##### Steps for deployment of Ansible on CentOS 7<\/p>\n
##### Dependency Tasks<\/p>\n
### Install EPEL
\nsudo yum install epel-release<\/p>\n
### Install pending updates
\nsudo yum -y update<\/p>\n
##### Install Ansible<\/p>\n
### Install Ansible
\nsudo yum -y install ansible<\/p>\n
### Verify the Version
\nansible –version<\/p>\n
[db]
\nnode1.rmohan.com
\n[app]
\nnode2.rmohan.com
\n[db]
\nnode3.rmohan.com<\/p>\n
ansible all –list-hosts
\nansible db –list-hosts
\nansible db -m ping<\/p>\n
connect with password authentication, it’s possible to do with “k”
\nansible db -k -m command -a “uptime”<\/p>\n
ansible db -k -m command -a “cat \/etc\/shadow” -b –ask-become-pass<\/p>\n
other user’s priviledge except root, specify the option “–become-user=xxx”.
\nIf you’d like to use another way to use priviledge except sudo (su | pbrun | pfexec | runas), specify the option “–become-method=xxx”.<\/p>\n
ansible db -m ping
\nansible db -m command -a uptime
\nansible db -a “tail \/var\/log\/dmesg”<\/p>\n
ansible -m ping db
\nansible -m ping -all
\nansible -m command -a “df -h” db
\nansible -m command -a “free -mt” db
\nansible -m command -a “uptime” all
\nansible -m command -a “arch” all
\nansible -m shell -a “hostname” all
\nansible -m command -a “df -h” db > \/tmp\/df_outpur.txt<\/p>\n
ansible all -a “echo hello world”
\nansible all -m ping
\nansible db -m ping
\nansible db -m setup -l node-1
\nansible db -m command -a “hostname”
\nansible db -m command -a “hostname” -o
\nansible db -m command -a “uptime”
\nansible db -m shell -a ‘echo $TERM’
\nansible db -b -m yum -a “name=httpd state=present”<\/p>\n
ansible web -b -m service -a “name=httpd state=started”
\nansible web -b -m service -a “name=httpd state=stopped”<\/p>\n
ansible web -a “\/sbin\/reboot” -f 10<\/p>\n
Adhoc Commands<\/p>\n
ansible web -a “yum update -y”
\nansible app -a “yum -y install tomcat”
\nansible app -a “service tomcat status”
\nansible app -a “service tomcat start”
\nansible app -a “yum -y install curl wget”
\nansible app -a “curl web”
\nansible app -a “bash -c ‘curl -k https:\/\/github.com\/opstree-ansible\/ansible-training\/blob\/master\/attendees\/exercise\/application\/sample.war > \/var\/lib\/tomcat\/webapps\/sample.war'”
\nansible app -a “service tomcat restart”
\nansible app -a “curl node2.rmohan.com:8080\/sample\/”<\/p>\n
ansible centos -m copy -a “src=test.txt
\nansible centos -m copy -a “src=test.txt dest=\/tmp\/test.txt”
\nansible centos -m yum -a “install libselinux-python”
\nansible centos -m copy -a “src=test.txt dest=\/tmp\/test.txt”<\/p>\n
vi playbook_sample.yml
\n# target hostname or group name
\n– hosts: web
\n# define tasks
\ntasks:
\n# task name (any name you like)
\n– name: Test file
\n# use file module to set the file state
\nfile: path=\/tmp\/test.conf state=touch owner=root group=root mode=0600<\/p>\n
run Playbook
\nansible-playbook playbook_sample.yml<\/p>\n
ansible web1 -m command -a “ls -l \/tmp\/”<\/p>\n
[root@controller test]# ansible web -m command -a “ls -l \/tmp\/test.conf”
\nnode1.rmohan.com | SUCCESS | rc=0 >>
\n-rw——- 1 root root 0 Mar 31 20:29 \/tmp\/test.conf<\/p>\n
create a Playbook which Apache httpd is installed and running.
