Ansible is an automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
Ansible works by connecting to your nodes and pushing out small programs, called “Ansible Modules” to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished.
In this HelloWorld example we will show how to execute some basic commands remotely using Ansible. The following steps are needed:
1) Install ansible
The installation is detailed at this link:http://docs.ansible.com/ansible/intro_installation.html
For most Linux users a yum install will be enough:
$ sudo yum install ansible
2) Install SSH keys on remote hosts
In most cases, you will need provisioning remote machines via SSH, hence you have to generate a key on your machine, if you don’t have one already:
$ ssh-keygen -t rsa
Go through the list of question. For a proof of concept, and if you are not concerned about security, you can just hit several times.
3) Copy ssh keys on the remote host
You can use the ssh-copy-id command which will store your public key in the server’s authorized keys.
$ ssh-copy-id [email protected]
After doing this, you should be able to log in just by running:
$ ssh [email protected]
4) Test ansible
Now you can test access to ansible via ssh. For example you want a list of Java process running on the remote machine example.com. Execute ansible by passing as argument the IP address of the target server (where we have installed the keys), the username and the module (-m) to execute, in our case the shell:
$ ansible all -i '192.168.10.1,' -u username -m shell -a "ps -ef | grep java"
jboss 14932 9578 66 Apr10 ? 18:00:03 /space/jboss/jdk1.6.0_37/bin/java -XX:PermSize=256m -XX:MaxPermSize=256m -Xms2048m -Xmx2048m – -Djboss.bind.address=prsilrjb06.inail.it -Djboss.domain.master.address=192.168.10.1 -Djavax.net.ssl.keyStore=/space/jboss/jboss-eap-6.2/ssl/weblogic_keystore.jks -Djava.awt.headless=true -Djboss.modules.system.pkgs=org.jboss.byteman,com.wily.introscope -Djava.net.preferIPv4Stack=true -Djavax.net.ssl.keyStorePassword=weblogic11 -Djavax.net.ssl.trustStore=/space/jboss/jboss-eap-6.2/ssl/weblogic_keystore.jks -Duser.language=it -Duser.country=IT -D[Host -Djboss.home.dir=/space/jboss/jboss-eap-6.2 -Djboss.domain.master.port=9999 -Djboss.path.conf=/space/jboss/conf -Djavax.net.ssl.keyStoreAlias=weblogic_alias -Djboss.server.log.dir=/space/jboss/jboss-eap-6.2/domain/servers/denuncia-server4/log -Djboss.server.temp.dir=/space/jboss/jboss-eap-6.2/domain/servers/denuncia-server4/tmp -Djboss.server.data.dir=/space/jboss/jboss-eap-6.2/domain/servers/denuncia-server4/data -Dlogging.configuration=file:/space/jboss/jboss-eap-6.2/domain/servers/denuncia-server4/data/logging.properties -jar /space/jboss/jboss-eap-6.2/jboss-modules.jar -mp /space/jboss/jboss-eap-6.2/modules/:/space/jboss/jboss-eap-6.2/modules/application/it/inail/ -jaxpmodule javax.xml.jaxp-provider org.jboss.as.server
Congratulations! You have just executed your first Remote Ansible access!