Enterprise IT needs more than traditional IT tools. Because there are different architecture and styles in IT infrastructure. In a small company one web server is enough for all but in an enterprise company, there may be 10 – 100 web servers for the department’s different needs. Here one of the most important things is orchestration and management of the infrastructure simple and confident way. Ansible is a tool that gives the ability to the server admins or devops.

Installing

We will use Fedora Server 24 for this tutorial and our architecture is 64 bit. 1 GB is enough for simple tests but keep in mind that there is more if your work is complex. We have two servers named poftut1 and poftut2. We will manage from poftut1 the two servers.

$ sudo dnf install ansible -y

Install nano for editing Ansible hosts file.

$ sudo dnf install nano -y

Open and add servers with an IP address as a group named poftut_servers

$ nano /etc/ansible/hosts

Add the following lines. This file is called inventory in Ansible terminology.

[poftut_servers] 127.0.0.1 poftut1 192.168.122.234 poftut2

Start Simple

We have completed installation and setup. Now we will try to access our servers by using their group name.

$ ansible poftut_servers -a "hostname" The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:BG7kN+MYiC1SB84l7XuyW/ahCtDIs1Ewf4u0CiHgZ3M. ECDSA key fingerprint is MD5:25:f7:ea:8f:ae:7f:59:22:44:3e:97:fa:ec:c6:f7:62. Are you sure you want to continue connecting (yes/no)? The authenticity of host '192.168.122.234 (192.168.122.234)' can't be establis hed. ECDSA key fingerprint is SHA256:GsOxJithwTGuhXUQUSAEsmjI+kjo3Bk43iGxGZJ90UA. ECDSA key fingerprint is MD5:e4:bd:d7:0d:a2:68:df:f5:84:75:11:6f:7f:e6:12:82. Are you sure you want to continue connecting (yes/no)? yes 127.0.0.1 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh.", "unreachable": true }

We can not run hostname command here. Because we have to provide a password for the current user or set up key-based authentication for ssh. Second is more secure.

$ ssh-copy-id localhost /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host 'localhost (::1)' can't be established. ECDSA key fingerprint is SHA256:BG7kN+MYiC1SB84l7XuyW/ahCtDIs1Ewf4u0CiHgZ3M. ECDSA key fingerprint is MD5:25:f7:ea:8f:ae:7f:59:22:44:3e:97:fa:ec:c6:f7:62. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'localhost'" and check to make sure that only the key(s) you wanted were added.

$ ssh-copy-id 192.168.122.234 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.122.234 (192.168.122.234)' can't be established. ECDSA key fingerprint is SHA256:GsOxJithwTGuhXUQUSAEsmjI+kjo3Bk43iGxGZJ90UA. ECDSA key fingerprint is MD5:e4:bd:d7:0d:a2:68:df:f5:84:75:11:6f:7f:e6:12:82. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '192.168.122.234'" and check to make sure that only the key(s) you wanted were added.

Now try again same simple command.

$ ansible poftut_servers -a "hostname" 127.0.0.1 | SUCCESS | rc=0 >> poftut1 192.168.122.234 | SUCCESS | rc=0 >> poftut2

Now create a directory in all servers in our poftut_servers group.

$ ansible poftut_servers -a "mkdir poftut" 127.0.0.1 | SUCCESS | rc=0 >> 192.168.122.234 | SUCCESS | rc=0 >>

It seems success but we can make a double check with Ansible by listing the directory.

$ ansible poftut_servers -a "ls" 192.168.122.234 | SUCCESS | rc=0 >> image-build original-ks.cfg poftut 127.0.0.1 | SUCCESS | rc=0 >> original-ks.cfg poftut

How to Install Ansible and Manage Servers? Infographic