Revision as of 17:42, 21 October 2018

Configuration
Ansible

Installation

Ansible does not require any server component, no daemon needs to be running. Ansible runs over SSH.
Where ever you are going to run your playbooks from, needs to have ansible installed, the clients do not.
To get ansible 2.0+, at the time of this writing, use the epel repo

~$ sudo yum install epel-release
~$ sudo yum install git python python-devel python-pip openssl ansible -y
~$ ansible --version
ansible 2.7.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/fgiuliani/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

Configuration

Basic configuration, define the inventory path & specify the sudo user

~$ sudo vim /etc/ansible/ansible.cfg
uncomment
...
inventory      = /etc/ansible/hosts
...
sudo_user      = root

Nodes are determined by their names. These live in the inventory hosts file: /etc/ansible/hosts. By default there is a file there that can be used as an example.

~$ sudo vim /etc/ansible/hosts
[local]
localhost

[group1]
ansible2.r00tedvw.local

[group2]
ansible3.r00tedvw.local

Ansible needs to run as a non-privileged user with sudo rights. It also needs to be able to run commands without specifying a password as the playbooks will fail with password prompts.
NOTE: This will need to be done on EACH Node.

~$ sudo adduser ansible
~$ sudo passwd ansible
~$ visudo
...
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
ansible ALL=(ALL)       NOPASSWD: ALL