Error! Attempted to Read "/etc/ansible/hosts" as Yaml: Syntax Error While Loading Yaml.

• AnsibleFest
• Products
• Customs
• Webinars & Training
• Weblog

Documentation

Ansible Documentation

---

Getting Started¶

Topics

• Getting Started
  • Foreword
  • Remote Connection Information
  • Your first commands
  • Host Key Checking

Foreword¶

Now that you've read the installation guide and installed Ansible, it's time to become started with some ad-hoc commands.

What we are showing first are not the powerful configuration/deployment/orchestration features of Ansible. These features are handled by playbooks which are covered in a carve up section.

This department is about how to initially get Ansible running. Once you empathize these concepts, read Introduction To Advertizing-Hoc Commands for some more detail, and then you'll be ready to begin learning almost playbooks and explore the nigh interesting parts!

Remote Connection Data¶

Earlier nosotros get started, information technology's important to sympathize how Ansible communicates with remote machines over SSH.

Past default, Ansible will try to use native OpenSSH for remote communication when possible. This enables ControlPersist (a performance feature), Kerberos, and options in ~/.ssh/config such as Jump Host setup. However, when using Enterprise Linux 6 operating systems as the command machine (Cerise Hat Enterprise Linux and derivatives such as CentOS), the version of OpenSSH may be too former to support ControlPersist. On these operating systems, Ansible will fallback into using a high-quality Python implementation of OpenSSH chosen 'paramiko'. If you wish to utilize features similar Kerberized SSH and more, consider using Fedora, OS 10, or Ubuntu equally your command auto until a newer version of OpenSSH is available for your platform.

Occasionally you lot'll see a device that doesn't support SFTP. This is rare, but should it occur, you can switch to SCP style in Configuring Ansible.

When speaking with remote machines, Ansible by default assumes you are using SSH keys. SSH keys are encouraged merely password hallmark can also be used where needed by supplying the pick --ask-pass . If using sudo features and when sudo requires a password, also supply --ask-become-laissez passer (previously --enquire-sudo-pass which has been deprecated).

While it may exist mutual sense, it is worth sharing: Any management system benefits from being run almost the machines being managed. If you are running Ansible in a cloud, consider running it from a automobile inside that cloud. In most cases this will work meliorate than on the open up Net.

As an advanced topic, Ansible doesn't just have to connect remotely over SSH. The transports are pluggable, and there are options for managing things locally, also as managing chroot, lxc, and jail containers. A mode called 'ansible-pull' tin also invert the organization and have systems 'phone home' via scheduled git checkouts to pull configuration directives from a central repository.

Your first commands¶

Now that you've installed Ansible, it'due south time to become started with some nuts.

Edit (or create) /etc/ansible/hosts and put ane or more than remote systems in it. Your public SSH key should be located in authorized_keys on those systems:

                                    192.0.ii.fifty                  aserver.instance.org                  bserver.example.org                

This is an inventory file, which is also explained in greater depth here: Working with Inventory.

We'll assume you are using SSH keys for authentication. To set SSH amanuensis to avert retyping passwords, y'all tin do:

                  $ ssh-amanuensis bash $ ssh-add ~/.ssh/id_rsa                

(Depending on your setup, you may wish to use Ansible's --individual-fundamental option to specify a pem file instead)

Now ping all your nodes:

Ansible will attempt to remote connect to the machines using your current user name, just similar SSH would. To override the remote user name, but use the '-u' parameter.

If you would like to admission sudo manner, at that place are besides flags to do that:

                                    # as bruce                  $ ansible all -k ping -u bruce                  # every bit bruce, sudoing to root                  $ ansible all -m ping -u bruce --sudo                  # equally bruce, sudoing to batman                  $ ansible all -thou ping -u bruce --sudo --sudo-user batman                  # With latest version of ansible `sudo` is deprecated so use go                  # equally bruce, sudoing to root                  $ ansible all -m ping -u bruce -b                  # as bruce, sudoing to batman                  $ ansible all -m ping -u bruce -b --become-user batman                

(The sudo implementation is child-bearing in Ansible'due south configuration file if you happen to desire to use a sudo replacement. Flags passed to sudo (like -H) can also be fix there.)

Now run a alive control on all of your nodes:

                  $ ansible all -a                  "/bin/repeat howdy"                

Congratulations! Y'all've only contacted your nodes with Ansible. It's presently going to be time to: read about some more real-earth cases in Introduction To Advertizing-Hoc Commands, explore what you lot tin can do with different modules, and to acquire about the Ansible Working With Playbooks linguistic communication. Ansible is not but about running commands, it also has powerful configuration direction and deployment features. In that location'south more than to explore, only you already have a fully working infrastructure!

Tips

When running commands, you lot can specify the local server by using "localhost" or "127.0.0.one" for the server proper noun.

Case:

                  $ ansible localhost -m ping -eastward                  'ansible_python_interpreter="/usr/bin/env python"'                

Y'all tin specify localhost explicitly past adding this to your inventory file:

                                    localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"                

Host Key Checking¶

Ansible has host fundamental checking enabled by default.

If a host is reinstalled and has a different key in 'known_hosts', this will result in an error bulletin until corrected. If a host is not initially in 'known_hosts' this will result in prompting for confirmation of the key, which results in an interactive feel if using Ansible, from say, cron. Y'all might not desire this.

If you empathize the implications and wish to disable this beliefs, you tin do so past editing /etc/ansible/ansible.cfg or ~/.ansible.cfg :

                                    [                  defaults                  ]                  host_key_checking = False                

Alternatively this can be fix by the ANSIBLE_HOST_KEY_CHECKING surround variable:

                  $                  export                  ANSIBLE_HOST_KEY_CHECKING                  =False                

Too note that host key checking in paramiko style is reasonably wearisome, therefore switching to 'ssh' is also recommended when using this feature.

Ansible will log some information about module arguments on the remote system in the remote syslog, unless a task or play is marked with a "no_log: True" attribute. This is explained afterward.

To enable basic logging on the control machine see Configuring Ansible certificate and ready the 'log_path' configuration file setting. Enterprise users may also be interested in Ansible Belfry. Tower provides a very robust database logging feature where it is possible to drill downwardly and meet history based on hosts, projects, and particular inventories over time – explorable both graphically and through a REST API.

ingallsroys1977.blogspot.com

Source: https://docs.ansible.com/ansible/2.5/user_guide/intro_getting_started.html

Share this post