HTTP based ansible-pull configuration without-git

From Notes_Wiki
Revision as of 07:28, 27 August 2015 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>Ansible_playbooks|Ansible playbooks</yambe:breadcrumb> =HTTP based ansible-pull configuration without-git= It is possible to host ansible scripts on a web s...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>Ansible_playbooks|Ansible playbooks</yambe:breadcrumb>

HTTP based ansible-pull configuration without-git

It is possible to host ansible scripts on a web server. Then these scripts can be automatically downloaded by machine and executed without depending upon git. Although use of git is a very good idea, if that is not possible due to various reasons then simple web-server hosted ansible files can do the trick. This is not a standard way of running ansible or even ansible-pull. In fact below method uses ansible-playbook and not ansible-pull. Use only if you understand what you are doing.

Ansible-based pull configuration has multiple steps:

  • Configure client or lab-machine to pull configuration from ansible server (One time)
  • Configure ansible-server to host necessary files over http for client configuration (One time)
  • Reboot client so that it pulls latest configuration (Many times)

The method described here is useful for colleges / universities to automatically configure lab machines / student machines in desired manner.


Configure machine to pull configuration from ansible server

To configure machine to pull configuration from ansible-server use following playbook:

---
  - name: Configure machine for ansible-pull
    remote_user: root
    hosts: desired-host

    vars:
      proxy_env:
        http_proxy: http://proxy.sbarjatiya.com:8080/
        https_proxy: http://proxy.sbarjatiya.com:8080/

    tasks:
    - name: Disable SELinux for now
      shell: setenforce 0
      ignore_errors: yes

    - name: Disable SELinux permanently
      lineinfile: dest=/etc/sysconfig/selinux regexp="SELINUX=" line="SELINUX=disabled"

#Adjust this line as per lab-machine OS.  Also test it on few machines and edit appropriately.  The final output should be name of interface to be brought up using DHCP on boot for ansible-pull mechanism.
#Feodra 20 line
#    - shell: ifconfig | grep mtu  | sed 's/:.*$//g' | grep [0-9]
#CentOS-7 line
#    - shell: ifconfig | grep mtu | grep [ep][n0-9]p[0-9] | sed 's/:.*$//g'
#CentOS6 line
#    - shell: ifconfig | grep Link| grep HW | sed 's/ .*$//g'
      register: ifconfig_output

    - name: Copy the rc.local for appropriate pull configuration
      template: src=rc.local dest=/etc/rc.d/rc.local mode=777

    - stat: path=~/.ssh/id_rsa.pub
      register: public_key

    - name: Generate the ssh-key
      shell: ssh-keygen -q -f ~/.ssh/id_rsa -N ""
      when: public_key.stat.exists == False

    - name: Append the authorized_key for ssh login
      shell: cat ~/.ssh/id_rsa.pub  >> ~/.ssh/authorized_keys

    - name: Install ansible 
      yum: name=ansible state=present

    - name: Disable management of {{ifconfig_output.stdout}} by network-manager (Possibly disconnects current ansible session)
      shell: 'echo NM_CONTROLLED="no" >> /etc/sysconfig/network-scripts/ifcfg-{{ifconfig_output.stdout}}'

Last task disable network-manager so that we can use dhclient during boot to get IP. Without this a user would have to login so that machine gets IP. In such cases automation is not possible during boot in easy manner.


Here, rc.local file should have following contents:

#! /bin/bash

dhclient -v {{ifconfig_output.stdout}}

echo "New boot" >> /tmp/ansible_pull_log.txt
rm -rf /tmp/ansible_pull_work
mkdir -p /tmp/ansible_pull_work
cd /tmp/ansible_pull_work
wget http://<ansible-server>/<lab-name>/self.tar >> /tmp/ansible_pull_log.txt 2>&1
tar xvf self.tar >> /tmp/ansible_pull_log.txt 2>&1
ssh -o StrictHostKeyChecking=no  root@127.0.0.1 echo "SSH to localhost working" >> /tmp/ansible_pull_log.txt 2>&1
ansible-playbook -i self/hosts self/localhost.yaml >> /tmp/ansible_pull_log.txt 2>&1

Replace <ansible-server> with Ansible server FQDN or IP, Replace <lab-name> with group for which the corresponding pull configuration is applicable.


Configure ansible-server to host necessary configuration files over HTTP

  • service httpd start (or systemctl start httpd)
  • chkconfig httpd on (or systemctl enable httpd)
  • cd /var/www/html
  • mkdir <lab-name>

Create file named hosts with IP "127.0.0.1" as the only line.

Create file named localhost.yaml with configuration similar to:

---
  - name: Automated configuration of a lab 
    hosts: 127.0.0.1 
    user: root

    tasks:
    - name: Installation of necessary packages
      yum: name={{item}} state=present
      with_items:
        - vim-enhanced 
        - emacs
        - make
        - git
        - gcc
        - gcc-c++

Create a folder self and put both hosts and localhost.yaml file inside self folder. Create self.tar using 'tar cf self.tar sef'. Keep this self.tar file in /var/www/html/<lab-name> folder on ansible-server. In advanced configuration if ansible-script refers to templates or files than those should also be part of self.tar.


Reboot client and verify configuration pull is working

Do simple reboot followed by cat or "tail -f" of /tmp/ansible_pull_log.txt to see whether ansible-script has completed running locally or not and whether run was successful.



<yambe:breadcrumb>Ansible_playbooks|Ansible playbooks</yambe:breadcrumb>