HTTP based ansible-pull configuration without-git
<yambe:breadcrumb>Ansible_playbooks|Ansible playbooks</yambe:breadcrumb>
HTTP based ansible-pull configuration without-git
It is possible to host ansible scripts on a web server. Then these scripts can be automatically downloaded by machine and executed without depending upon git. Although use of git is a very good idea, if that is not possible due to various reasons then simple web-server hosted ansible files can do the trick. This is not a standard way of running ansible or even ansible-pull. In fact below method uses ansible-playbook and not ansible-pull. Use only if you understand what you are doing.
Ansible-based pull configuration has multiple steps:
- Configure client or lab-machine to pull configuration from ansible server (One time)
- Configure ansible-server to host necessary files over http for client configuration (One time)
- Reboot client so that it pulls latest configuration (Many times)
The method described here is useful for colleges / universities to automatically configure lab machines / student machines in desired manner.
Configure machine to pull configuration from ansible server
To configure machine to pull configuration from ansible-server use following playbook:
--- - name: Configure machine for ansible-pull remote_user: root hosts: desired-host vars: proxy_env: http_proxy: http://proxy.sbarjatiya.com:8080/ https_proxy: http://proxy.sbarjatiya.com:8080/ tasks: - name: Disable SELinux for now shell: setenforce 0 ignore_errors: yes - name: Disable SELinux permanently lineinfile: dest=/etc/sysconfig/selinux regexp="SELINUX=" line="SELINUX=disabled" #Adjust this line as per lab-machine OS. Also test it on few machines and edit appropriately. The final output should be name of interface to be brought up using DHCP on boot for ansible-pull mechanism. #Feodra 20 line # - shell: ifconfig | grep mtu | sed 's/:.*$//g' | grep [0-9] #CentOS-7 line # - shell: ifconfig | grep mtu | grep [ep][n0-9]p[0-9] | sed 's/:.*$//g' #CentOS6 line # - shell: ifconfig | grep Link| grep HW | sed 's/ .*$//g' register: ifconfig_output - name: Copy the rc.local for appropriate pull configuration template: src=rc.local dest=/etc/rc.d/rc.local mode=777 - stat: path=~/.ssh/id_rsa.pub register: public_key - name: Generate the ssh-key shell: ssh-keygen -q -f ~/.ssh/id_rsa -N "" when: public_key.stat.exists == False - name: Append the authorized_key for ssh login shell: cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys - name: Install ansible yum: name=ansible state=present - name: Disable management of {{ifconfig_output.stdout}} by network-manager (Possibly disconnects current ansible session) shell: 'echo NM_CONTROLLED="no" >> /etc/sysconfig/network-scripts/ifcfg-{{ifconfig_output.stdout}}'
Last task disable network-manager so that we can use dhclient during boot to get IP. Without this a user would have to login so that machine gets IP. In such cases automation is not possible during boot in easy manner.
Here, rc.local file should have following contents:
#! /bin/bash dhclient -v {{ifconfig_output.stdout}} echo "New boot" >> /tmp/ansible_pull_log.txt rm -rf /tmp/ansible_pull_work mkdir -p /tmp/ansible_pull_work cd /tmp/ansible_pull_work wget http://<ansible-server>/<lab-name>/self.tar >> /tmp/ansible_pull_log.txt 2>&1 tar xvf self.tar >> /tmp/ansible_pull_log.txt 2>&1 ssh -o StrictHostKeyChecking=no root@127.0.0.1 echo "SSH to localhost working" >> /tmp/ansible_pull_log.txt 2>&1 ansible-playbook -i self/hosts self/localhost.yaml >> /tmp/ansible_pull_log.txt 2>&1
Replace <ansible-server> with Ansible server FQDN or IP, Replace <lab-name> with group for which the corresponding pull configuration is applicable.
Configure ansible-server to host necessary configuration files over HTTP
- service httpd start (or systemctl start httpd)
- chkconfig httpd on (or systemctl enable httpd)
- cd /var/www/html
- mkdir <lab-name>
Create file named hosts with IP "127.0.0.1" as the only line.
Create file named localhost.yaml with configuration similar to:
--- - name: Automated configuration of a lab hosts: 127.0.0.1 user: root tasks: - name: Installation of necessary packages yum: name={{item}} state=present with_items: - vim-enhanced - emacs - make - git - gcc - gcc-c++
Create a folder self and put both hosts and localhost.yaml file inside self folder. Create self.tar using 'tar cf self.tar sef'. Keep this self.tar file in /var/www/html/<lab-name> folder on ansible-server. In advanced configuration if ansible-script refers to templates or files than those should also be part of self.tar.
Reboot client and verify configuration pull is working
Do simple reboot followed by cat or "tail -f" of /tmp/ansible_pull_log.txt to see whether ansible-script has completed running locally or not and whether run was successful.
<yambe:breadcrumb>Ansible_playbooks|Ansible playbooks</yambe:breadcrumb>