Ansible & Automation Lab - RileyBashaw/SYS265 GitHub Wiki
Had to use a different method to set up the network on the Ubuntu 22.04 Controller.
Followed the source information and changed the 00-installer-config.yaml.
Make sure to use "sudo netplan generate" and "sudo netplan apply" in order to save your network configuration.
In order to change the hostname use the following command:
sudo hostnamectl set-hostname controller-riley (controller-riley is my chosen name)
Ran into some issues with my .yaml file for the controller-riley server, I added search for "riley.local" to my nameservers section which fixed my issue of not being able to use nslookup.
Then, I started with setting up the deployer.
Used ssh-keygen -t rsa -b 4096 to generate a key. Kept it as the default location.
Used the following commands to copy my key into the other deployer users on ansible01 and ansible02.
ssh-copy-id -i ~/.ssh/id_rsa.pub deployer@ansible01 ssh-copy-id -i ~/.ssh/id_rsa.pub deployer@ansible02
After doing this, I was able to do: ssh-add -t 14400
This allowed me login once every 4 hours with my password to the ansible servers so I don't have to do it repeatedly.
mkdir -p ansible/roles
within this directory, echo ansible01-riley >> inventory.txt echo ansible02-riley >> inventory.txt
then, ansible all -m ping -i inventory.txt
Should be a success for both!
Modify the inventory.txt file to be:
ansible01-riley [webmin] ansible02-riley
then, use "ansible webmin -m ping -i inventory.txt"
should be successful!
Now, install webmin playbook:
ansible-galaxy install semuadmin.webmin -p roles/
When you type "ls roles/" should come up with: semuadmin.webmin
create webmin.yml and configure it:
run the command via: ansible-playbook -i inventory.txt roles/webmin.yml (Make sure that all parts of the yaml file are 2 spaces apart and set up properly!)
Go to the web browser to check if it's up! (in my case it was ansible02-riley.riley.local:10000
When installing my additional role, I chose geerlingguy.java.
Source: https://galaxy.ansible.com/ui/standalone/roles/geerlingguy/java/documentation/
This all went smoothly from setting up the playbook until I had to allow SSH private key access.
Fixed this by adding "ansible_ssh_private_key_file=//home/deployer/.ssh/id_rsa" to my inventory.txt.
Added right next to "ansible01-riley"
Everything worked!
Preparing MGMT01 for Ansible: Installed OpenSSH via the .msi installer through their github.
used the following commands after installation via powershell:
Start-Service sshd Set-Service -Name sshd -StartupType 'Automatic'
Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
Also had to allow OpenSSH through the entirety of the firewall for the domain and public.
You then want to update your inventory file to add a new group called windows with mgmt01-riley. Also include [windows:vars]
Use: ansible windows -i inventory.txt -m win_ping -u [email protected] --ask-pass This will allow you to get a successful win_ping from the controller to mgmt01.
Add wks01-riley to the inventory.txt under mgmt01.
You will get an error regarding the win_ping until you install OpenSSH on the wks01-riley machine and allow it through the firewall.
Rerunning the playbook for windows after this should lead to a success!
Software Deployment using Win_Chocolatey
use the following command in both wks01 and mgmt01 in Admin Powershell to install on Windows side.
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
Also add the playbook called windows_software.yml and configure it to install firefox and 7zip, comment them out later to install notepad++ as well!
As long as the installations were successful, run the playbook command:
ansible-playbook -i inventory.txt roles/windows_software.yml -u [email protected] --ask-pass
Using a remote SSH session to mgmt01, check to see the installed packages:
C:\ProgramData\chocolatey\bin\choco.exe list
(Side note, --local-only doesn't work anymore!)