-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAnsible-Training.sh
175 lines (122 loc) · 6.15 KB
/
Ansible-Training.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
Ansible galaxy - hub of packages
sccm - widows configuration managemen tool
https://github.com/yogeshraheja
==============
######################## SETUP #########################################
########################################################################
########################################################################
linux cmds
hostnamectl set-hostname <new hostname> ## set host name
systemctl restart <servicename> ## start service
systemctl status <servicename> ## status service
find \-name index.html ## find the file by name
id username ## check the user details
rpm -ql <package name> | grep -i index.html ## search with in index
## Register the host name to resolve ip and making network connection
## do this in both master and client
ip addr
vi /ect/hosts/
ip master-hostname
ip client-hostname
## List all the repo
yum repolist
## List only the ansible repo
yum list | grep -i ansible
## Check the os release
cat /etc/*release
## find the mapping repo url from document install the repo as per the product version
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
## To refresh the repo list
yum repolist
## Install ansible
yum install ansible
## Create ansible cluste
Add the client name in /etc/ansible/host name
## ping to client from master
ansible "client" -m ping --ask-pass
## To disable the fingerprint check disable the property in /etc/ansible/ansible.cfg property file
host_key_checking = False
## generate key pair
ssh-keygen
## copy the public key from master and register the public in client machine
In master
Key source will be shown at the time of ssh-keygen
In client machine
/root/.ssh/authorized_keys
add the public key in authorized_keys
or
ssh-copy-id client > to copy the public key to client machine
## Allow key based authentication on client
/etc/ssh/sshd_config = config to allow the key based authentication
PubkeyAuthentication yes
systemctl restart sshd -> restart the ssh service
=============================================================================================
## Ad-hoc commands
ansible <client-name> -m <module-name> -a "<attributes like a1=value, a2=value>"
## to get the modules
ansible-doc -l | grep -i <search string>
ansible-doc -l | grep user | more
## command is the default module. This is defined ansible.cfg file.
ansible "client" -m command -a "uptime"
ansible "client" -m command -a "cat /etc/os-release" or ansible "client" -m shell -a "cat /etc/*release"
ansible "client" -m yum -a "name=telnet state=present"
ansible "client" -m user -a "name=pragathees uid=9999 state=present"
ansible "client" -m group -a "name=thinknyxtest gid=8888 state=present"
ansible "client" -m file -a "path=/tmp/myfile state=touch owner=root group=root mode=0777"
ansible "client" -m copy -a "dest=/tmp src=/var/log/messages"
ansible "client" -m file -a "path=/var/tmp/mytestdir state=directory owner=pragathees group=thinknyxtest mode=0777"
ansible "client" -m copy -a "dest=/tmp/myfile content='Hello this is my first file'" or
ansible "client" -m lineinfile -a "path=/tmp/myfile2 line='Hello this is my first file' create=yes"
ansible "client" -m fetch -a "src=/tmp/myfile dest=/tmp/client/myfile"
ansible "client" -m user -a "name=yougeshtest uid=7777 state=present groups=thinknyxtest"
ansible "client" -m script -a /var/tmp/test.sh ## Script name passed as Free form attributes
test.sh
{
#!/bin/sh
useradd testuser
touch /tmp/testfile
mkdir /tmp/testdir
echo "mytestoutput"
}
ansible all -i localhost, -m debug -a "msg={{ 'Thinknyx' | password_hash('sha512', 'mysecretsalt') }}"
ansible "client" -m user -a "name=pragatheestest uid=5555 state=present password=$6$mysecretsalt$qJbapG68nyRab3gxvKWPUcs2g3t0oMHSHMnSKecYNpSi3CuZm.GbBqXO8BE6EI6P1JUefhA0qvD7b5LSh./PU1"
##################################################################################################################################
##################################################################################################################################
##################################################################################################################################
##################################################################################################################################
## Playbooks
# General structure
{
GeneralInfo
Task
Handlers
}
name is the key word to describe the details
ignore_errors: yes - key work at task level
ansible-playbook filename --syntax-check ## To check the syntax
ansible-playbook filename --check ## Dry run
ansible-playbook filename ## run
ansible-playbook filename --tags=tagname ## run
gateher_facts: no ## to disable the gathering part to avoid the network loading. In this case we can't use the default variables
################################################################################################
################################################################################################
################################################################################################
ansible client -m setup | grep -i ansible_
################################################################################################
################################################################################################
################################################################################################
## structured and shareable format of playbooks
ansible-galaxy role -h
ansible-galaxy role init
## Galaxy - collection of role. https://galaxy.ansible.com/
ansible-galaxy role search keytosearch
ansible-galaxy role install authername.rolename ## install the role from web
ansible-galaxy role install authername.rolename --role-path=/etc/cutomefolder to download the ansible roles from web
################################################################################
################################################################################
Ansible vault - password protection of ansible files
ansible-vault create filename.yaml
## to run this file as playbook, need to pass --ask-vault-pass
ansible-playbook filename.yml --ask-vault-pass
###########
awx - UI tower like application to manage from UI