Scribd
Upload
30 views8 pages

Ansible Tool

The document discusses Ansible, an open source automation tool for configuring and managing servers. It can automate tasks like configuration management, application deployment, and more across multiple servers. The document provides details on how to set up Ansible including installing it, configuring the inventory file, and establishing passwordless SSH connections to servers. It also gives examples of using Ansible to check server status and execute commands on remote servers.

Uploaded by

mathi26052002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
30 views8 pages

Ansible Tool

The document discusses Ansible, an open source automation tool for configuring and managing servers. It can automate tasks like configuration management, application deployment, and more across multiple servers. The document provides details on how to set up Ansible including installing it, configuring the inventory file, and establishing passwordless SSH connections to servers. It also gives examples of using Ansible to check server status and execute commands on remote servers.

Uploaded by

mathi26052002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 8

============================================================

Automation Tool-Redhat-ANSIBLE
============================================================

*Is an OPENSOURCE Automation tool for IT tasks such configuraytion


management,application deployment and many more...

*Using this ansible we can push a task to multiple servers

Task-->
-->Task is a section tha contains procedure to be completed
---->A task can have multiple MODULES

MODULES ---->Is a command meant to be executed on the target servers


--->Most of the IT tasks modules are already created and can be
found on ANSIBLE OFFICIAL WEBSITES
----> WWW.DOCS.ANSIBLE.COM

*ANSIBLE tool is written in PYTHON language

*ANSIBLE tool is very easy to configure and use in the production env

--------------------------------
Examples for TASKS:
------------------------------

*Stop,start services

*User,group perm

*creating user accounts

*Application Deployment

*Weekly/Monthly server reboot

*Backup

*Package installations,upgrading,remove

-------------------------------------------------------
History ANSIBLE
--------------------------------------------------------

*ANSIBLE project was started in the year 2012 by a Michael

*It is OPENSOURCE and COMMUNITY DRIVEN

*ANSIBLE was purshaed by the REDHAT in the year 2015

*ANSIBLE is written in PYTHON lang

---------------------------------------------------------------
Advantages of ANSIBLE
-------------------------------------------------------------

*Opensource

*Increase productivity

*Easy to use

*Secure(Over SSH)

*Provides many pre-written modules on website

*Human errors

*Saves the time by automating the tasks

-----------------------------------------------------------------------------------
------------------------------------------
NOTE:1 ANSIBLE SERVER/CONTROL NODE MUST BE LINUX(REDHAT)

NOTE:2 You cannot set ANSIBLE SERVER/CONTROL SERVER on WINDOWS/APPLE

NOTE:3 But you can push a task to multiple cross platform OS's from the CONTROL
NODE
-----------------------------------------------------------------------------------
---------------------------------------------

=================================================
INVENTORY FILE/ANSIBLE CONFIG FILE
==================================================

*This file has info about the Remote servers/target servers(IP DETAILS) where the
tasks are executed

Ansible Inventory file----> /etc/ansible/hosts

#cat -n /etc/ansible/hosts

=====================================================
Configure ANSIBLE/CONTROL NODE SERVER-REDHAT
=====================================================
Procedure:

1.Install the ANSIBLE TOOL using the YUM repo

2.Add the remote server IP details in the inventory file

3.Verify the Inventory details

4.Establish Connection to Remote servers using SSH PASSWORDLESS LOGIN

5.Verify the SSH connectivity

6.Push a task to the remote servers

Ex:1 Configuring ANSIBLE SERVER SETUP on SERVER-1?

(ANSIBLE)SERVER-1 192.168.0.109(Chennai)

SERVER-2 192.168.0.181(Bangalore)

SERVER-3 192.168.0.197(Kerla)

=================
ON SERVER-1
==================

#vi /etc/ansible/hosts
# Ex 1: Ungrouped hosts, specify before any group headers.

## green.example.com
## blue.example.com
## 192.168.100.1
## 192.168.100.10
192.168.0.181
192.168.0.197

:wq!

==============================
To List the Inventory details?
==============================

#ansible-inventory --list
{
"_meta": {
"hostvars": {
"192.168.0.181": {},
"192.168.0.197": {}
}
},
"all": {
"children": [
"ungrouped"
]
},
"ungrouped": {
"hosts": [
"192.168.0.181",
"192.168.0.197"

=====================================================
Establashing Connection to remote server using SSH
======================================================

*Generate SSH keys on the CONTROL NODE/ANSIBLE SERVER

*Copy the keys and sent it to the remote servers for PASSWORD LESS SSH CONNECTIONS

ON ANSIBLE SERVER-1

---------------------------
Create SSH KEYS:
--------------------------

#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:7erN4yOS6aHZxg3O6bnTHLMQ7xlkqJlP4eH56KYJcxw root@icicibankserver
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| . |
| = o. |
| E* OS . |
| .+.B =. |
| o o*.& *. |
| + =#oX+o |
| =BB=oo+o |
+----[SHA256]-----+

--------------------------------------------------
Copy the keys to the remote servers
----------------------------------------------------
Syntax: #ssh-copy-id <Remote server IP>

# ssh-copy-id 192.168.0.181
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
"/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out
any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted
now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '192.168.0.181'"


and check to make sure that only the key(s) you wanted were added.

