I know Chef decently well now, and after going through the learning curve I’m liking the concept of an agentless Ansible better, so maybe I should get to actually know Ansible.

With Chef I found myself trying too hard to do things the Chef way when I’d get things done more quickly just implementing a script. Also, with my appilcation I found Chef nice to use to configure a single machine, but provisioning seems a bit painful and orchestration is not something it does well for my current needs (which is a 3rd-party app that has complex node-interdependent orchestration needs). I wound up using plain Ruby for orchestration, but I’m looking for other methods, and Ansible playbooks sound promising.

I know I had done some basic Ansible functions somewhat recently, but I couldn’t find notes. I fired up my Ansible workstation VM and found that I had done this on December 4 before I started using this blog for notes, and if I took any notes I can’t find them now. But history is very helpful here :) .

It looks like I:

  • Installed Ansible on an CentOS 7 system via EPEL with:

    sudo yum install epel-release
sudo yum install ansible

    Actually, it looks like I may have tried installing Ansible from a python series of commands first as I see I ran python followed by some ansible commands and then used the above commands. I don’t recall what happened there and don’t have the python command history.

  • Set up id.rsa key file and started ssh-agent bash and ssh add path/to/id.rsa to allow Ansible to use that to authenticate to other hosts for now
  • Added the id.rsa.pub contents to ~/.ssh/authorized_keys on the target hosts and set the permission properly (chmod 600 ~/.ssh/authorized_keys) so they would accept the key authentication

  • sudo vi /etc/ansible/hosts and added the IP addresses of the target hosts (I used unroutable ULA IPv6 addresses because reasons…oh probably because of peculiarities with my lab hypervisor)

    [test]
fd43:4834:bd2d:0:215:5dff:fe01:4814
# 192.168.1.151

[atomic]
fd43:4834:bd2d:0:215:5dff:fe01:4812
  • ansible all -m ping
  • ansible all -m ping --sudo to test superuser access, but this fails
  • ansible all -a "/bin/echo hello"
  • ansible all -a "/bin/echo hello" --sudo (this fails and is deprecated anyway)
  • ansible test -a "/bin/echo hello" -b -K this successfully runs as sudo on the target machine and prompts for the sudo password. Peeking at the ansible --help, -b is --become and -K is --ask-become-pass which prompts for the password.
  • ansible all -m setup
  • ansible atomic -m setup | less -S (One of my target machines was to be an Atomic host)

And that seems to be as far as I got in December, getting it running and running some ad-hoc commands. I guess I’ll do more with it soon.

Looking through my browser history I can’t find a candidate page or video that I might have been following, but I was looking a lot at http://docs.ansible.com/ansible/index.html and its subpages.

Oh, and since I have Win10’s Ubuntu on Windows I installed Ansible there and can use it as my workstation:

sudo apt-get install ansible ansible-doc

And after setting up my /etc/ansible/hosts file and id.rsa, the above commands work!