.png) |
| ANSIBLE |
Ansible controller Configuration:
- Update the system packages:
sudo yum update -y
- Run the following command to install Ansible 2:
sudo amazon-linux-extras install ansible2
- Verify the installation: Once the installation is complete, you can verify Ansible by checking its version:
ansible --version
Node Configuration:
Enabling root SSH access and password-based authentication is generally discouraged for security reasons. It is recommended to use SSH key-based authentication and limit the use of the root user for improved security. However, if you still wish to configure root SSH access and password authentication, here's how you can do it:
1. Connect to your Amazon Linux instance using SSH with a user account that has sudo privileges.
2. Edit the SSH daemon configuration file (`sshd_config`) using a text editor such as `nano` or `vi`:
sudo vi /etc/ssh/sshd_config
3. Locate the following lines in the `sshd_config` file and modify them as shown: line no 38,61,63
- PermitRootLogin yes
- PasswordAuthentication yes
Note: Uncommenting and modifying these lines will enable root SSH access and password-based authentication.
4. Save the changes to the `sshd_config` file and exit the text editor.
5. Restart the SSH service to apply the changes:
sudo service sshd restart
6. Set a password for the root user if it doesn't have one:
sudo passwd root
Enter and confirm the new password when prompted.
You have now enabled root SSH access and password-based authentication on your Amazon Linux instance. Please keep in mind that this configuration increases the vulnerability of your system, and it is recommended to use SSH key-based authentication and restrict the root user access for better security.
Testing Connectivity between Ansible controller and Node
To establish a connection between an Ansible controller and target nodes, you need to ensure that SSH connectivity is set up properly. Ansible uses SSH to connect to the target nodes and execute commands remotely. Here are the steps to establish the SSH connection:
1. SSH Key Pair: Generate an SSH key pair on the Ansible controller machine (if you don't have one already). You can use the `ssh-keygen` command to generate the keys:
ssh-keygen
2. Distribute the Public Key: Copy the public key (`~/.ssh/id_rsa.pub`) from the Ansible controller to the target nodes. You can use the `ssh-copy-id` command to automatically copy the public key to the target nodes:
ssh-copy-id user@<target-node-ip>
Replace `user` with the username on the target node and `<target-node-ip>` with the IP address or hostname of the target node. Repeat this step for each target node you want to connect to.
Note:If the `ssh-copy-id` command is not available, you can manually append the contents of the public key (`~/.ssh/id_rsa.pub`) to the `~/.ssh/authorized_keys` file on the target nodes.
3. SSH Connectivity Test: Verify that the SSH connectivity is working correctly by manually SSH-ing into the target nodes from the Ansible controller:
ssh user@<target-node-ip>
If the SSH connection is successful, you should be able to log in to the target node without entering a password.
4. Ansible Inventory: Create an Ansible inventory file (e.g., `hosts`) to define the target nodes and their connection details. The inventory file typically resides in `/etc/ansible/hosts` or a custom location. Here's an example:
[target-nodes]
<target-node-ip-1>
Replace `<target-node-ip-X>` with the IP addresses or hostnames of the target nodes you want to manage.
5. Ansible Configuration: Ensure that Ansible is properly configured on the Ansible controller. The configuration file (`ansible.cfg`) can be found in `/etc/ansible/ansible.cfg` or a custom location. Make sure that the `inventory` parameter in the configuration file points to the correct inventory file you created in the previous step.
6. Test Connection: You can test the connectivity to the target nodes using the `ping` module of Ansible:
ansible all -m ping
This command should initiate a connection to all the target nodes defined in the inventory file and return the results.
If the SSH connection is successfully established and Ansible can connect to the target nodes using the inventory, you are ready to manage and execute tasks on the target nodes using Ansible commands and playbooks from the Ansible controller.
