Ansible - jude-lindale/Wiki GitHub Wiki

Networking

> controller 10.0.5.90
> ansible1 10.0.5.91
> ansible2 10.0.5.92
> create deployer account on all machines and give it sudo. create a sudo account on controller too
> Add in the DNS records
> Make sure to reboot NetworkManager

SSH Keys

> On controller create an RSA keypair with a passphrase. You can do that with:
> ssh-keygen -t rsa -C "sys265"
> eval $(ssh-agent)
> ssh-add -t 14400
> ssh-copy-id deployer@ansible1
> ssh-copy-id deployer@ansible2

Ansible

> On controller run:
> Sudo apt install ansible sshpass python3-paramiko
> on each machine create a file in /etc/sudoers.d/sys265 (the file is sys265, not a directory)
> In this file write:
    deployer    ALL=(ALL)      NOPASSWD:  ALL

Testing ansible

> mkdir -p /home/deployer/ansible/roles (On Controller)
> cd into ansible and run echo ansible1-jude >> inventory.txt and then run echo ansible2-jude >> inventory.txt 
> Then to make sure it works run ansible all -m ping -i inventory.txt
> ansible <all/inventorycategory> -a <command> -i inventory.txt
> to install Ansible Galaxy run 
    ansible-playbook -i inventory.txt <playbook.yml>

Deployer Kibana using Ansible

> Kibana can be installed by runnuig:
    ansible-galaxy install geerlingguy.kibana -p roles/
> Create kibana.yml with the following content:

- name: Kibana SYS265
  hosts: kibana
  become: true
  roles:
    - geerlingguy.kibana
  tasks:
  - name: Adding Firewall rules
    command: firewall-cmd --add-service=http --permanent
    command: firewall-cmd --add-port=5601/tcp --permanent
 - name: Reloading the Firewall
    command: firewall-cmd --reload
⚠️ **GitHub.com Fallback** ⚠️