ansible-install | ansible | ansible-ntp | ansible-rhel
make sure you’ve set up SSH without a password from the ansible system towards the target systems
see ansible-install
and if you want Slack notifications
apt install python3-prettytable
define hosts and groups to operate
cd /etc/ansible/ mv -i ansible.cfg ansible.cfg.dist mv -i hosts hosts.dist ansible-config init --disabled -t all > ansible.cfg.defaults.plugins ansible-config init --disabled > ansible.cfg.defaults
get rid of the warning
vi ansible.cfg [defaults] collections_paths = /usr/share/ansible_collections interpreter_python = auto_silent remote_tmp = /tmp timeout = 3 # v2.17+ #result_format = yaml # v2.16 stdout_callback = community.general.yaml deprecation_warnings = false [connection] pipelining = true [ssh_connection] # use client config and enable persistent sessions ssh_args = -F /home/gitlab-runner/.ssh/config -o controlmaster=auto -o controlpersist=15m #ssh_args = -F /home/USER/.ssh/config -o controlmaster=auto -o controlpersist=15m [docker_connection] timeout = 3
more options
#stdout_callback = minimal #callback_whitelist=ansible.posix.timer,ansible.posix.profile_tasks,ansible.posix.profile_roles #callbacks_enabled=ansible.posix.timer,ansible.posix.profile_tasks,ansible.posix.profile_roles
you might require those additional module collections
for collection in community.general \
ansible.posix \
community.docker; do
ansible-galaxy collection install \
-fiUp /usr/share --force-with-deps \
$collection
done; unset collection
and if you need to upgrade one of those at some point e.g.
ansible-galaxy collection install --upgrade community.docker
setup your host groups – assuming ~/.ssh/config is alright
mkdir ~/dev/ansible/playbooks/ cd ~/dev/ansible/playbooks/ vi hosts [servers] HOST HOST ... [servers:vars] become=false timezone=Europe/Moscow country_code=ru [stations] HOST ansible_connection=local [stations:vars] become=false timezone=Europe/Moscow country_code=ru
if we were to use FQDN:PORT instead without ~/.ssh/config, then
#FQDN:PORT ansible_user=root
check
ansible all --list-hosts
make sure your ssh client knows the fingerprints
ssh HOST #ssh HOST -p PORT -l root
as user
ls -alhF ~/.ssh/config
check accessiblity of the managed systems
ansible all -m ping
send raw commands without using Python on the remote host e.g.
ansible all -m raw -a hostname
send shell commands using Python on the remote host e.g.
ansible all -m shell -a hostname
or print a remote variable e.g.
ansible all -m shell -a 'echo $TERM'
restart nginx on a specific host – beware json output is awefully long
ansible HOST -m service -a "name=nginx state=restarted"
you can now proceed with playbooks
if you are using ClusterIt aside Ansible, this script might be useful to maintain a shared list of hosts across both tools
echo -n converting clusterit.conf to ansible hosts file... sed 's/GROUP:\(.*\)/\[\1\]/' /etc/clusterit.conf > /etc/ansible/hosts && echo done
http://docs.ansible.com/ansible/intro_getting_started.html
http://docs.ansible.com/ansible/intro_configuration.html
http://docs.ansible.com/ansible/playbooks_conditionals.html
https://serversforhackers.com/an-ansible-tutorial
http://blog.programster.org/ansible-run-a-local-script-on-remote-server/
Ansible change ssh port in playbook https://stackoverflow.com/questions/34333058/ansible-change-ssh-port-in-playbook
https://stackoverflow.com/questions/28553307/ansible-using-custom-ssh-config-file
https://redhat.com/en/blog/faster-ansible-playbook-execution
https://wearenotch.com/speed-up-ansible-playbook-execution/