diff options
Diffstat (limited to 'ansible_stuff.org')
| -rw-r--r-- | ansible_stuff.org | 480 |
1 files changed, 480 insertions, 0 deletions
diff --git a/ansible_stuff.org b/ansible_stuff.org new file mode 100644 index 0000000..fbb6595 --- /dev/null +++ b/ansible_stuff.org @@ -0,0 +1,480 @@ +* notes on ansible + +* installing ansible via pip +** <2023-10-23 Mon> + +bash-5.2$ python3 -m pip install --user ansible +Collecting ansible + Downloading ansible-8.5.0-py3-none-any.whl (47.5 MB) + ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 47.5/47.5 MB 10.5 MB/s eta 0:00:00 +Collecting ansible-core~=2.15.5 + Downloading ansible_core-2.15.5-py3-none-any.whl (2.2 MB) + ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.2/2.2 MB 11.4 MB/s eta 0:00:00 +Collecting resolvelib<1.1.0,>=0.5.3 + Downloading resolvelib-1.0.1-py2.py3-none-any.whl (17 kB) +Collecting cryptography + Downloading cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl (4.4 MB) + ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 4.4/4.4 MB 11.2 MB/s eta 0:00:00 +Requirement already satisfied: PyYAML>=5.1 in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (6.0) +Requirement already satisfied: packaging in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (21.3) +Collecting importlib-resources<5.1,>=5.0 + Downloading importlib_resources-5.0.7-py3-none-any.whl (24 kB) +Requirement already satisfied: jinja2>=3.0.0 in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (3.0.3) +Requirement already satisfied: MarkupSafe>=2.0 in /usr/lib64/python3.9/site-packages (from jinja2>=3.0.0->ansible-core~=2.15.5->ansible) (2.0.1) +Requirement already satisfied: cffi>=1.12 in /usr/lib64/python3.9/site-packages (from cryptography->ansible-core~=2.15.5->ansible) (1.15.0) +Requirement already satisfied: pyparsing!=3.0.5,>=2.0.2 in /usr/lib64/python3.9/site-packages (from packaging->ansible-core~=2.15.5->ansible) (2.4.7) +Requirement already satisfied: pycparser in /usr/lib64/python3.9/site-packages (from cffi>=1.12->cryptography->ansible-core~=2.15.5->ansible) (2.21) +Installing collected packages: resolvelib, importlib-resources, cryptography, ansible-core, ansible + WARNING: The scripts ansible, ansible-config, ansible-connection, ansible-console, ansible-doc, ansible-galaxy, ansible-inventory, ansible-playbook, ansible-pull and ansible-vault are installed in '/home/dpierre/.local/bin' which is not on PATH. + Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location. + WARNING: The script ansible-community is installed in '/home/dpierre/.local/bin' which is not on PATH. + Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location. +Successfully installed ansible-8.5.0 ansible-core-2.15.5 cryptography-41.0.4 importlib-resources-5.0.7 resolvelib-1.0.1 +bash-5.2$ echo $PATH +/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib64/libexec/kf5:/usr/lib64/qt5/bin +bash-5.2$ export PATH=$PATH:~/.local/bin +bash-5.2$ echo $PATH +/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib64/libexec/kf5:/usr/lib64/qt5/bin:/home/dpierre/.local/bin +bash-5.2$ +bash-5.2$ +bash-5.2$ python3 -m pip install --user ansible +Requirement already satisfied: ansible in /home/dpierre/.local/lib/python3.9/site-packages (8.5.0) +Requirement already satisfied: ansible-core~=2.15.5 in /home/dpierre/.local/lib/python3.9/site-packages (from ansible) (2.15.5) +Requirement already satisfied: cryptography in /home/dpierre/.local/lib/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (41.0.4) +Requirement already satisfied: PyYAML>=5.1 