Ansible Server Init

Installing a Development Server

Today I wanted to get started on writing the server code for SyncItStore so needed to set up a dev server. I started installing Ubuntu Server and was keeping notes on the steps I needed to replicated it.

I created virtual guests on my laptop using libvirt backed by LVM storage with a (Virtual Machine Manager)[] front end.

Installing Ubuntu is a breeze nowadays, I can nearly do it with my eyes closed, but it is the post release stuff that's a little trickier...

Deciding on how to configure the Development Server.

I realise that I should be using something like Puppet or Chef but every time I start researching what is involved they seem overly complicated for my purposes. I'm very capable of doing bits of server admin but figuring out either of those seems too much. I'm mostly a developer so I want something to support my code/configuration, I'm not looking to change profession.

Eventually in my research I came across this Wikipedia article and looked at the table deciding what I wanted... I wanted something that is still being actively maintained, of those I might as well go for one that supports "Verify Mode" as it just seemed like a good idea, so now the list of possibles is down to four! I noticed that Ansible "Manages nodes over SSH and does not require any additional remote software to be installed on them".... Wow that seems perfect, I trust SSH with my whole life, so I'm fine trusting it with my servers!

Installing Ansible

So I read through the Getting Started documentation and decided to give it a go... It's always worth looking to see if there's a package for any software you're going to install already in the Ubuntu repositories, but there wasn't.

    me@laptop:~/Projects/syncitserv $ apt-cache search ansible

No big deal... They supply a PPA for easy installation

    root@laptop:/home/me/Projects/syncitserv# add-apt-repository ppa:rquillo/ansible
root@laptop:/home/me/Projects/syncitserv# apt-get update
root@laptop:/home/me/Projects/syncitserv# apt-cache search ansible

ansible - Ansible Application root@laptop:/home/me/Projects/syncitserv# sudo apt-get install ansible

Installed... What now?

Let's see what we have

    me@laptop:~/Projects/syncitserv $ ansible[TAB][TAB]
ansible ansible-doc ansible-playbook ansible-pull

A few programs

    me@laptop:~/Projects/syncitserv $ ansible --help
Usage: ansible <host-pattern> [options]

module arguments
-k, --ask-pass ask for SSH password
-K, --ask-sudo-pass ask for sudo password
-B SECONDS, --background=SECONDS
run asynchronously, failing after X seconds
connection type to use (default=paramiko)
-f FORKS, --forks=FORKS
specify number of parallel processes to use
-h, --help show this help message and exit
-i INVENTORY, --inventory-file=INVENTORY
specify inventory host file
-l SUBSET, --limit=SUBSET
further limit selected hosts to an additional pattern
--list-hosts dump out a list of hosts matching input pattern, does
not execute any modules!
-m MODULE_NAME, --module-name=MODULE_NAME
module name to execute (default=command)
specify path(s) to module library
-o, --one-line condense output
set the poll interval if using -B (default=15)
use this file to authenticate the connection
-s, --sudo run operations with sudo (nopasswd)
-U SUDO_USER, --sudo-user=SUDO_USER
desired sudo user (default=root)
override the SSH timeout in seconds (default=10)
-t TREE, --tree=TREE log output to this directory
connect as this user (default=me)
-v, --verbose verbose mode (-vvv for more)
--version show program's version number and exit

And it does at least run too, great :-)

The documentation wants you to setup a /etc/ansible/hosts file, which to me seems a bit overkill. I will do work for my full time job on this laptop and work on a few personal projects, so having a centralized list of servers, which require root to edit, does not seem like the right idea. I wanted an ansible/hosts file per project, thankfully it supports it with the -i INVENTORY option.

    me@laptop:~/Projects/syncitserv $ mkdir ansible
me@laptop:~/Projects/syncitserv $ cd ansible/
me@laptop:~/Projects/syncitserv/ansible $ echo '' > _etc_ansible_hosts

me@laptop:~/Projects/syncitserv/ansible $ ansible all -m ping -i _etc_ansible_hosts | FAILED => FAILED: ssh me@ : Private key file is encrypted
To connect as a different user, use -u <username>.

But it does not yet respond to ping requests... But of course, that's the wrong username.

    me@laptop:~/Projects/syncitserv/ansible $ ansible all -m ping -i _etc_ansible_hosts  -u theadmin | success >> {
"changed": false,
"ping": "pong"

Will it work with sudo for root?

    me@laptop:~/Projects/syncitserv/ansible $ ansible all -m ping -i _etc_ansible_hosts  -u theadmin --sudo
ERROR: interupted

Nope, not straight away anyway.

    me@laptop:~/Projects/syncitserv/ansible $  -K
sudo password: | success >> {
"changed": false,
"ping": "pong"

But passing in -K will prompt me for a password, though I don't think that's the press a button to deploy a server option that I want...

Added a sudo record on the new server to stop it asking me for passwords

    root@server:/home/theadmin# echo 'theadmin ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/theadmin_has_sudo

Try again...

    me@laptop:~/Projects/syncitserv/ansible $ ansible all -m ping -i _etc_ansible_hosts  -u theadmin --sudo | success >> {
"changed": false,
"ping": "pong"

So lets see if we can actually run commands...

    me@laptop:~/Projects/syncitserv/ansible $ ansible all -i _etc_ansible_hosts -u theadmin --sudo -m command -a 'ls /' | success | rc=0 >>

Doing something useful

That's a lot of progress with nothing actually achieved, except learning, I think it's always important to get a real step closer to your goal when learning something new. The getting started documentation has a link to Command Line Examples And Next Steps and on there it has a trivial example of using copying a file, but it introduces the concept of modules.

    $ ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts"

Modules area is really where Ansible becomes useful. I wanted to see if I could install mongodb. I visited the modules page and saw there was an apt command and it takes a few parameters, pkg looks like what I need. Looking at the copy example above it seems like src and dest are keys with /etc/hosts and /tmp/hosts being parameters so substituting my pkg in I get the command:

    me@laptop:~/Projects/syncitserv/ansible $ ansible all --sudo -i _etc_ansible_hosts  -u theadmin -m apt -a 'pkg=mongodb | success >> {
"changed": true