Installing ansible on a management server

From Notes_Wiki
Revision as of 13:33, 5 February 2015 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>Ansible|Ansible</yambe:breadcrumb> =Installing ansible on a management server= To install ansible first configure rpmfusion, epel and rpmforge repositori...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>Ansible|Ansible</yambe:breadcrumb>

Installing ansible on a management server

To install ansible first configure rpmfusion, epel and rpmforge repositories. Then ansible can be installed using:

   yum -y install ansible

To check ansible installation, first try to connect to localhost itself and check if ansible can manage localhost. To manage localhost using ansible use following steps:

  1. Any machine which is managed using ansible must have python and python-simplejson package installed. Thus to be able to manage localhost using ansible, first install python-simplejson package using:
    yum -y install python-simplejson
  2. Ansible uses a hosts file to determine which hosts it can connect to, their addresses, their groupings, etc. By default ansible will use /etc/ansible/hosts but for this simple test we can create a test hosts file using:
    echo "localhost" > ansible_hosts
  3. Now pings all hosts mentioned in ansible hosts file using:
    ansible all -m ping -i ansible_hosts
  4. Since ssh public-key based access is not allowed the connection will fail. To solve the problem we can either supply password or setup ssh-public key based trusted ssh.
    To supply password use following additional steps:
    1. Install sshpass using:
      yum -y install sshpass
      This helps in supplying password for remote hosts, if key based authentication is not setup
    2. Now ping all hosts mentioned in ansible_hosts file by supplying root password using:
      ansible all -m ping -i ansible_hosts --ask-pass
    Other option is to setup key based access using following steps:
    1. Create a ssh-public and private key pair for current host, if not already present, using:
      ssh-keygen
    2. Copy current hosts key to remote machine using appropriate method. In case of localhost we can simply use:
      cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
      chmod 400 ~/.ssh/authorized_keys
      For other machines use:
      ssh-copy-id root@<remote-machine>
      and supply root password just once.
    3. Now try to ping all machines specified in ansible_hosts file using:
      ansible all -m ping -i ansible_hosts

Note that if ping is successful you would see output similar to:

     localhost | success >> {
         "changed": false, 
         "ping": "pong"
     }

On CentOS 6.5 you may see following warning whenever ansible command is used:

   [WARNING]: The version of gmp you have installed has a known issue regarding
   timing vulnerabilities when used with pycrypto. If possible, you should update
   it (i.e. yum update gmp).

Please ignore the warning.

Note that using --ask-pass will cause password to be asked even when ssh public key based trusted ssh is established. Hence use --ask-pass only if trusted ssh is not already setup.


<yambe:breadcrumb>Ansible|Ansible</yambe:breadcrumb>