Controlling a large number of servers can be a real challenge. With the help of a configuration management tool, that task is made significantly easier. One such tool is Ansible. With this impressive system, you can deploy apps and manage systems. Ansible is an open source tool that can be installed on your existing Linux server to make your daily admin grind a bit easier.
Let's walk through the process of installing Ansible and setting up a remote host that you can then start to manage. I will be demonstrating the installation on a Ubuntu Server 16.04 system. The installation, setup, and usage will be done entirely via command line.
SEE: Solving the disconnect between the CEO and the data center (Tech Pro Research)
First, we'll install a package that will allow us to more easily work with PPAs. This piece of software gives us the apt-add-repository command. To take care of this, open a terminal window, and issue the following command:
sudo apt-get update sudo apt-get install software-properties-common
Now we'll add the necessary repository with the command:
sudo apt-add-repository ppa:ansible/ansible
Press Enter on your keyboard, and the repository will be added.
Finally, we can install Ansible with the following commands:
sudo apt-get update sudo apt-get install ansible
Ansible is installed and ready to go.
Setting up your SSH keys
Next we must create ssh keys for Ansible to use. Back at the terminal window issue the following command, where user@address is an actual email address to associate with the key:
ssh-keygen -t rsa -b 4096 -C "user@address"
When you create this key, make sure you do not use a password; when prompted for a password, hit Enter twice. If you add a password, Ansible will be unable to connect to the servers you will add in a moment.
The next step is to add the newly created id_rsa key to ssh with the following commands:
ssh-agent bash ssh-add ~/.ssh/id_rsa
Now we're going to copy the ssh key to all the necessary servers you'll want Ansible to manage. Say, for instance, you have a server at IP address 192.168.1.162. Copy the ssh key to that server with the command, where user is the same user found in the email address used above:
You'll be prompted to okay the connection with the server and enter the password for the remote user.
You can now test your ssh key connection by issuing the command (from the Ansible server), where user is the user from the earlier email.
You should not be prompted for a password, and the connection will be made. Upon successful connection, exit from the ssh connection with the command exit. Once you've done that, you're ready to configure Ansible.
Configuring and testing Ansible
We're going to create what is called an inventory item in the /etc/ansible/hosts file. Open that with the command sudo nano /etc/ansible/hosts and add a new section (let's create a web-servers group) at the bottom of the file like so:
You can add as many servers or groups as you need. Save and close that file. You can now test the connection to make sure Ansible can communicate with your servers. To test the connection, issue the command:
ansible all -m ping
The command should return a SUCCESS result (Figure A).
If Ansible fails this test (Figure B), you may have to add an additional option in your hosts file.
If the test does fail, you can try adding the ansible_password option to your group (in /etc/ansible/hosts), like so:
[web-servers] 192.168.1.162 [web-servers:vars] ansible_password=ADMIN_PASSWORD
The ADMIN_PASSWORD should be your sudo password. Save that file and issue the same Ansible ping test. The results should be successful.
Ansible is ready to start running ad hoc commands and working with playbooks. We'll touch on those topics in later posts.
A quick sample
Let's see how we can use Ansible now. From your Ansible server, you can gather information on every machine you have added to the /etc/ansible/hosts file. Say you want to know how much space has been used on every partition on every machine in your web-servers group. From the terminal window on the Ansible server, issue the following command:
ansible -m command -a "df -h" web-servers
The above command will run the df -h command on every machine associated with the web-servers group and output the results (Figure C).
A must-have for large data centers
Ansible is a must have for larger data centers or networks with numerous attached servers. With this impressive system, your administration tasks will be significantly easier.
- Why the earliest open source licenses are still the most relevant (TechRepublic)
- How to fix Apache 2 not executing PHP files (TechRepublic)
- How to install and configure LDAP and phpLDAPadmin (TechRepublic)
- How to add more entropy to improve cryptographic randomness on Linux (TechRepublic)
- How to monitor SNMP traffic on Ubuntu for free with MRTG (TechRepublic)
- Over configuring — and how to fix it (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.