Ansible on PowerKVM

1. What is Ansible?

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates. Its based on python.

Ansible is like chef, puppet, Salt. Ansible is agentless And based on yaml files which is simple to handle.

2. How to install/Build?

Ansible by default manages machines over the SSH protocol. If your ansible serverĀ  is Fedora or Powerkvm machine:

yum install ansible

if not, build ansible from source

git clone git://github.com/ansible/ansible.git

cd ansible

make rpm

sudo rpm -Uvh ~/rpmbuild/ansible-*.noarch.rpm

3. Configure Ansible server & remote nodes

copy public keys to avoid password less SSH

In my setup: ansible (Ansible server)

pkvm.ibm.com (remote server)

Ansible server: Add ip/hostname of all remote hostsĀ  in /etc/ansible/hosts

[root@ansible ~]# cat /etc/ansible/hosts

# This is the default ansible ‘hosts’ file.
#
# It should live in /etc/ansible/hosts
#
# – Comments begin with the ‘#’ character
# – Blank lines are ignored
# – Groups of hosts are delimited by [header] elements
# – You can enter hostnames or ip addresses
# – A hostname/ip can be a member of multiple groups

# Ex 1: Ungrouped hosts, specify before any group headers.
pkvm.ibm.com

4. Basic tests

Just run simple ping test

[root@ansible ~]# ansible all -m ping -vvv
<pkvm.ibm.com> ESTABLISH CONNECTION FOR USER: root
<pkvm.ibm.com> REMOTE_MODULE ping
<pkvm.ibm.com> EXEC ssh -C -tt -q -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=”/root/.ansible/cp/ansible-ssh-%h-%p-%r” -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 pkvm.ibm.com /bin/sh -c ‘mkdir -p $HOME/.ansible/tmp/ansible-tmp-1418659430.48-75011742521532 && echo $HOME/.ansible/tmp/ansible-tmp-1418659430.48-75011742521532’
The authenticity of host ‘pkvm.ibm.com (9.3.110.242)’ can’t be established.
ECDSA key fingerprint is e3:ef:a7:09:f9:eb:52:77:90:f7:37:f8:d4:32:7e:88.
Are you sure you want to continue connecting (yes/no)? yes
<pkvm.ibm.com> PUT /tmp/tmp8bjuw2 TO /root/.ansible/tmp/ansible-tmp-1418659430.48-75011742521532/ping
<pkvm.ibm.com> EXEC ssh -C -tt -q -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=”/root/.ansible/cp/ansible-ssh-%h-%p-%r” -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 pkvm.ibm.com /bin/sh -c ‘LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1418659430.48-75011742521532/ping; rm -rf /root/.ansible/tmp/ansible-tmp-1418659430.48-75011742521532/ >/dev/null 2>&1’

Result:
pkvm.ibm.com | success >> {
“changed”: false,
“ping”: “pong”
}

Advertisements