in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (6.0) +Requirement already satisfied: jinja2>=3.0.0 in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (3.0.3) +Requirement already satisfied: resolvelib<1.1.0,>=0.5.3 in /home/dpierre/.local/lib/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (1.0.1) +Requirement already satisfied: importlib-resources<5.1,>=5.0 in /home/dpierre/.local/lib/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (5.0.7) +Requirement already satisfied: packaging in /usr/lib64/python3.9/site-packages (from ansible-core~=2.15.5->ansible) (21.3) +Requirement already satisfied: MarkupSafe>=2.0 in /usr/lib64/python3.9/site-packages (from jinja2>=3.0.0->ansible-core~=2.15.5->ansible) (2.0.1) +Requirement already satisfied: cffi>=1.12 in /usr/lib64/python3.9/site-packages (from cryptography->ansible-core~=2.15.5->ansible) (1.15.0) +Requirement already satisfied: pyparsing!=3.0.5,>=2.0.2 in /usr/lib64/python3.9/site-packages (from packaging->ansible-core~=2.15.5->ansible) (2.4.7) +Requirement already satisfied: pycparser in /usr/lib64/python3.9/site-packages (from cffi>=1.12->cryptography->ansible-core~=2.15.5->ansible) (2.21) +bash-5.2$ ll ~/.local/bin +bash: ll: command not found +bash-5.2$ alias ll='ls -al' +bash-5.2$ ll ~/.local/bin +total 56 +drwxr-xr-x 2 dpierre users 4096 Oct 23 12:18 . +drwx------ 5 dpierre users 4096 Oct 23 12:18 .. +-rwxr-xr-x 1 dpierre users 216 Oct 23 12:18 ansible +-rwxr-xr-x 1 dpierre users 236 Oct 23 12:18 ansible-community +-rwxr-xr-x 1 dpierre users 217 Oct 23 12:18 ansible-config +-rwxr-xr-x 1 dpierre users 246 Oct 23 12:18 ansible-connection +-rwxr-xr-x 1 dpierre users 218 Oct 23 12:18 ansible-console +-rwxr-xr-x 1 dpierre users 214 Oct 23 12:18 ansible-doc +-rwxr-xr-x 1 dpierre users 217 Oct 23 12:18 ansible-galaxy +-rwxr-xr-x 1 dpierre users 220 Oct 23 12:18 ansible-inventory +-rwxr-xr-x 1 dpierre users 219 Oct 23 12:18 ansible-playbook +-rwxr-xr-x 1 dpierre users 215 Oct 23 12:18 ansible-pull +-rwxr-xr-x 1 dpierre users 1700 Oct 23 12:18 ansible-test +-rwxr-xr-x 1 dpierre users 216 Oct 23 12:18 ansible-vault + +bash-5.2$ ansible --version +ansible [core 2.15.5] + config file = None + configured module search path = ['/home/dpierre/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] + ansible python module location = /home/dpierre/.local/lib/python3.9/site-packages/ansible + ansible collection location = /home/dpierre/.ansible/collections:/usr/share/ansible/collections + executable location = /home/dpierre/.local/bin/ansible + python version = 3.9.18 (main, Sep 15 2023, 12:58:45) [GCC 13.2.0] (/usr/bin/python3) + jinja version = 3.0.3 + libyaml = True + + +bash-5.2$ ansible-community --version +Ansible community version 8.5.0 + + +bash-5.2$ python3 -m pip install --user argcomplete +Collecting argcomplete + Downloading argcomplete-3.1.2-py3-none-any.whl (41 kB) + ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 41.5/41.5 kB 2.3 MB/s eta 0:00:00 +Installing collected packages: argcomplete +Successfully installed argcomplete-3.1.2 + + +bash-5.2$ pip3 list +Package Version +----------------------------- --------- +alabaster 0.7.12 +ansible 8.5.0 +ansible-core 2.15.5 +appdirs 1.4.4 +argcomplete 3.1.2 +Babel 2.10.1 +Brotli 1.1.0 +build 0.10.0 +caca 0.99b20 +certifi 2021.10.8 +cffi 1.15.0 +chardet 4.0.0 +charset-normalizer 2.0.10 +cryptography 41.0.4 +cupshelpers 1.0 +Cython 0.29.36 +distro 1.6.0 +dnspython 2.1.0 +docutils 0.17.1 +doxypypy 0.8.8.6 +doxyqml 0.5.1 +flit_core 3.9.0 +future 0.18.2 +getmail6 6.18.13 +glad2 2.0.4 +gyp 0.1 +idna 3.3 +imagesize 1.3.0 +importlib-metadata 5.0.0 +importlib-resources 5.0.7 +include_server 3.4 +installer 0.7.0 +Jinja2 3.0.3 +kapidox 5.111.0 +libwebp 0.0 +lxml 4.9.3 +M2Crypto 0.38.0 +Mako 1.1.6 +Markdown 3.3.4 +MarkupSafe 2.0.1 +mercurial 6.5.2 +meson 1.2.3 +netsnmp-python 1.0a1 +nftables 0.1 +notify2 0.3.1 +packaging 21.3 +pbr 5.8.0 +Pillow 8.4.0 +pip 22.2.2 +ply 3.11 +pssh 2.3.5 +pycairo 1.20.1 +pycparser 2.21 +pycups 2.0.1 +pycurl 7.44.1 +Pygments 2.10.0 +PyGObject 3.44.1 +pyparsing 2.4.7 +pyproject_hooks 1.0.0 +PyQt5 5.15.2 +PyQt5_sip 4.19.25 +pysol-cards 0.12.0 +python-sane 2.9.1 +pytz 2022.1 +pyxdg 0.27 +PyYAML 6.0 +QScintilla 2.11.6 +random2 1.0.1 +requests 2.26.0 +resolvelib 1.0.1 +rpm 4.18.1 +SCons 4.5.2 +setuptools 65.1.1 +setuptools-scm 6.4.2 +sip 4.19.25 +six 1.16.0 +snowballstemmer 2.2.0 +Sphinx 4.5.0 +sphinxcontrib-applehelp 1.0.2 +sphinxcontrib-devhelp 1.0.2 +sphinxcontrib-htmlhelp 2.0.0 +sphinxcontrib-jsmath 1.0.1 +sphinxcontrib-qthelp 1.0.3 +sphinxcontrib-serializinghtml 1.1.5 +tomli 1.2.2 +tomli_w 1.0.0 +undervolt 0.3.0 +urllib3 1.26.8 +wheel 0.41.1 +zenmap 7.94 +zipp 3.8.0 + + +bash-5.2$ ll ~/.local/bin +total 72 +drwxr-xr-x 2 dpierre users 4096 Oct 23 12:30 . +drwx------ 5 dpierre users 4096 Oct 23 12:18 .. +-rwxr-xr-x 1 dpierre users 4707 Oct 23 12:30 activate-global-python-argcomplete +-rwxr-xr-x 1 dpierre users 216 Oct 23 12:18 ansible +-rwxr-xr-x 1 dpierre users 236 Oct 23 12:18 ansible-community +-rwxr-xr-x 1 dpierre users 217 Oct 23 12:18 ansible-config +-rwxr-xr-x 1 dpierre users 246 Oct 23 12:18 ansible-connection +-rwxr-xr-x 1 dpierre users 218 Oct 23 12:18 ansible-console +-rwxr-xr-x 1 dpierre users 214 Oct 23 12:18 ansible-doc +-rwxr-xr-x 1 dpierre users 217 Oct 23 12:18 ansible-galaxy +-rwxr-xr-x 1 dpierre users 220 Oct 23 12:18 ansible-inventory +-rwxr-xr-x 1 dpierre users 219 Oct 23 12:18 ansible-playbook +-rwxr-xr-x 1 dpierre users 215 Oct 23 12:18 ansible-pull +-rwxr-xr-x 1 dpierre users 1700 Oct 23 12:18 ansible-test +-rwxr-xr-x 1 dpierre users 216 Oct 23 12:18 ansible-vault +-rwxr-xr-x 1 dpierre users 2605 Oct 23 12:30 python-argcomplete-check-easy-install-script +-rwxr-xr-x 1 dpierre users 1993 Oct 23 12:30 register-python-argcomplete + + +bash-5.2$ acivate-global-python-argcomplete --user +bash: acivate-global-python-argcomplete: command not found +(failed reverse-i-search)`': ll ~/^Cocal/bin +bash-5.2$ echo $PATH +/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib64/libexec/kf5:/usr/lib64/qt5/bin:/home/dpierre/.local/bin +bash-5.2$ ~/.local/bin/activate-global-python-argcomplete --user +Argcomplete was installed in the user site local directory. Defaulting to user installation. +Adding shellcode to /home/dpierre/.zshenv... +Added. +Adding shellcode to /home/dpierre/.bash_completion... +Added. +Please restart your shell or source the installed file to activate it. +bash-5.2$ +bash-5.2$ +bash-5.2$ ll +total 104 +drwx--x--x 18 dpierre users 4096 Oct 23 12:38 . +drwxr-xr-x 5 root root 4096 Oct 9 13:23 .. +-rw------- 1 dpierre users 63 Oct 23 11:55 .Xauthority +drwxr-xr-x 3 dpierre users 4096 Oct 23 12:26 .ansible +-rw-r--r-- 1 dpierre users 165 Oct 23 12:38 .bash_completion +-rw------- 1 dpierre users 403 Oct 22 18:25 .bash_history +drwx------ 20 dpierre users 4096 Oct 23 12:34 .cache +drwxr-xr-x 15 dpierre users 4096 Oct 23 12:38 .config +drwx------ 3 dpierre users 4096 Oct 17 14:20 .dbus +drwx------ 3 dpierre users 4096 Oct 23 12:23 .emacs.d +-rw-r--r-- 1 dpierre users 270 Oct 23 