Tuesday, July 22, 2025

Ansible part2

 Class 70th AWS Ansible Part2 July 22nd

Step1:Created three instances


Ansible Module: Adhoc command we are not using in real time every time using adhoc temporary work, instead of adhoc modules are using 

Step2:For understanding hostname set for the all servers 

1)hostnamectl set-hostname ansible

2)hostnamectl set-hostname dev1

3)hostnamectl set-hostname test1

Step3: Too communicate our main server Ansible to worker node,sshkey connection required and set the sudo user password for all server,for time begin we have set all sudo server same password ,using MobaXterm multiexec


Step4: to communicate the anisable server to worker node need to configure below things

Give the code vim /etc/ssh/sshd_config enter 

Below line 65 Passwordauthentication change no to yes 
Line 40 uncomment #Permintrootlogin prohibit-password  remove change to yes
systemctl restart sshd
systemctl status sshd

Step5:Below steps need to perform only in ansible server 
[root@ansible ~]# yum install ansible -y

Step6:ansible communicate other server ,need other server Private ip address in inventory hosts file is called inventory ,create below directory hosts file 

[root@ansible ~]# cd /etc/ansible
[root@ansible ansible]# vi hosts
[root@ansible ansible]# cat hosts
[dev1]
10.0.2.9
[Test1]
10.0.2.30
[root@ansible ansible]#
Step7: Key file will be generate using the ssh-keygen command in ansible server 
ssh-keygen -- > enter 4 times 

[root@ansible ansible]#  ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:WU0szLlsFrjg8e6nIFYgFmZDUUI9p1yhZX96jFT1gdU root@ansible
The key's randomart image is:
Step8:The Key file will store in the below path
ssh-copy-id root@private ip of dev-1 -- > yes -- > password -- > ssh private ip -- > ctrl d

Test1 --private ip
[root@ansible .ssh]# ssh-copy-id root@10.0.2.30

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@10.0.2.30'"
and check to make sure that only the key(s) you wanted were added.

Dev1 --private ip
[root@ansible .ssh]#ssh-copy-id root@10.0.2.9

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@10.0.2.9's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@10.0.2.9'"

and check to make sure that only the key(s) you wanted were added.

Module:

 In Ansible based on work,we are using different different modules ,
  •  For Service start/restart
  •  For install yum
  •  For user creation
  •  For group creation
  •  For copy file

Step9: MODULES:

its a key-value pair.

modules are reusable.

we can use different modules for different purposes.

module flag is -m 

ansible all -m yum -a "name=git state=present"

ansible all -m yum -a "name=maven state=present"

ansible all -m yum -a "name=maven state=present" [present=installed]

ansible all -m yum -a "name=httpd state=present"

ansible all -m service -a "name=httpd state=started" [started=restart]

ansible all -m service -a "name=httpd state=stopped" [stopped=stop]

ansible all -m yum -a "name=http state=absent" [absent=uninstall]

ansible all -m user -a "name=vikram state=present"

ansible all -m group -a "name=devops state=absent"

ansible all -m copy -a "src=raham.txt dest=/tmp"

Adhoc:ansible all -a command even adhoc ,if you writing module -m means module  
Module :ansible all -m  yum  (module name yum) ,name of the package(git) state is present install

Step10:
GIt Installation
[root@ansible .ssh]# ansible all -m yum -a "name=git state=present"
[root@test1 ~]# git --version
git version 2.50.1
[root@dev1 ~]# git --version
git version 2.50.1

Step11:
Maven Installation
[root@ansible .ssh]# ansible all -m yum -a "name=maven state=present"

[root@test1 ~]# mvn -v

Apache Maven 3.8.4 (Red Hat 3.8.4-3.amzn2023.0.5)

Maven home: /usr/share/maven

Java version: 17.0.16, vendor: Amazon.com Inc., runtime: /usr/lib/jvm/java-17-amazon-corretto.x86_64

Default locale: en, platform encoding: UTF-8

OS name: "linux", version: "6.1.144-170.251.amzn2023.x86_64", arch: "amd64", family: "unix"

[root@test1 ~]# mvn -v

Apache Maven 3.8.4 (Red Hat 3.8.4-3.amzn2023.0.5)

Maven home: /usr/share/maven

Java version: 17.0.16, vendor: Amazon.com Inc., runtime: /usr/lib/jvm/java-17-amazon-corretto.x86_64

