Ansible : UDMY -- 7. Validating Ansible Installation -- adhoc commands start

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Here we will validate Ansible to check if it is working as expected .

If you are using Ubuntu-c or configured your own Ansible controller machine . You should have an ansible folder, within this you should have a subdirectory venv27. if so activate your virtual environment.

$ source venv27/bin/activate

If you decide to go by an alternative approach such as installing ansible using a system package

Please create an ansible directory now , you can continue with out the virtual environment

In the installation video we used the ansible command , check the installation was working as expected.

We are going to use the same ansible command to validate our system But this time we are going to work on a remote system .

We are going to make use of an ansible configuration and an inventory file. Before we do that we are going for an installation process.

When you ran

$ ansible --version

you would have noticed etc file was pointed to /etc/ansible/ansible.cfg . In our case it is none .

The precedence of searching the file .

If there is a environment variable ANSIBLE_CONFIG , it will attempt to use whatever file name this refers to as a file for ansible configuration.
The next priority is ./ansible.cfg . The dot represents the current directory
The next priority is ~/.ansible.cfg . in ~ mean the home directory of the current user for example if we echo ~

$ echo ~

/home/packt as the users home directory any file with a dot is a hidden file

4 th the file is located in the system location /etc/ansible/ansible.cfg -- You will not by default write to this area unless you are super user.

So lets use this information in our environment and validate the search order in the unix shell .

create a file > touch /tmp/ANSIBLE_CONFIGURATION.cfg

export ANSIBLE_CONFIG=/tmp/ANSIBLE_CONFIGURATION.cfg

Lets create the next two priorities

$ pwd

$ touch ./ansible.cfg

$ touch ~/.ansible.cfg

$ sudo mkdir /etc/ansible

$ sudo touch /etc/ansible/ansible.cfg

Lets see if we have all of these configuration files.

Lets see what ansible version now reports

$ ansible --version

As expected

if we unset this

$ unset ANSIBLE_CONFIG

There is another default file depending on the way how you configure this file which is the hosts file and this file is going to be in /etc/ansible/hosts

What we are going to do is create our own inventory file . And with in the inventory file we are going to specify our hosts location .

The host file can be structure in any while the common format is how it is structured on windows. We can also structure this as a JSON or YAML file.

here are going to use the build in section called [all]

[all]

centos_1

Every time all group is assigned in ansible .

vi ansible.cfg

we are going to create a default section and within that we have the hosts name

[default]

hosts

-- with in which we specify an inventory of hosts.

with that said we can now execute an ansible ping against a remote host.

$ ansible all -m ping

ansible here is trying to connect to a remote host using ssh . It is asking to confirm whether or not to continue.

two different things have happen here , Warning and a Failure (permission denied)

If you try to run the command again it still fails , but you won't get the warning message.

In the last case it has added the hostname and the IP Address to the ssh known host file. SO now my system is aware of that host .

if we look at the known hosts file which is inside the home directory of the user .

$ cat ~/.ssh/known_hosts

What we have got here are two entries .

what we have got here are two entries , depending on the version of Unix that you are running, this output will vary on some of the output of unixs it is a lot clearer you can see reference to what this actually involves such as the Hostname or IP Address

we can quickly decode this.

$ ssh-keygen

If we were to remove this entries and re-execute them . let me take them out of it and re-execute them

$ vim ~/.ssh/known_hosts

remove the entries , and we again rerun our command

$ ansible all -m ping

Ideally this not okay from the ansible perspective that every time we connect to a host it is going to ask us to confirm the connectivity. for now we are going to chose no and the connection fails

What we can do is set an environment variable

$ ANSIBLE_HOST_KEY_CHECKING=False

the command after this will inherit this.

$ ANSIBLE_HOST_KEY_CHECKING=False ansible all -m ping

again that has failed .

Again this has automatically added the host to the key hosts file .

remove the contents from > vim ~/.ssh/known_hosts

$ vi /ansible.cfg

And if you re-run that command again it fails again.

We should be able to ssh from one system to another without having to input user credentials.

So lets try ssh to centos1

We need to create a ssh key

$ ssh-keygen

accept the default values

Now that creates our ssh key file.

Now we need to copy the ssh key file from our ansible controller machine to remote host.

We will copy rsa.file .ssh directory on the remote machine

$ ssh-copy-id centos1

copying the file from the home directory to the other server,

Technically now i should be able to connect with out prompted for a password .

$ ssh centos1

Now if we try the ping module .

$ ansible all -m ping

I mentioned earlier that by default all hosts exists within the [all] group

As we have the trust relationship setup , you we can have the host file.

We edit the host file and

< host file >

[all] -- removed this

centos

lets re-execute the command -- That is still working.

Before we go any further i want to show you that ansible is flexible in the way it can be used . The equivalent can be done using a command line tool with out any inventory or with out the configuration file

We can use the -i option to specify the inventory which will normally expect an inventory file. But we can also give a host name provided we end this by a comma.

$ ansible all -i centos1, -m ping

This makes Ansible a very powerful command line tool.

For me to quickly do any one of task i would simply go with one line option. If I were to do something more complex or something that i would want to long term - i generally opt for a configuration file and define hosts.

In the previous command we used the ping module .

debug module.

$ ansible all -m debug

This has an Hello World Message there . Lets check the command line tool to look for the document for this.

$ ansible-doc debug

The below is our our custom message

$ ansible all -m debug --args='msg=This is a custom debug message"

The verbosity command only accepts the increments of v

If there is no V option give the verbosity level is 0 .

$ ansible all -m debug --args='msg=This is a custom debug message" verbosity=3

$ ansible all -v -m debug --args='msg=This is a custom debug message"

v - verbosity level one
vv - verbosity level two
vvv - verbosity level three

$ ansible all -vvv -m debug --args='msg=This is a custom debug message"

we can see a loads of verbose information coming from Ansible command.

Some of things that we saw when we were running --version and correspondingly the debug message as executed this time as it met the criteria for the required verbosity .