Tuesday, 28 April 2020

How to Configure Ansible Master Node on CentOS 8



Ansible is a free and open source Configuration and automation tool. We can configure, manage, deploy and automate a large number of client machines from a central machine using Ansible. It communicates over SSH and it doesn’t require installing any agent on the client machines. Ansible uses lots of Ad-hoc commands, playbooks and roles that’s are written in YAML.
This article describes How to Configure Ansible Master Node on CentOS8.

If Ansible not installed, Follow the article Howto Install Ansible Master Nodes on CentOS 8

Step 1. Verify the Installation: Run the following command to verify the installation by checking Ansible installed version:

[root@LC-Ansible-Master ~]# ansible --version
ansible 2.9.7
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, May 21 2019, 23:51:36) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]
[root@LC-Ansible-Master ~]#

Step 2. Configuration Changes: Once the ansible packages are installed, make changes in the below ansible configuration file as per requirements such as inventory file, module locations, tmp directories etc.

[root@LC-Ansible-Master ~]# vi /etc/ansible/ansible.cfg
………………………………………………………
[defaults]

# some basic default values...

#inventory      = /etc/ansible/hosts
#library        = /usr/share/my_modules/
#module_utils   = /usr/share/my_module_utils/
#remote_tmp     = ~/.ansible/tmp
#local_tmp      = ~/.ansible/tmp
#plugin_filters_cfg = /etc/ansible/plugin_filters.yml
#forks          = 5
#poll_interval  = 15
#sudo_user      = root
#ask_sudo_pass = True
#ask_pass      = True
#transport      = smart
#remote_port    = 22
#module_lang    = C
#module_set_locale = False
………………………………………………………
[root@LC-Ansible-Master ~]#

Step 3. Inventory File: Add client machines IP address or hostname in the ansible host inventory file. The default inventory file is /etc/ansible/hosts. The host inventory can be grouped as per IT infra like windows client machines, Network devices, Linux machines, web servers, databases servers etc.

In the below example, a node (192.168.43.30) is added under webserverstest group in the ansible host inventory file to manage using ansible:

[root@LC-Ansible-Master ~]# vi /etc/ansible/hosts
# This is the default ansible 'hosts' file.
……………………………………………………..
[webserverstest]                 #Group Name
192.168.43.30                     #Ansible client machine to manage by Ansible
…………………………………………………….
[root@LC-Ansible-Master ~]#

Step 4. Password Less Authentication: Since Ansible is an agent less configuration tool and use SSH protocol to communicate with its clients for configuration and management. Create a user with sudo privilege for ansible management on all the nodes and configure password less authentication. It supports password less authentication and somewhere with password while communicating with clients.

Follow the article How toConfigure SSH Password Less Authentication on CentOS 8 to configure password less authentication.

Step 5. Verify the Changes: Once all the above configuration done, check the client connectivity and accessibility using ansible:

[root@LC-Ansible-Master ~]# su - ansible-user
Last login: Sun Apr 26 12:34:42 EDT 2020 on pts/0
[ansible-user@LC-Ansible-Master ~]$
[ansible-user@LC-Ansible-Master ~]$ ansible -m ping webserverstest
192.168.43.30 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
[ansible-user@LC-Ansible-Master ~]$

Done! Client is accessible and ready to manage using ansible.

No comments:

Post a comment