martes, 30 de abril de 2013

Installing and executing Ansible on Ubuntu

This time is shown how to install and deploy and Ansible installation, also how to configure myhost to set a group of hosts to issue Ansible commands.

It is easy and simple.

Ansible is useful if you want sto perform multiple aoperation on remote hosts; for example to install a big data database or to configure a multinode hadoop cluster. You can also send requests to find particular information and work with the result data; perhaps you need maintenance to cleanup your temporal file or create a cron job for all hosts, or some, etc.

Here you will see how to issue simple ansible commands and basic ansible-playbooks with an ease java-6-oracle example.

To install it on Ubuntu:

  # sudo add-apt-repository ppa:rquillo/ansible
  # sudo apt-get update
  # sudo apt-get install ansible -y

It is IMPORTANT to add to authorized_keys the uder (id_rsa,pub) that will issue Ansible Commands, in this case it is the same host. IF YOU DON'T have an id_rsa, then create it.

To create id_rsa:   (Make sure you don't have one already)

  # ssh-keygen            
Then cat it to copy it pubkey content and add it to authorized keys, remember in this examplo it is in the same authorized keys of the same host.

  # cat .ssh/ 
  # vi .ssh/authorized_keys 

Now you can add localhost to myhosts to do a quick test:

   # echo localhost > myhosts
   # export  ANSIBLE_HOSTS=$(pwd)/myhosts
   # echo $ANSIBLE_HOSTS
   # ansible all -m ping -u ubuntu

     localhost | success >> {
         "changed": false,
         "ping": "pong"

There you go, Ansible works, what have we done so far? Just test it, you can ccreat at myhosts a set of remote instances by adding to my hosts a tag like:

     # vi myhosts


In this case you can issue Ansible commands for a particular set of my_remote_servers like:

   # ansible my_remote_servers -m ping -u ubuntu

You can see now that only the servers listed in my_remote_servers will respond to ping.

What can we do? all that the specified user can do, for example:

     # ansible gazzang  -a "ls /home/ubuntu" -u ubuntu | success | rc=0 >>
     file.txt | success | rc=0 >>

Remember that for and the id_rsa_pub should've been added to their corresponding autrorized keys; if not the Ansible command will fail with:

     # ansible gazzang  -a "ls /home" -u ubuntu | FAILED => FAILED: Authentication failed.

IF YOU ARE PLANNING TO ISSUE SUDO COMMANDS, then remember to add to /root/.ssh/authorized keys the  Or add to the non-root user root permissions, just be careful.

Wanna go further? of course yo do!

Follow are two YAML files, these are ansible-playbooks, you can see that we are installing java-6-oracle from PPA and we acre including one YAML into another.

# This playbook just includes a second playbook
- hosts: ec2
    reponame: stable
    distro_release: precise
  user: ubuntu
  sudo: yes
  - include: install_java6oracle_on_ubuntu.yml

  #First operations
  - name: Describe first task
    shell: echo "This is the issued command"

  - name: Describing second task
    shell: sudo gpg --keyserver --recv-key  D2B6F0B7FADF302F


You can do many operations on the different ansible-platbook tasks, this is just a small set of them.

  - name: Changing the cluster name at /etc/cassandra/cassandra.yaml and the listen_address
    shell: sudo cat $cassandra_orig  | sed "s/Test Cluster/Cassandra Production Cluster/" | sed "s/listen_address:\ localhost/listen_address:\ \"$( ifconfig  | grep Bcast | awk '{print
substr($2,6)}')\"/" | sed "s/seeds:\ \"\"/seeds:\ \"$seed_ip\"/" | sed "s/rpc_address:\ localhost/rpc_address:\"    > $cassandra_tmp

You can save stdout at a ansible variable from prompt commands by using the operation register:

  - name: Get Cassandra PID
    shell: ps aux | grep cassandra | grep oracle | grep root | grep -v ansible | awk '{ print($2) }'
    register: cassandra_pid

  - name: Creating cassandra profile
    shell: sudo zncrypt-profile  --pid=${cassandra_pid.stdout} > $cassandra_profile_file

Have Fun!

P.D. Flag has no reverse meaning (useless)

No hay comentarios:

Publicar un comentario