Difference between revisions of "Ansible Howto"
From Cactus Howto
Jump to navigationJump to searchLine 23: | Line 23: | ||
using user tim for ssh sessions, setting user up for sudo, ssh pub key auth |
using user tim for ssh sessions, setting user up for sudo, ssh pub key auth |
||
as root user |
|||
useradd -m tim -s /bin/bash |
useradd -m tim -s /bin/bash |
||
passwd tim |
passwd tim |
||
add user to sudo group |
|||
grep sudo /etc/group |
grep sudo /etc/group |
||
sudo:x:<id>:tim |
sudo:x:<id>:tim |
||
allow sudo group to use all commands via sudo |
|||
grep sudo /etc/sudoers |
grep sudo /etc/sudoers |
||
%sudo ALL=(ALL:ALL) ALL |
%sudo ALL=(ALL:ALL) ALL |
||
from here in user context |
|||
su - tim |
su - tim |
||
mkdir /home/tim/.ssh |
mkdir /home/tim/.ssh |
Revision as of 12:11, 17 November 2018
ansible first steps
documentation
installation
on ubuntu >= 18.04
sudo apt install ansible
on ubuntu older than 18.04 and debian (up to 9/stretch)
These systems ship with ansible versions older than 2.4. For apt module to work smoothly (e.g. autoremove) we really should have ansible 2.4 or above.
sudo echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main" >> /etc/apt/sources.list sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 sudo apt update sudo apt upgrade sudo apt install ansible
prepare a client for ansible usage
using user tim for ssh sessions, setting user up for sudo, ssh pub key auth
as root user
useradd -m tim -s /bin/bash passwd tim
add user to sudo group
grep sudo /etc/group sudo:x:<id>:tim
allow sudo group to use all commands via sudo
grep sudo /etc/sudoers %sudo ALL=(ALL:ALL) ALL
from here in user context
su - tim mkdir /home/tim/.ssh chmod 700 /home/tim/.ssh echo "<ssh-public-key>" >> /home/tim/.ssh/authorized_keys chmod 600 /home/tim/.ssh/authorized_keys
initial ansible serverconfig
Edit /etc/ansible/hosts
ansible advanced topics
use cases debian/ubuntu sys management using apt
This only works for ansible >=2.4.
tim@spike-vm:~/ansi$ ansible-playbook -l puppet apt-autoremove.yml -K
tim@spike-vm:~/ansi$ cat apt-autoremove.yml --- - hosts: all become: yes tasks: - name: Autoremove unused packages apt: autoremove: yes when: > ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
use case install apt package
tim@spike-vm:~/ansi$ ansible-playbook -l puppet apt-install.yml -K -e "package=apache2" SUDO password: PLAY [all] ********************************************************************* TASK [setup] ******************************************************************* ok: [puppet] TASK [install package "apache2"] *********************************************** ok: [puppet] PLAY RECAP ********************************************************************* puppet : ok=2 changed=0 unreachable=0 failed=0
tim@spike-vm:~/ansi$ cat apt-install.yml --- - hosts: all become: yes tasks: - name: install package "Template:Package" apt: name: apache2 when: > ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'