How to prepare FreeBSD server to be managed by Ansible tool

ADVERTISEMENTS



Sample setup to manage FreeBSD server(s) using Ansible

I know Ansible manages Linux server using SSH by default. I thought FreeBSD servers are running in the cloud are no exception. However, I ran into problems. I am unable to manage freshly created FreeBSD server using Ansible DevOps/IT automation tool. How can I manage my FreeBSD server using Ansible?– Ansible is easy to use IT automation and DevOps tool. One can use it for automation tasks. You can easily configure and manage FreeBSD server using Ansible. Ansible works from a control workstation powered by macOS, Linux or *BSD family of operating systems. A control workstation sends commands to multiple local/remote servers in parallel over the ssh based session. All you need is ssh and python installed on a control workstation and remote servers.



Where,

A control machine located at 192.168.1.107. It must have ssh client, Python and Ansible software installed. A control machine can be powered by macOS, Linux distro or BSD operating system such as FreeBSD. A control machine (Ansbile software) will send commands to multiple target machines in parallel. 192.168.2.100, 192.168.2.101, 192.168.2.102 and so on all are servers powered by different operating systems.

User management setup on a remote FreeBSD box for Ansible

Let us see all steps.

You must have OpenSSH server enabled on FreeBSD box

Verify it with the following command:

% service -e | grep sshd

If OpenSSH server not enabled on FreeBSD box, type the following command to activate at boot time and start it:

# echo 'sshd_enable="YES"' >> /etc/rc.conf

# service sshd start

You must have sudo installed on FreeBSD server

Run the following command:

% type sudo

If the sudo command not found, install it using the following pkg command:

# pkg install sudo

Allow members of group wheel to execute any command:

# echo '%wheel ALL=(ALL) ALL' >/usr/local/etc/sudoers.d/allow-wheel-user-login

Make sure regular user is part of the wheel group

Use the id command to find user’s group membership:

% id vivek

uid=1001(vivek) gid=1001(vivek) groups=1001(vivek)

As you can see vivek user is not part of the wheel group. Add user vivek to the wheel group using pw command # pw usermod -n vivek -G wheel

# id vivek

uid=1001(vivek) gid=1001(vivek) groups=1001(vivek),0(wheel)

Install Python 2.x or Python 3.x

The final requirement is to install Python on FreeBSD box.

# pkg install python36

OR

# pkg install python27

Please note down the path for Python:

% type python2.7

python2.7 is /usr/local/bin/python2.7

% type python3.6

python3.6 is /usr/local/bin/python3.6

How to prepare FreeBSD server to be managed by Ansible tool

First create an inventory file as follows on a control machine:

$ vi hosts

Add hostnames/IP address of all remote FreeBSD/Linux servers:

[myhosts] 192.168.2.100

192.168.2.101

192.168.2.102

OR

[myhosts] freebsd11-nixcraft

freebsd-jail-1

Test FreeBSD Ansible setup

Let us run the uptime command and hostname command on above two hosts i.e. myhosts group as user vivek:

$ ansible -u vivek -i hosts -m raw -a 'uptime' myhosts

$ ansible -u vivek -i hosts -m raw -a 'hostname' myhosts



So you prepare FreeBSD server to be managed by Ansible. Now what? You can do other stuff like install packages, update packages, upgrade FreeBSD and much more be using Ansible playbook.

Writing your first Ansible playbook to manage FreeBSD server

First, update your hosts file to indicate user name and method to become sudo on the remote server. Here is my updated hosts file displayed with the cat command:

$ cat hosts

Sample outputs:

# Setup the user name # Enable sudo usage # Setup ansible of the binary's location, through the ansible_python_interpreter inventory variable [ all:vars ] ansible_user = 'vivek' ansible_become = yes ansible_become_method = sudo ansible_python_interpreter = '/usr/bin/env python3.6' [ myhosts ] freebsd11-box freebsd-jail- 1 # Setup the user name # Enable sudo usage # Setup ansible of the binary's location, through the ansible_python_interpreter inventory variable [all:vars] ansible_user='vivek' ansible_become=yes ansible_become_method=sudo ansible_python_interpreter='/usr/bin/env python3.6' [myhosts] freebsd11-box freebsd-jail-1

A playbook is nothing but scripts/command that executed on the remote box. Create a playbook named freebsd-pkg.yml as follows using a text editor such as ee command or vim command $ vim freebsd-pkg.yml

# Install common packages on all FreeBSD server such as # bash, vnstat, htop and more - hosts : myhosts tasks : - name : Add packages on FreeBSD pkgng : name : rsync,bash,most,bash-completion,vnstat,htop,wget,curl # Install common packages on all FreeBSD server such as # bash, vnstat, htop and more - hosts: myhosts tasks: - name: Add packages on FreeBSD pkgng: name: rsync,bash,most,bash-completion,vnstat,htop,wget,curl

Run it as follows from a control machine:

$ ansible-playbook --ask-become-pass -i hosts freebsd-pkg.yml



Conclusion

And there you have it, and Ansible used to manage FreeBSD boxes without using clients on server. Ansible is pretty easy to setup and use. Ansible works very fast for repeated tasks such as adding users in bulk, installing software, configuring *BSD/Linux/Unix boxes. YAML takes a little time to master but easy to learn. See Ansible documentation for more info here and here.