ansible - doubility-sky/daydayup GitHub Wiki
- 
Ansible, Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
- Installation
- Concepts
- Inventory, An inventory is a list of managed nodes, or hosts, that Ansible deploys and configures
- Vault, Ansible Vault encrypts variables and files so you can protect sensitive content such as passwords or keys rather than leaving it visible as plaintext in playbooks or roles.
- 
Ansible Playbook, Playbooks are automation blueprints, in YAML format, that Ansible uses to deploy and configure nodes in an inventory.
- 
Keywords, These are the keywords available on common playbook objects. Keywords are one of several sources for configuring Ansible behavior. - Play
- Role
- Block
- Task
 
- 
Ansible Galaxy, Ansible Galaxy refers to the Galaxy website, a free site for finding, downloading, and sharing community developed roles. 
- 
Sample Playbook playbook.yml--- - name: playbook # Playbook Name hosts: lab #Labels from inventory tasks: - name: connection_check # Name of the task ping: # Module to call outputroot@ubuntu-xenial:/opt/infra/ ansible-playbook playbook/playbook.yml -v Using /opt/infra/ansible.cfg as config file PLAY [playbook] ************************************************************* TASK [setup] ******************************************************************* ok: [lab01] ok: [lab02] TASK [connection_check] ******************************************************** ok: [lab01] => {"changed": false, "ping": "pong"} ok: [lab02] => {"changed": false, "ping": "pong"} PLAY RECAP ********************************************************************* lab01 : ok=2 changed=0 unreachable=0 failed=0 lab02 : ok=2 changed=0 unreachable=0 failed=0 root@ubuntu-xenial:/opt/infra/ 
 
- 
 
 
- To support Password Authentication
- 
Install ansible and sshpass apt update apt install software-properties-common add-apt-repository --yes --update ppa:ansible/ansible apt install ansible apt install sshpass 
- 
Enable Password Authentication in sshd (in each node) vi /etc/ssh/sshd_config # Change to no to disable tunnelled clear text passwords PasswordAuthentication yes
 
- 
- 
Private Key permission is too open, and caused git clone failure "stderr": "Cloning into '/root/kiss'...\nWarning: Permanently added 'gitlab.com,172.65.251.78' (ECDSA) to the list of known hosts.\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0644 for '/root/gitlab.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/root/gitlab.key\": bad permissions\r\nPermission denied (publickey,keyboard-interactive).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n" SolutionChange Permission to "0400" to set RO to owner only- name: Copy Private key to host copy: src: ../keys/id_rsa dest: /root/gitlab.key mode: "0400" 
