How to Configure and Install Ansible on CentOS 7.x
This article is written to understand Ansible and install. Ansible is an open source automation software for configuring, managing and deploying software applications on the nodes without any downtime without any client agent install just by using SSH. Now a day’s most of the IT Automation tools runs as an agent on the remote host, but Ansible needs an SSH connection and Python (2.4 or later) to be installed on the remote nodes to perform the actions.
Environment Setup Details
Ansible Server: Operating System: Centos 6.7 IP Address: 192.168.87.140 Host-name: ansible.hanuman.com User: ansibileadmin
Remote Nodes: Node 1: 192.168.87.156 Node 2: 192.168.87.157
Installing Controlling Machine – Ansible
There is no official Ansible repository for RPB based clones, but we can install Ansible by enabling EPEL repository using RHEL/CentOS 6.x, 7.x using the currently supported fedora distributions.
# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpmRetrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.no arch.rpm warning: /var/tmp/rpm-tmp.nHoRHj: Header V3 RSA/SHA256 Signature, key ID 0608b89 5: NOKEY Preparing... ########################################### [100%] package epel-release-6-8.noarch is installed
After configuring EPEL repository, you can now install Ansible using yum with the below command.
# sudo yum install ansible -y Loaded plugins: fastestmirror, security Setting up Install Process Determining fastest mirrors epel/metalink | 4.3 kB 00:00 * base: centosmirror.go4hosting.in * epel: epel.mirror.net.in * extras: centosmirror.go4hosting.in * updates: centosmirror.go4hosting.in base | 3.7 kB 00:00 epel | 4.3 kB 00:00 epel/primary_db | 5.8 MB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 updates/primary_db | 4.0 MB 00:00 Resolving Dependencies . . . . Running Transaction Installing : sshpass-1.05-1.el6.x86_64 1/11 Installing : python-crypto2.6-2.6.1-2.el6.x86_64 2/11 Installing : python-pyasn1-0.0.12a-1.el6.noarch 3/11 Installing : python-keyczar-0.71c-1.el6.noarch 4/11 Installing : python-simplejson-2.0.9-3.1.el6.x86_64 5/11 Installing : python-httplib2-0.7.7-1.el6.noarch 6/11 Installing : libyaml-0.1.3-4.el6_6.x86_64 7/11 Installing : PyYAML-3.10-3.1.el6.x86_64 8/11 Installing : python-babel-0.9.4-5.1.el6.noarch 9/11 Installing : python-jinja2-2.2.1-2.el6_5.x86_64 10/11 Installing : ansible-1.9.4-1.el6.noarch 11/11 Installed: ansible.noarch 0:1.9.4-1.el6 Dependency Installed: PyYAML.x86_64 0:3.10-3.1.el6 libyaml.x86_64 0:0.1.3-4.el6_6 python-babel.noarch 0:0.9.4-5.1.el6 python-crypto2.6.x86_64 0:2.6.1-2.el6 python-httplib2.noarch 0:0.7.7-1.el6 python-jinja2.x86_64 0:2.2.1-2.el6_5 python-keyczar.noarch 0:0.71c-1.el6 python-pyasn1.noarch 0:0.0.12a-1.el6 python-simplejson.x86_64 0:2.0.9-3.1.el6 sshpass.x86_64 0:1.05-1.el6 Complete!
After installation completed, we can verify the version of Ansible by running this below command.
# ansible --version ansible 1.9.4 configured module search path = None
Preparing SSH Keys to Remote Hosts
To perform any deployment or management from the local host to remote host first we need to create and copy the ssh keys to the remote host. In every remote host, there will be a user account ansible (in your case may be the different user).
First, let me create an SSH key using the below command and copy the key to remote hosts.
# ssh-keygen -t rsa -b 4096 -C "ansible.hanuman.com" Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in ansible_key. Your public key has been saved in ansible_key.pub. The key fingerprint is: 28:ae:0c:8d:91:0a:fa:ac:2f:e2:8c:e5:fd:28:4b:c6 ansible.hanuman.com The key's randomart image is: +--[ RSA 4096]----+ | | | | | | | . . | |+ . . S | |+= . . | |= E . | |=X.o . | |=*Ooo.. | +-----------------+
After creating SSH Key successfully, now copy the created key to all two remote servers, We need a user to do ansible here for a demo I am using root user from where we can perform the ansible tasks
# ssh-copy-id root@192.168.87.156 root@192.168.87.156's password: Now try logging into the machine, with "ssh 'root@192.168.87.156'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
# ssh-copy-id root@192.168.87.157 root@192.168.87.157's password: Now try logging into the machine, with "ssh 'root@192.168.87.157'", and check in: .ssh/authorized_keys To make sure we haven't added extra keys that you weren't expecting.
