Install Ansible
About Ansible installation
I decided to use Ansible in my research, and when I installed it, I stumbled on some, so I will describe how to deal with it. Shut down the management terminal with Ansible.
Experiment environment
- UbuntuServer 16.04 LTS
- SSH
Installation
Server side Install Ansible and Python 2.7.
$ sudo apt-get install ansible
$ sudo apt-get install python2.7
Client side Install Python Simplejson.
$ sudo apt-get install python-simplejson
You now have everything you need installed.
Client settings
Public key authentication is required to connect to the client from the server with Ansible. However, even if you don't bother to spend money to issue a certificate from a certificate authority, a self-signed certificate is sufficient, so use a self-signed certificate. However, instead of using the public key to authenticate, the private key is used for authentication. Do not set a password this time. Be sure to copy the private key to the server
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/karuma/.ssh/id_rsa):← Press Enter
Created directory '/home/karuma/.ssh'. ← ~/.If you don't have ssh, create a directory
Enter passphrase (empty for no passphrase):← Enter your passphrase(Do not enter this time)
Enter same passphrase again:← Enter your passphrase again(Do not enter this time)
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/id_rsa*
$ chmod 700 ~/.ssh/
$ chmod 600 ~/.ssh/authorized_keys
Server settings
- ./ssh/config --/ etc / ansible / hosts (any hierarchy is acceptable) -/etc/ansible/test.yml (any hierarchy is acceptable)
The above three items must be prepared. Also, as an example, change it appropriately according to your own environment.
..ssh/config
Host IP address
HostName IP address
User test
Port 22
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile "Absolute coordinates of private key"
IdentitiesOnly yes
LogLevel FATAL
/etc/ansible/hosts.
[all]
(IPAddress) ansbile_ssh_user=(UserName) ansible_ssh_private_key_file=(Absolute coordinates of private key)
[all:vars]
ansible_sudo_pass=(sudo password)
- Due to the specifications of Qiita, the file name cannot be specified without adding ".", So "." Is added after hosts. (IPAddress) = 127.0.0.1 To replace like
By setting [test: vars], the same settings can be specified for all terminals described in [test]. In this example, the sudo password is specified.
/etc/ansible/test.yml
---
- hosts:all
always_run:yes
tasks:
- name: shutdown
Command: shutdown -h now
Operation check
Confirm that communication can be confirmed from Ansible to the managed terminal.
$ ansible all -m ping
If it becomes such a display, it is successful.
Next, try shutting down.
$ ansible-playbook /etc/ansible/shutdown.yml --check -s
I added "--check" to check the operation this time, but it is not necessary when actually using it.
~~ Also, there is an error in this image, but I'm thinking of investigating the cause in the future. However, it has been confirmed that the management terminal is shut down normally. ~~ It turned out that this error was caused by the connection being cut off by shutting down the management terminal while making an SSH connection on the Ansible side. Therefore, Ansible can be terminated normally by rewriting with the following contents. By changing the command from "now" to "1", it will shut down after 1 minute.
/etc/ansible/test.yml
---
- hosts:all
always_run:yes
tasks:
- name: shutdown
Command: shutdown -h 1
Recommended Posts