Installing ansible on a management server

From Notes_Wiki
Revision as of 05:47, 13 February 2015 by Saurabh (talk | contribs)

<yambe:breadcrumb>Ansible|Ansible</yambe:breadcrumb>

Installing ansible on a management server

To install ansible first configure rpmfusion, epel and rpmforge repositories. Then ansible can be installed using:

   yum -y install ansible

To check ansible installation, first try to connect to localhost itself and check if ansible can manage localhost. To manage localhost using ansible use following steps:

  1. Ansible uses a hosts file to determine which hosts it can connect to, their addresses, their groupings, etc. By default ansible will use /etc/ansible/hosts but for this simple test we can create a test hosts file using:
    echo "localhost" > ansible_hosts
  2. Now pings all hosts mentioned in ansible hosts file using:
    ansible all -m ping -i ansible_hosts
  3. Since ssh public-key based access is not allowed the connection will fail. To solve the problem we can either supply password or setup ssh-public key based trusted ssh.
    To supply password use following additional steps:
    1. Install sshpass using:
      yum -y install sshpass
      This helps in supplying password for remote hosts, if key based authentication is not setup
    2. Now ping all hosts mentioned in ansible_hosts file by supplying root password using:
      ansible all -m ping -i ansible_hosts --ask-pass
    Other option is to setup key based access using following steps:
    1. Create a ssh-public and private key pair for current host, if not already present, using:
      ssh-keygen
    2. Copy current hosts key to remote machine using appropriate method. In case of localhost we can simply use:
      cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
      chmod 400 ~/.ssh/authorized_keys
      For other machines use:
      ssh-copy-id root@<remote-machine>
      and supply root password just once.
    3. Now try to ping all machines specified in ansible_hosts file using:
      ansible all -m ping -i ansible_hosts

Note that if ping is successful you would see output similar to:

     localhost | success >> {
         "changed": false, 
         "ping": "pong"
     }

On CentOS 6.5 you may see following warning whenever ansible command is used:

   [WARNING]: The version of gmp you have installed has a known issue regarding
   timing vulnerabilities when used with pycrypto. If possible, you should update
   it (i.e. yum update gmp).

Please ignore the warning.

Note that using --ask-pass will cause password to be asked even when ssh public key based trusted ssh is established. Hence use --ask-pass only if trusted ssh is not already setup.


<yambe:breadcrumb>Ansible|Ansible</yambe:breadcrumb>