I know Chef decently well now, and after going through the learning curve I’m liking the concept of an agentless Ansible better, so maybe I should get to actually know Ansible.
With Chef I found myself trying too hard to do things the Chef way when I’d get things done more quickly just implementing a script. Also, with my appilcation I found Chef nice to use to configure a single machine, but provisioning seems a bit painful and orchestration is not something it does well for my current needs (which is a 3rd-party app that has complex node-interdependent orchestration needs). I wound up using plain Ruby for orchestration, but I’m looking for other methods, and Ansible playbooks sound promising.
I know I had done some basic Ansible functions somewhat recently, but I couldn’t find notes. I fired up my Ansible workstation VM and found that I had
done this on December 4 before I started using this blog for notes, and if I took any notes I can’t find them now. But
history is very helpful here :) .
It looks like I:
Installed Ansible on an CentOS 7 system via EPEL with:
sudo yum install epel-release sudo yum install ansible
Actually, it looks like I may have tried installing Ansible from a python series of commands first as I see I ran
pythonfollowed by some ansible commands and then used the above commands. I don’t recall what happened there and don’t have the python command history.
- Set up id.rsa key file and started
ssh add path/to/id.rsato allow Ansible to use that to authenticate to other hosts for now
- Added the id.rsa.pub contents to ~/.ssh/authorized_keys on the target hosts and set the permission properly (
chmod 600 ~/.ssh/authorized_keys) so they would accept the key authentication
sudo vi /etc/ansible/hostsand added the IP addresses of the target hosts (I used unroutable ULA IPv6 addresses because reasons…oh probably because of peculiarities with my lab hypervisor)
[test] fd43:4834:bd2d:0:215:5dff:fe01:4814 # 192.168.1.151 [atomic] fd43:4834:bd2d:0:215:5dff:fe01:4812
ansible all -m ping
ansible all -m ping --sudoto test superuser access, but this fails
ansible all -a "/bin/echo hello"
ansible all -a "/bin/echo hello" --sudo(this fails and is deprecated anyway)
ansible test -a "/bin/echo hello" -b -Kthis successfully runs as sudo on the target machine and prompts for the sudo password. Peeking at the
--ask-become-passwhich prompts for the password.
ansible all -m setup
ansible atomic -m setup | less -S(One of my target machines was to be an Atomic host)
And that seems to be as far as I got in December, getting it running and running some ad-hoc commands. I guess I’ll do more with it soon.
Looking through my browser history I can’t find a candidate page or video that I might have been following, but I was looking a lot at http://docs.ansible.com/ansible/index.html and its subpages.
Oh, and since I have Win10’s Ubuntu on Windows I installed Ansible there and can use it as my workstation:
sudo apt-get install ansible ansible-doc
And after setting up my /etc/ansible/hosts file and id.rsa, the above commands work!