Default locale: en, platform encoding: UTF-8

OS name: "linux", version: "6.1.144-170.251.amzn2023.x86_64", arch: "amd64", family: "unix"

[root@dev1 ~]# mvn -v
Apache Maven 3.8.4 (Red Hat 3.8.4-3.amzn2023.0.5)
Maven home: /usr/share/maven
Java version: 17.0.16, vendor: Amazon.com Inc., runtime: /usr/lib/jvm/java-17-amazon-corretto.x86_64
Default locale: en, platform encoding: UTF-8
OS name: "linux", version: "6.1.144-170.251.amzn2023.x86_64", arch: "amd

Install

ansible all -m yum -a "name=httpd state=present"

ansible all -m service -a "name=httpd state=started" (yum is not required service module)

unInstall
ansible all -m yum -a "name=httpd state=adsent"
Last patch
ansible all -m yum -a "name=httpd state=latest"

Step12: Here Again apache trying to install worker node see green color means already installed 
Step13:Use Creation ,Yellow color mean user created successfully
ansible all -m  user -a "name=ccituser state=present"






















Worker node users created successfuly.
[root@test1 ~]# grep "ccituser"  /etc/passwd
ccituser:x:1001:1001::/home/ccituser:/bin/bash

[root@dev1 ~]# grep "ccituser"  /etc/passwd
ccituser:x:1001:1001::/home/ccituser:/bin/bash

Step14:Group to create
[root@ansible .ssh]# ansible all -m  group -a "name=devops state=present"

[root@test1 ~]# grep "devops" /etc/group
devops:x:1002:
[root@dev1 ~]# grep "devops"  /etc/group
devops:x:1002:

Step15: File movement ansible to all worker nodes 
Source :Ansible
[root@ansible ~]# vi file.txt
[root@ansible ~]# cat file.txt
This same text file copyig to all worker nodes

Target :Worknode file successfully moved 
[root@ansible ~]# ansible all -m copy -a "src=file.txt dest=/tmp"

[root@test1 ~]# cd /tmp
[root@test1 tmp]# ls
file.txt
Target :Worknode2 file successfully moved 

[root@dev1 ~]# cd /tmp
[root@dev1 tmp]# ls
file.txt

Step16: uninstall all package 
[root@ansible ~]# ansible all -a  "yum remove git* maven httpd  -y"

Step17: Here some drawback for module single single command every need to work CLI mode
,instead of this overcome use Playbook used to execute multiple modules , and reusable 

PLAYBOOKS:
playbooks used to execute multiple modules.
we can reuse the playbook multiple times.
in real time we use a playbook to automate our work.
for  Server Creation, pkg installation, deployment  ----
here we use key-value pairs.
Key-Value can also be called as Dictionary.
ansible-playbook will be written on YAML syntax.
YAML = YET ANOTHER MARKUP LANGUAGE
extension for playbook is .yml or .yaml
playbook start with --- and end with ... (opt)


Step18:
[root@ansible ~]# vi ansibleplb.yaml
[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  tasks:
    - name: installing git
      yum: name=git state=present
    - name: installing maven
      yum: name=maven stats=present
    - name: installing apache
      yum: name=httpd state=present
    - name: start the service apache
      service: name=httpd statse=started
    - name: user creation
      user: name=ccit2 state=present
    - name : copying file
      copy: src=file2.txt dest=/tmp

Step19:
[root@ansible ~]# ansible-playbook ansibleplb.yaml
PLAY all (mean all servers install)



See above we have performed 6 tasks Ok=7 (1 task showing Gathering stats performed by additional task ansible), Gather state ansible will get the states from worker node 
Using sed command replace present to absent for unistall the play book script modification

sed -i means insert 's mean seach g mean global

[root@ansible ~]# vi ansibleplb.yaml
[root@ansible ~]# sed -i 's/present/absent/g' ansibleplb.yaml


[root@ansible ~]# sed -i 's/present/absent/g' ansibleplb.yaml
[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  tasks:
    - name: installing git
      yum: name=git state=absent

    - name: installing maven
      yum: name=maven state=absent

    - name: installing apache
      yum: name=httpd state=absent

    - name: start the service apache
      service: name=httpd state=started

    - name: user creation
      user: name=ccit2 state=absent

    - name : copying file
      copy: src=file.txt dest=/tmp

Step20:Above our script ,after uninstall apache we are trying to start that is the issue failed play book,so here ansible execute the playbook in sequentially manner if any task failed, remaining below task not performed by ansible. 


