title: “”
state: current
vars:
packages:
– vim
– unzip
– htop
– atop
– iftop
– nmon
– sysstat
– iotop
– nicstat
– vnstat
– title: Delete an inventory of software program from Linode VMs …
apt:
title: “”
state: absent
vars:
packages:
– nano

Once more run it as follows:
$ ansible-playbook -i stock –ask-vault-pass –extra-vars ‘@passwords.yml‘ ubuntu-software.yml

Conclusion

And there you’ve gotten it, Ansible arrange and examined to handle Linux or Unix bins. Ansible works very quick for repeated duties akin to including customers in bulk, putting in software program, configuring *BSD/Linux/Unix bins. YAML takes a bit of time to grasp however straightforward to study. See Ansible documentation for more information:

Ansible documentsLinux consumer module documentDebian/Ubuntu apt module documentHow to make use of Ansible vault to maintain delicate information akin to passwords or keys in encrypted recordsdata

Posted by: Vivek Gite

The creator is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a coach for the Linux working system/Unix shell scripting. Get the newest tutorials on SysAdmin, Linux/Unix and open supply subjects through RSS/XML feed or weekly e-mail e-newsletter.

Source link

Related Articles

Back to top button