Ansible quick guide

As you start setting up swarms, you quickly get tired of doing the same commands all over the place, on each node that is.

In this blog post, we are going to document a quick (and dirty) way to start using ansible and that to run some shell commands on the whole swarm, be it to set it up or do some housekeeping.

Ansible. Deploy apps. Manage systems. Crush complexity. Ansible helps you build a strong foundation for DevOps.

Let's go.

Preparation

first off, let's install ansible and sshpass:

This is as easy as doing:

apt-get install ansible -y
apt-get install sshpass -y

Ansible needs to be able to access the machines, and we don't want to type each time a password. So we basically need to configure ssh password based or passwor-dless based access to the machines.

This post will show both:

Configure password based logins

Make sure to backup the ansible configuration before we mess everything:
sudo cp /etc/ansible/hosts /etc/ansible/hosts.orig

Let's edit it, sudo vi /etc/ansible/hosts:

[all:vars]
ansible_port=22
ansible_connection=ssh
ansible_ssh_user=uburoot
ansible_ssh_pass=uburoot

[workers]
mx7264vm
mx7265vm

Time to run some ansible commands!

Let's try:

ansible all -m shell -a "docker ps"

mx7264vm | SUCCESS | rc=0 >>
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

mx7265vm | SUCCESS | rc=0 >>
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

Ok, nothing is running on the cluster.

To see how the Docker daemons are getting started:

ansible all -m shell -a "pgrep -a docker"

To claim some disk space back:

ansible all -m shell -a "docker system prune --all --force"

I hope you get the idea :)

Configure password-less based logins

Let's first generate an ssh key on the first machine:

ssh-keygen -t rsa

Always from the first machine, login to the second machine and create the .ssh folder:

ssh uburoot@mx7265vm mkdir -p .ssh

Now, we should add the public key to the authorized_keys on the target machine:

cat /root/.ssh/id_rsa.pub | ssh uburoot@mx7265vm 'cat >> .ssh/authorized_keys'

If all went according to plan, you should be able to ssh into the second machine without entering a password! Sweet.

ssh uburoot@mx7264vm

Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-53-generic x86_64)
root@mx7264vm:~#

Do that for all your machines, or use an ansible password based script to set this up and then switch to a password-less login.

In a later post we will write a playbook most probably to configure the Docker daemon flags (connect to an internal registry or to connect to a host socket...)

Stay tuned!

Comments

comments powered by Disqus