\nvi playbook_sample2.yml
\n– hosts: web
\n# use priviledge (default : root)
\nbecome: yes
\n# the way to use priviledge
\nbecome_method: sudo
\n# define tasks
\ntasks:
\n– name: httpd is installed
\nyum: name=httpd state=installed
\n– name: httpd is running and enabled
\nservice: name=httpd state=started enabled=yes<\/p>\n
ansible-playbook -v playbook_sample2.yml –ask-become-pass<\/p>\n
ansible web -m shell -a “\/bin\/systemctl status httpd | head -3” -b –ask-become-pass<\/p>\n
[root@controller test]# ansible web -m shell -a “\/bin\/systemctl status httpd | head -3” -b –ask-become-pass
\nSUDO password:
\nnode1.rmohan.com | SUCCESS | rc=0 >>
\n? httpd.service – The Apache HTTP Server
\nLoaded: loaded (\/usr\/lib\/systemd\/system\/httpd.service; enabled; vendor preset: disabled)
\nActive: active (running) since Sat 2018-03-31 20:36:52 +08; 46s ago<\/p>\n
\/root\/ansible\/playbook\/test<\/p>\n
playbook_sample.yml<\/p>\n
– hosts: db
\nbecome: yes
\nbecome_method: sudo
\ntasks:
\n– name: General packages are installed
\nyum: name={{ item }} state=installed
\nwith_items:
\n– vim-enhanced
\n– wget
\n– unzip
\ntags: General_Packages<\/p>\n
[root@controller test]# ansible-playbook playbook_sample.yml –ask-become-pass
\nSUDO password:<\/p>\n
PLAY [db] *****************************************************************************************************************************************************************************************************************************************************************<\/p>\n
TASK [Gathering Facts] ****************************************************************************************************************************************************************************************************************************************************
\nok: [node3.rmohan.com]<\/p>\n
TASK [General packages are installed] *************************************************************************************************************************************************************************************************************************************
\nok: [node3.rmohan.com] => (item=[u’vim-enhanced’, u’wget’, u’unzip’])<\/p>\n
PLAY RECAP ****************************************************************************************************************************************************************************************************************************************************************
\nnode3.rmohan.com : ok=2 changed=0 unreachable=0 failed=0<\/p>\n
[root@controller test]#<\/p>\n
ansible db -m shell -a “rpm -qa | grep -E ‘vim-enhanced|wget|unzip'” –ask-become-pass<\/p>\n
variables from “GATHERING FACTS”
\nvi playbook_sample3.yml<\/p>\n
# refer to “ansible_distribution”, “ansible_distribution_version”
\n– hosts: target_servers
\ntasks:
\n– name: Refer to Gathering Facts
\ncommand: echo “{{ ansible_distribution }} {{ ansible_distribution_version }}”
\nregister: dist
\n– debug: msg=”{{ dist.stdout }}”<\/p>\n
[root@controller test]# ansible-playbook playbook_sample3.yml<\/p>\n
PLAY [web] ****************************************************************************************************************************************************************************************************************************************************************<\/p>\n
TASK [Gathering Facts] ****************************************************************************************************************************************************************************************************************************************************
\nok: [node1.rmohan.com]<\/p>\n
TASK [Refer to Gathering Facts] *******************************************************************************************************************************************************************************************************************************************
\nchanged: [node1.rmohan.com]<\/p>\n
TASK [debug] **************************************************************************************************************************************************************************************************************************************************************
\nok: [node1.rmohan.com] => {
\n“msg”: “CentOS 7.4.1708″
\n}<\/p>\n
PLAY RECAP ****************************************************************************************************************************************************************************************************************************************************************
\nnode1.rmohan.com : ok=3 changed=1 unreachable=0 failed=0<\/p>\n
vi playbook_sample4.yml
\n– hosts: target_servers
\nbecome: yes
\nbecome_method: sudo
\nhandlers:
\n– name: restart sshd
\nservice: name=sshd state=restarted
\ntasks:
\n– name: edit sshd_config
\nlineinfile: >
\ndest=\/etc\/ssh\/sshd_config
\nregexp=”{{ item.regexp }}”
\nline=”{{ item.line }}”
\nwith_items:
\n– { regexp: ‘^#PermitRootLogin’, line: ‘PermitRootLogin no’ }
\nnotify: restart sshd
\ntags: Edit_sshd_config<\/p>\n
ansible-playbook playbook_sample4.yml –ask-become-pass<\/p>\n
export JAVA_HOME=\/opt\/java\/java\/
\nexport JRE_HOME=\/opt\/java\/java\/jre
\nexport PATH=$PATH:\/opt\/java\/java\/bin:\/opt\/java\/java\/jre\/bin<\/p>\n","protected":false},"excerpt":{"rendered":"
##### Steps for deployment of Ansible on CentOS 7<\/p>\n
##### Dependency Tasks<\/p>\n
### Install EPEL sudo yum install epel-release<\/p>\n
### Install pending updates sudo yum -y update<\/p>\n
##### Install Ansible<\/p>\n
### Install Ansible sudo yum -y install ansible<\/p>\n
### Verify the Version ansible –version<\/p>\n
[db] node1.rmohan.com [app] node2.rmohan.com [db] node3.rmohan.com<\/p>\n
ansible all –list-hosts ansible db […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[91],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7626"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7626"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7626\/revisions"}],"predecessor-version":[{"id":7627,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7626\/revisions\/7627"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7626"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7626"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7626"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}