Step21: Too overcome the issue use the ignore command in playbook execute the complete script
[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  ignore_errors: true
  tasks:
    - name: installing git
      yum: name=git state=absent

    - name: installing maven
      yum: name=maven state=absent

    - name: installing apache
      yum: name=httpd state=absent

    - name: start the service apache
      service: name=httpd state=started

    - name: user creation
      user: name=ccit2 state=absent

    - name : copying file
      copy: src=file.txt dest=/tmp



Tags:
TAGS: by default ansible will execute all tasks sequentially in a playbook.
we can use tags to execute a specific tasks or to skip a specific tasks.
[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  ignore_errors: true
  tasks:
    - name: installing git
      yum: name=git state=absent
      tags: a
    - name: installing maven
      yum: name=maven state=absent
      tags: b
    - name: installing apache
      yum: name=httpd state=absent
      tags: c
    - name: start the service apache
      service: name=httpd state=started
      tags: d
    - name: user creation
      user: name=ccit2 state=absent
      tags: e
    - name : copying file
      copy: src=file.txt dest=/tmp

Step22:
[root@ansible ~]# ansible-playbook ansibleplb.yaml --tags a,c

Step23: need to perform all of the task except one ignore

[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  ignore_errors: true
  tasks:
    - name: installing git
      yum: name=git state=present
      tags: a
    - name: installing maven
      yum: name=maven state=present
      tags: b
    - name: installing apache
      yum: name=httpd state=present
      tags: c
    - name: start the service apache
      service: name=httpd state=started
      tags: d
    - name: user creation
      user: name=ccit2 state=present
      tags: e
    - name : copying file
      copy: src=file.txt dest=/tmp
      tags: f


[root@ansible ~]# ansible-playbook ansibleplb.yaml --skip-tags e,f


PLAY [all] *****************************************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************************
[WARNING]: Platform linux on host 10.0.2.30 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.30]
[WARNING]: Platform linux on host 10.0.2.9 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.9]

TASK [installing git] ******************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing maven] ****************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing apache] ***************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [start the service apache] ********************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

PLAY RECAP *****************************************************************************************************************************************
10.0.2.30                  : ok=5    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
10.0.2.9                   : ok=5    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0


Variables 

[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  ignore_errors: true
  vars:
    a: git
    b: maven
    c: httpd
  tasks:
    - name: installing {{git}}
      yum: name={{a}} state=present
      tags: a
    - name: installing {{b}}
      yum: name={{b}} state=present
      tags: b
    - name: installing apache
      yum: name={{c}} state=present
      tags: c


[root@ansible ~]# ansible-playbook ansibleplb.yaml

PLAY [all] *****************************************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************************
[WARNING]: Platform linux on host 10.0.2.9 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.9]
[WARNING]: Platform linux on host 10.0.2.30 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.30]

TASK [installing {{git}}] **************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing maven] ****************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing apache] ***************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

PLAY RECAP *****************************************************************************************************************************************
10.0.2.30                  : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
10.0.2.9                   : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0


Dynamic Variables 

[root@ansible ~]# cat ansibleplb.yaml
- hosts: all
  ignore_errors: true
  vars:
  tasks:
    - name: installing {{a}}
      yum: name={{a}} state=present
      tags: a
    - name: installing {{b}}
      yum: name={{b}} state=present
      tags: b
    - name: installing apache
      yum: name={{c}} state=present
      tags: c


[root@ansible ~]# ansible-playbook ansibleplb.yaml --extra-vars "a=maven b=docker c=httpd"

PLAY [all] *****************************************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************************
[WARNING]: Platform linux on host 10.0.2.9 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.9]
[WARNING]: Platform linux on host 10.0.2.30 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.0.2.30]

TASK [installing maven] ****************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing docker] ***************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

TASK [installing apache] ***************************************************************************************************************************
changed: [10.0.2.9]
changed: [10.0.2.30]

PLAY RECAP *****************************************************************************************************************************************
10.0.2.30                  : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
10.0.2.9                   : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0


--Thanks 


by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)