Copy SSH Key Second Remote Host
After copying all SSH Keys to the remote host, now perform an ssh key authentication on all remote hosts to check whether authentication working or not.
# ssh root@192.168.87.156 [ansible@localhost ~]# logout Connection to 192.168.87.156 closed. # ssh root@192.168.87.157 [ansible@localhost ~]#
Creating Inventory File for Remote Hosts
Inventory file, This file has information of the hosts for which host we need to get connected from local to remote. The Default configuration file will be under /etc/ansible/hosts.
Now we will add the two nodes to the configuration file. Open and edit the file using your favorite editor, Here I use vim.
# sudo vim /etc/ansible/hosts
Add the following two hosts IP address.
. . . . [webservers] 192.168.87.156 192.168.87.157
Note: [webservers] in the brackets indicates as group names, it is used to classify the nodes and group them and to control at what times and for what reason.
To Test weather, the Ansible configured correctly or not.
Now time to check our all 3 servers by just doing a ping from my localhost. To perform the action we need to use the command ‘ansible‘ with options ‘-m‘ (module) and ‘-all‘ (group of servers).
# ansible -m ping webservers
[root@localhost ~]# ansible -m ping webservers
192.168.87.157 | success >> {
"changed": false,
"ping": "pong"
}
192.168.87.156 | success >> {
"changed": false,
"ping": "pong"
}
OR
# ansible -m ping -all
[root@localhost ~]# ansible -m ping webservers
192.168.87.157 | success >> {
"changed": false,
"ping": "pong"
}
192.168.87.156 | success >> {
"changed": false,
"ping": "pong"
}
In the above example, we’ve used ping module with Ansible command to ping all remote hosts at ones, the same way there are various modules can be used with Ansible, you can find available modules from the ansible Official site here.
Now, here we are using another module called ‘command‘, which is used to execute a list of shell commands (like, df, free, uptime, etc.) on all selected remote hosts at one go. For demo, you can execute the below commands.
Check the partitions on all web servers.
# ansible -m command -a "df -h" webservers 192.168.87.156 | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup-lv_root 18G 2.0G 15G 12% / tmpfs 491M 0 491M 0% /dev/shm /dev/sda1 477M 42M 411M 10% /boot 192.168.87.157 | success | rc=0 >> Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup-lv_root 18G 2.0G 15G 12% / tmpfs 491M 0 491M 0% /dev/shm /dev/sda1 477M 42M 411M 10% /boot
Check memory usage on all web servers.
# ansible -m command -a "free -mt" webservers 192.168.87.156 | success | rc=0 >> Total used free shared buffers cached Mem: 981 528 453 0 39 322 -/+ buffers/cache: 166 815 Swap: 2047 0 2047 Total: 3029 528 2501 192.168.87.157 | success | rc=0 >> Total used free shared buffers cached Mem: 981 526 455 0 39 322 -/+ buffers/cache: 164 817 Swap: 2047 0 2047 Total: 3029 526 2503
Checking Uptime for all web servers.
# ansible -m command -a "uptime" webservers 192.168.87.157 | success | rc=0 >> 21:32:47 up 38 min, 3 users, load average: 0.03, 0.01, 0.00 192.168.87.156 | success | rc=0 >> 21:32:47 up 38 min, 3 users, load average: 0.00, 0.01, 0.03
Check for hostname and Architecture.
# ansible -m command -a "arch" webservers 192.168.87.156 | success | rc=0 >> x86_64 192.168.87.157 | success | rc=0 >> x86_64
# ansible -m shell -a "hostname" webservers 192.168.87.157 | success | rc=0 >> localhost.localdomain 192.168.87.156 | success | rc=0 >> localhost.localdomain
Checking the service status of all web servers
# ansible -m shell -a "service httpd status" webservers 192.168.87.157 | FAILED | rc=3 >> httpd is stopped 192.168.87.156 | FAILED | rc=3 >> httpd is stopped
Redirecting the output to a file.
# ansible -m shell -a "service httpd status" webservers > service_status.txt # cat service_status.txt 192.168.87.156 | FAILED | rc=3 >> httpd is stopped 192.168.87.157 | FAILED | rc=3 >> httpd is stopped
To shut down all the web servers.
#ansible -m shell -a "init 0" webservers 192.168.87.157 | success | rc=0 >> 192.168.87.156 | success | rc=0 >>
Like this way, we can run many shell commands using ansible as what we have run the above steps.
Ansible is a Powerful IT automation tool which is must be used by every Linux Admins for deploying applications and managing servers at one go. Among many other automation tools such as Puppet, Chef, etc., Ansible is quite very interesting and very easy to set up for a good production environment.
Leave a Reply