11:55 .gtkrc-2.0 +drwxr-xr-x 2 dpierre users 4096 Oct 23 11:55 .hplip +-rw------- 1 dpierre users 20 Oct 17 14:16 .lesshst +drwx------ 5 dpierre users 4096 Oct 23 12:18 .local +drwx------ 4 dpierre users 4096 Oct 17 14:29 .mozilla +-rw-r--r-- 1 dpierre users 3729 Feb 1 2022 .screenrc +-rw------- 1 dpierre users 63 Oct 23 11:55 .serverauth.1719 +-rw-r--r-- 1 dpierre users 160 Oct 23 12:38 .zshenv +drwxr-xr-x 2 dpierre users 4096 Oct 23 12:34 Desktop +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Documents +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Downloads +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Music +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Pictures +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Public +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Templates +drwxr-xr-x 2 dpierre users 4096 Oct 17 14:20 Videos +bash-5.2$ + + +since i installed ansible locally i assume much of my configurations +are local as well. In the docs +https://docs.ansible.com/ansible/latest/installation_guide/intro_configuration.html#getting-the-latest-configuration +it states that one can view the configuration in +'/etc/ansible/ansible.cfg' + +bash-5.2$ ansible-config list +... +... +... + + +bash-5.2$ ansible-config view +ERROR! Invalid or no config file was supplied + + +after viewing +https://docs.ansible.com/ansible/latest/cli/ansible-config.html + +seems i need to create an '~/.ansible.cfg' that will override any +other config files created 'globally'. There is no global one in my +case. + +more info on configuration precedence can be found here. +https://docs.ansible.com/ansible/latest/reference_appendices/config.html + + +bash-5.2$ ansible-config init --disabled -t all > ansible.cfg +bash-5.2$ cp -arv ansible_all.cfg .ansible.cfg +bash-5.2$ chmod 600 .ansible.cfg + +to get a list of all configuration options w/ my setup + +bash-5.2$ ansible-config list > ansible-config-list.txt + + +reviewing building our inventory +https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html + +bash-5.2$ +bash-5.2$ +bash-5.2$ +bash-5.2$ + +** <2023-10-24 Tue> + +decided it would be nice to have another host to play around with so +i dusted off 'bbox' and logged into it from 'boom2' + +bash-5.2$ ssh-keygen -t ed25519 -C "bbox test from boom2" -f ~/.ssh/20231024bbox +Generating public/private ed25519 key pair. +Created directory '/home/dpierre/.ssh'. +Enter passphrase (empty for no passphrase): +Enter same passphrase again: +Your identification has been saved in /home/dpierre/.ssh/20231024bbox +Your public key has been saved in /home/dpierre/.ssh/20231024bbox.pub +The key fingerprint is: +SHA256:UpDK1R9LlJ30unU6vDGyJ0tDFdc/6dHPMlYHTSQZWIs bbox test from boom2 +The key's randomart image is: ++--[ED25519 256]--+ +| .o ..+.+=*=| +| o.. + +oo=o| +| . o .o oE +.+| +| o . o o +=| +| . S o oo*| +| . . +++o| +| =.*o | +| ..+.= | +| o+. | ++----[SHA256]-----+ +bash-5.2$ +bash-5.2$ +bash-5.2$ ssh-keygen -l -f ~/.ssh/20231024bbox +256 SHA256:UpDK1R9LlJ30unU6vDGyJ0tDFdc/6dHPMlYHTSQZWIs bbox test from boom2 (ED25519) +bash-5.2$ ll ~/.ssh/ +total 16 +drwx------ 2 dpierre users 4096 Oct 24 14:16 . +drwx--x--x 19 dpierre users 4096 Oct 24 14:16 .. +-rw------- 1 dpierre users 464 Oct 24 14:16 20231024bbox +-rw-r--r-- 1 dpierre users 102 Oct 24 14:16 20231024bbox.pub + + + +i had a little dilemma as i cannot log into 'bbox' w/out using an ssh +key; so i needed to get my newly created pubkey inserted as line entry +inside of 'dpierre@bbox:~/.ssh/authorized_keys'. + +since