# ssh-copy-id 192.168.0.197
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
"/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.0.197 (192.168.0.197)' can't be established.
ECDSA key fingerprint is SHA256:BW6Mv7zraUNfMSa9QSOtS9Foa820NqAYuipXl6aW3ao.
ECDSA key fingerprint is MD5:7f:c8:5a:e1:67:1c:7c:9f:35:46:42:d7:0a:62:64:a4.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out
any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted
now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '192.168.0.197'"


and check to make sure that only the key(s) you wanted were added.

-----------------------------------------------------------------------------------
-------------
TO VERIFY PASSWRODLESS LOGIN TO THE REMOTE SERVERS
-----------------------------------------------------------------------------------
-------------

FROM SERVER-1

# ssh 192.168.0.181
[root@AWSSERVER ~]# ifconfig enp0s3
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.181 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 2406:7400:c2:c161:9179:2281:ff97:3657 prefixlen 64 scopeid
0x0<global>
inet6 fe80::a9a5:910d:fec1:b66e prefixlen 64 scopeid 0x20<link>
ether 08:00:27:e8:0e:de txqueuelen 1000 (Ethernet)
RX packets 83192 bytes 12108746 (11.5 MiB)
RX errors 0 dropped 31 overruns 0 frame 0
TX packets 6884 bytes 823227 (803.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@AWSSERVER ~]# exit


logout
Connection to 192.168.0.181 closed.
#

================================================
Push tasks to Multiple servers using ANSIBLE
================================================

SERVER-1 192.168.0.109(Chennai) (ANSIBLE)

SERVER-2 192.168.0.181(Bangalore)

SERVER-3 192.168.0.197(Kerla)

Ansible--->YAML SCRIPTING
--->ANSIBLE COMMANDS AND MODULES

Ex:1 How to check all remote servers are ONLINE??

m -->Module we are using(ping)


all -->check all IPs added in inventory file

#ansible all -m ping


192.168.0.181 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.0.197 | SUCCESS => {
"changed": false,
"ping": "pong"
}

Ex:2 How to execute a command on all remote servers?

Task: Check the currently mounted partition info on all remote servers

#ansible -a "df -h" all


192.168.0.181 | SUCCESS | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
devtmpfs 715M 0 715M 0% /dev
tmpfs 730M 0 730M 0% /dev/shm
tmpfs 730M 9.6M 720M 2% /run
tmpfs 730M 0 730M 0% /sys/fs/cgroup
/dev/sda1 17G 7.4G 8.2G 48% /
tmpfs 146M 48K 146M 1% /run/user/0

192.168.0.197 | SUCCESS | rc=0 >>


Filesystem Size Used Avail Use% Mounted on
devtmpfs 715M 0 715M 0% /dev
tmpfs 730M 0 730M 0% /dev/shm
tmpfs 730M 9.6M 720M 2% /run
tmpfs 730M 0 730M 0% /sys/fs/cgroup
/dev/sda1 17G 7.4G 8.2G 48% /
tmpfs 146M 40K 146M 1% /run/user/0

Ex:3 How to check the status of "nfs" service on all remote servers?

#ansible -a "systemctl status nfs" all


192.168.0.181 | FAILED | rc=3 >>
● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor
preset: disabled)
Active: inactive (dead)non-zero return code

192.168.0.197 | FAILED | rc=3 >>


● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor
preset: disabled)
Active: inactive (dead)non-zero return code

]# ansible -a "systemctl start nfs" all


192.168.0.197 | SUCCESS | rc=0 >>

192.168.0.181 | SUCCESS | rc=0 >>

# ansible -a "systemctl status nfs" all


192.168.0.197 | SUCCESS | rc=0 >>
● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor
preset: disabled)
Active: active (exited) since Tue 2024-05-07 15:44:25 IST; 12s ago
Process: 7095 ExecStartPost=/bin/sh -c if systemctl -q is-active gssproxy; then
systemctl reload gssproxy ; fi (code=exited, status=0/SUCCESS)
Process: 7079 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited,
status=0/SUCCESS)
Process: 7078 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
Main PID: 7079 (code=exited, status=0/SUCCESS)
Tasks: 0
CGroup: /system.slice/nfs-server.service

May 07 15:44:25 AWSSERVER systemd[1]: Starting NFS server and services...


May 07 15:44:25 AWSSERVER systemd[1]: Started NFS server and services.
192.168.0.181 | SUCCESS | rc=0 >>
● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor
preset: disabled)
Active: active (exited) since Tue 2024-05-07 15:44:32 IST; 12s ago
Process: 6922 ExecStartPost=/bin/sh -c if systemctl -q is-act

Ex:4 Shutdown the remote servers using ANSIBLE?

#ansible -a "init 0" all


192.168.0.197 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Shared connection to
192.168.0.197 closed.",
"unreachable": true
}
192.168.0.181 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Shared connection to
192.168.0.181 closed.",
"unreachable": true
}

You might also like