> controller 10.0.5.90
> ansible1 10.0.5.91
> ansible2 10.0.5.92
> create deployer account on all machines and give it sudo. create a sudo account on controller too
> Add in the DNS records
> Make sure to reboot NetworkManager
SSH Keys
> On controller create an RSA keypair with a passphrase. You can do that with:
> ssh-keygen -t rsa -C "sys265"
> eval $(ssh-agent)
> ssh-add -t 14400
> ssh-copy-id deployer@ansible1
> ssh-copy-id deployer@ansible2
Ansible
> On controller run:
> Sudo apt install ansible sshpass python3-paramiko
> on each machine create a file in /etc/sudoers.d/sys265 (the file is sys265, not a directory)
> In this file write:
deployer ALL=(ALL) NOPASSWD: ALL
Testing ansible
> mkdir -p /home/deployer/ansible/roles (On Controller)
> cd into ansible and run echo ansible1-jude >> inventory.txt and then run echo ansible2-jude >> inventory.txt
> Then to make sure it works run ansible all -m ping -i inventory.txt
> ansible <all/inventorycategory> -a <command> -i inventory.txt
> to install Ansible Galaxy run
ansible-playbook -i inventory.txt <playbook.yml>
Deployer Kibana using Ansible
> Kibana can be installed by runnuig:
ansible-galaxy install geerlingguy.kibana -p roles/
> Create kibana.yml with the following content:
- name: Kibana SYS265
hosts: kibana
become: true
roles:
- geerlingguy.kibana
tasks:
- name: Adding Firewall rules
command: firewall-cmd --add-service=http --permanent
command: firewall-cmd --add-port=5601/tcp --permanent
- name: Reloading the Firewall
command: firewall-cmd --reload