i can log into 'bbox' from 'boom' i copied the +'~/.ssh/20231024bbox.pub' to a USB key. then copied that file over to +'boom' and from there logged into 'bbox' and appended the line inside +of 'dpierre@bbox:~/.ssh/authorized_keys'. + +i was able to test it easily... + + +bash-5.2$ ssh -i ~/.ssh/20231024bbox dpierre@192.168.0.220 +The authenticity of host '192.168.0.220 (192.168.0.220)' can't be established. +ED25519 key fingerprint is SHA256:KIFNv05/0KyoX0hfK8U4ILud0fP+BVeeAhHMlakXumo. +This key is not known by any other names. +Are you sure you want to continue connecting (yes/no/[fingerprint])? yes +Warning: Permanently added '192.168.0.220' (ED25519) to the list of known hosts. +Enter passphrase for key '/home/dpierre/.ssh/20231024bbox': +Last login: Tue Oct 24 13:31:18 2023 from 192.168.0.148 +Linux 5.15.19. + +For those who like this sort of thing, this is the sort of thing they like. + -- Abraham Lincoln + +dpierre@bbox:~$ ll +-bash: ll: command not found +dpierre@bbox:~$ alias ll='ls -al' +dpierre@bbox:~$ ll +... +... +dpierre@bbox:~$ +logout +Connection to 192.168.0.220 closed. + + +- edited '~/.ansible.cfg' + - uncommeted / added the following entry under the [default] entry + private_key_file=~/.ssh/20231024bbox + + - uncommeted/edited this line from: + ;inventory=/etc/ansible/hosts + + -to- + + ;inventory=~/.ansible/hosts + + https://www.educba.com/ansible-hosts-file/ + +** <2023-10-29 Sun> + +- created '~/.ansible/hosts' file like so: + + #+begin_src + [test] + 192.168.0.220 + + [dev] + 192.168.0.220 + #+end_src + +- i ran the following commands + +ansible all --list-hosts +ansible-inventory --list +ansible-inventory --graph + +ansible all -m ping +ansible dev -m ping + + +- create a file on a host using ansible + https://phoenixnap.com/kb/ansible-create-file + +- need to learn a lil something about how playbooks are structured + https://www.digitalocean.com/community/tutorial-series/how-to-write-ansible-playbooks + +- created the following playbook + + #+name: ~/ansible-practice/01-playbook-hello.yml + #+begin_src yaml + --- + - hosts: all + tasks: + - name: Print message + debug: + msg: Hello Ansible World + #+end_src + +** <2023-10-30 Mon> + +- make sure to setup my path correctly so that the ansible executable + can be found + +bash-5.2$ export PATH=$PATH:~/.local/bin +bash-5.2$ echo $PATH + +- test our recently made playbook + + bash-5.2$ cd ~/ansible-practice/ + bash-5.2$ ansible-playbook 01-playbook-hello.yml + +- created a playbook that only works locally and simply prints out the + current directory + https://www.middlewareinventory.com/blog/run-ansible-playbook-locally/ + + #+name: ~/ansible-practice/02-playbook-local-test.yml + #+begin_src yaml + --- + - name: "Playing with Ansible localhost" + hosts: localhost + connection: local + tasks: + - name: "just execute a ls -lrt command" + shell: "ls -lrt" + register: "output" + + - debug: var=output.stdout_lines + #+end_src + + - some other suggestions to run commands locally + + bash-5.2$ ansible localhost -m ping + bash-5.2$ ansible localhost -m shell -a "ls -alrt" + + - an interesting way to run a playbook meant for external + hosts...but locally: + + bash-5.2$ ansible-playbook --connection=local --inventory 127.0.0.1, --limit 127.0.0.1 01-playbook-hello.yml + +- seems i dont understand YAML well enuf + https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html + +** <2023-11-02 Thu> + +some definitions of things: + +- control node = my ansible server +- managed node(s) = target systems |