Centos8 installs and uses Ansible (2)

Time:2022-11-25

Ansible is an open source configuration management tool that we use to automate tasks and deploy applications. Using Ansible, you can automate routine tasks such as updating systems, installing software, and configuring services. Configuring the /etc/hosts file makes it troublesome to use the ip address. You can add the host name corresponding to the node name in the /etc/hosts file in the Master control node: [[email protected] ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.43.131 Master
192.168.43.165 node1
192.168.43.166 node2
192.168.43.167 node3

Centos8 installs and uses Ansible (2)
In the previous article, a controlling node named Master and four controlled nodes (node1, node2, node3, and node4) were created. Now, in order for Ansible to communicate with the controlled nodes, it is necessary to configure password-free login to the four controlled nodes for the ansible user of the Master node. Ansible user configuration ssh password-free login Ansible user needs to be created in both Master and node1-node4: # Create a user on the Master node, add it to the wheel group, and set the ansible user password
[[email protected] ~]# useradd ansible
[[email protected] ~]# usermod -aG wheel ansible
[[email protected] ~]# echo ‘123’|passwd –stdin ansible
Changing password for user ansible.
passwd: all authentication tokens updated successfully.

Create a user on the node1 node, add it to the wheel group, and set the ansible user password

[[email protected] ~]# useradd ansible
[[email protected] ~]# usermod -aG wheel ansible
[[email protected] ~]# echo ‘123’|passwd –stdin ansible
Changing password for user ansible.
passwd: all authentication tokens updated successfully.

Create a user on the node2 node, add it to the wheel group, and set the ansible user password

[[email protected] ~]# useradd ansible
[[email protected] ~]# usermod -aG wheel ansible
[[email protected] ~]# echo ‘123’|passwd –stdin ansible
Changing password for user ansible.
passwd: all authentication tokens updated successfully.

Create a user on the node3 node, add it to the wheel group, and set the ansible user password

[[email protected] ~]# useradd ansible
[[email protected] ~]# usermod -aG wheel ansible
[[email protected] ~]# echo ‘123’|passwd –stdin ansible
Changing password for user ansible.
passwd: all authentication tokens updated successfully.
Execute the visudo command in Master and node1-node4, and remove the comment in front of %wheel ALL=(ALL) NOPASSWD: ALL, so that the ansible user does not need to enter a password when using sudo: [[email protected] ~]# visudo

Centos8 installs and uses Ansible (2)
Switch to the ansible user on the control node Master, generate an SSH key, and then copy the SSH public key to all controlled nodes. [[email protected] ~]# su – ansible
[[email protected] ~]$ ssh-keygen

Centos8 installs and uses Ansible (2)
Now, copy the SSH public key to all controlled nodes, which allows ansible users to log in to all node hosts without entering a password:[[email protected] ~]$ ssh-copy-id [email protected]
[[email protected] ~]$ ssh-copy-id [email protected]
[[email protected] ~]$ ssh-copy-id [email protected]

Centos8 installs and uses Ansible (2)
Configuration Files The default Ansible configuration files are located under /etc/ansible/ansible.cfg. Most of Ansible’s settings can be modified using this configuration file to meet the needs of the environment. Let’s see where Ansible searches for configuration files. Ansible searches for configuration files in the following order. The first configuration file found by ansible then ignores the rest: $ANSIBLE_CONFIG if this variable is set ansible.cfg if in the current directory ~/.ansible.cfg if it is in the user’s home directory. /etc/ansible/ansible.cfg The default configuration file The default inventory file is located in /etc/ansible/hosts, but this location can be changed in the configuration file. You can also specify the manifest file to use via the -i option. Next, create a ~/.ansible.cfg configuration file in the ansible home directory, and then create an inventory list file: [[email protected] ~]$ touch ~/.ansible.cfg
[[email protected] ~]$ touch inventory
Specify the location of the inventory file in ~/.ansible.cfg: [[email protected] ~]$ cat ~/.ansible.cfg

[defaults]
inventory = /home/ansible/inventory

Centos8 installs and uses Ansible (2)
Next, write the host node into the inventory file, and create three groups in the content, nodes, test, prod: [[email protected] ~]$ vim inventory

[nodes]
node1
node2
node3

[test]
node1

[prod]
node2
node3

Centos8 installs and uses Ansible (2)
Ansible ad-hoc command ad-hoc can quickly execute commands on the command line without writing a playbook. Check node connectivity using ad-hoc Use the ping module to check connectivity to node hosts. [[email protected] ~]$ ansible all -m ping

Centos8 installs and uses Ansible (2)
In the command above, all means to have Ansible run this command on all hosts. Using ad-hoc management packages Using Ansible’s ad-hoc commands, packages can also be installed to node hosts. The following example is to install httpd in the [test] group: [[email protected] ~]$ ansible test -b -m yum -a “name=httpd state=present”
node1 | SUCCESS => {

"ansible_facts": {
    "discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []

}

Centos8 installs and uses Ansible (2)
Using ad-hoc to manage services Now that the httpd server was successfully installed in the previous step, let’s use Ansible’s ad-hoc commands to start and enable the httpd service so that the web server is up and running. [[email protected] ~]$ ansible test -b -m service -a “name=httpd enabled=yes state=started”

Centos8 installs and uses Ansible (2)
Playbooks Unlike Ansible ad-hoc commands, Ansible playbooks can be saved and reused. Each playbook consists of one or more playbooks. Below is a simple Ansible playbook to install different services on different nodes. The example file below is named httpd.yaml, which is used to install the httpd service in the prod group, start the service, and open port 80 in the firewall. Then install the git installation package on all nodes: # Add this information in the vim editor to make indentation more convenient.
http://www.cctime.com/html/20…
http://www.citnews.com.cn/new…
https://www.csdn.net/article/…
https://www.51cto.com/it/news…
[[email protected] ~]$ echo ‘autocmd FileType yaml setlocal ai ts=2 sw=2 et’ > .vimrc

[[email protected] ~]$ vim httpd.yml

  • name: Install httpd on prod group.
    hosts: prod
    become: yes
    tasks:

    • name: Install httpd
      yum:
      name: httpd
      state: latest
    • name: enable httpd service
      service:
      name: httpd
      enabled: yes
      notify: restart httpd
      handlers:
    • name: restart httpd
      service:
      name: httpd
      state: restarted
  • name: Install git on all hosts
    hosts: all
    become: yes
    tasks:

    • name: Install Git
      yum:
      name: git
      state: latest
      When the playbook is written, you can try it out, and then run it for real: [[email protected] ~]$ ansible-playbook httpd.yml -C
      [[email protected] ~]$ ansible-playbook httpd.yml

Centos8 installs and uses Ansible (2)

Centos8 installs and uses Ansible (2)
Summary Ansible is simple, easy to set up, and powerful. Ansible is agentless, which makes it easy for sysadmins to start automating and spend less time configuring.