1
00:00:00,000 --> 00:00:12,240
In this video, you'll get a quick introduction to setting up Ansible for configuration management.

2
00:00:12,240 --> 00:00:16,799
Let's first talk about the requirements. There is a control host. That is where you are going

3
00:00:16,799 --> 00:00:23,080
to push the desired state to the managed machines. And a control host, I would say you send to

4
00:00:23,080 --> 00:00:28,760
a stream or similar, but the control host can be anything nowadays. Ansible control

5
00:00:28,760 --> 00:00:36,520
hosts run successfully on any Linux distributions, on Windows, on Mac OS. But as Ansible is owned

6
00:00:36,520 --> 00:00:44,160
by Red Hat, integration is probably easier on Red Hat based distributions. Also on the

7
00:00:44,160 --> 00:00:49,080
control host, you need to set up hostname resolving for all managed nodes, unless you

8
00:00:49,080 --> 00:00:54,720
want to contact these nodes by IP address. And you generate SSH keys and copy over to

9
00:00:54,720 --> 00:01:01,000
the managed host to make sure that your current Ansible user on the control host can connect

10
00:01:01,000 --> 00:01:06,680
to the managed host without any issues. And next you install the Ansible software. You

11
00:01:06,680 --> 00:01:12,000
create an inventory file, and that's about it. Then on the managed host, you ensure that

12
00:01:12,000 --> 00:01:17,599
Python is installed. That shouldn't be a big deal nowadays, as Python is a part of the

13
00:01:17,599 --> 00:01:24,400
minimal Linux configuration. All Linux distributions, except for the very minimal cloud-based distributions,

14
00:01:24,800 --> 00:01:31,839
have Python on board. You need to enable SSH access, and you need to make sure that you

15
00:01:31,839 --> 00:01:36,959
have a user with sudo privileges. If you want to make it easier, and that's what we are

16
00:01:36,959 --> 00:01:43,639
going to do here, that should be a password-less sudo privileges. But don't worry, in order

17
00:01:43,639 --> 00:01:48,559
to use Ansible, you can do it a secure way as well and make sure that passwords are used

18
00:01:48,680 --> 00:01:54,599
in order to push the configurations. So how do we set up Ansible? Well, on the managed

19
00:01:54,599 --> 00:02:00,400
host, like Ubuntu for instance, you need to make sure that you install OpenSSH server.

20
00:02:00,400 --> 00:02:05,599
And then on the control host, you install the Ansible core package. You make sure that

21
00:02:05,599 --> 00:02:10,520
you have your hostname resolution set up. You generate some SSH keys, copy that key

22
00:02:10,520 --> 00:02:17,080
for the same user to the managed machine, and then you update your inventory. And then

23
00:02:17,080 --> 00:02:22,880
it's time for the first command, which could be ansible ubuntu minus mping, which is using

24
00:02:22,880 --> 00:02:28,759
the ping module, which is an Ansible module. Ansible is doing its work by using modules.

25
00:02:28,759 --> 00:02:35,600
Minus i inventory is using the inventory. Minus your student is using your student user,

26
00:02:35,600 --> 00:02:40,440
which should be the current user in this example. And minus uppercase K will prompt for the

27
00:02:40,440 --> 00:02:46,759
sudo password. Let me show you. So here I have the Ubuntu host that I want to use,

28
00:02:46,759 --> 00:02:52,240
and I need the IP address. It's giving me lots of information. But here is the information

29
00:02:52,240 --> 00:02:58,919
that is relevant. The IP address ends in 146. Next, I need to make sure that I do my sudo

30
00:02:58,919 --> 00:03:08,919
apt install OpenSSH-server. This is an Ubuntu desktop, and Ubuntu desktop does not have

31
00:03:08,919 --> 00:03:15,440
OpenSSH-server by default. So make sure you install it. Fortunately, on server editions,

32
00:03:15,440 --> 00:03:21,520
you normally do have SSH installed. And now I'm going to set up my control host. In order

33
00:03:21,520 --> 00:03:28,479
to set up the control host, I need to be student user. I don't have to be the root user. First,

34
00:03:28,479 --> 00:03:36,960
I'm installing the Ansible package using sudo dnf install minus y ansible-core. As a quick

35
00:03:36,960 --> 00:03:42,119
check, I'm using Ansible minus minus version, which is showing that this has installed Ansible

36
00:03:42,119 --> 00:03:56,360
version 2.16.14. So Ansible is installed. Next, I'm going to use sudo sh-c echo 192.168.29.146.

37
00:03:56,360 --> 00:04:06,679
I'm calling it ubuntu.example.com, short name Ubuntu. And I'm redirecting this to etc hosts.

38
00:04:06,679 --> 00:04:14,399
Let's use double quotes. No need to use single quotes. Now, what is this command doing? Well,

39
00:04:14,399 --> 00:04:20,000
we are running sudo. But the problem is that there's a redirect, and the redirect causes

40
00:04:20,000 --> 00:04:28,000
confusion. And that is why I'm using sudo on the command sh-c, where sh-c executes the entire

41
00:04:28,000 --> 00:04:34,239
command, including the redirect. If ever you want to use composed commands that have a redirect or

42
00:04:34,239 --> 00:04:41,600
a pipe in them in sudo, it is wise to use sudo sh-c in the entire command between double quotes.

43
00:04:43,279 --> 00:04:49,200
So as the result, I should be able to ping Ubuntu. So this proves that I can reach the

44
00:04:49,200 --> 00:04:55,760
Ubuntu machine by its name. Now I'm going to generate SSH keys. For this demo, I want to

45
00:04:55,760 --> 00:05:01,359
keep it simple. So I'm using my current sudo enabled user account, which is a student user.

46
00:05:01,359 --> 00:05:08,079
Ubuntu has a student user as well. So I'm using ssh-keygen to generate a public private key pair,

47
00:05:08,079 --> 00:05:16,239
and then ssh copy ID to Ubuntu, which is copying my public key over to Ubuntu.

48
00:05:16,959 --> 00:05:23,679
I need to enter the password once. And now we have passwordless authentication

49
00:05:24,799 --> 00:05:31,200
on the remote host. A quick check when I use SSH Ubuntu. I'm on the Ubuntu machine

50
00:05:31,760 --> 00:05:39,040
using exit, and I'm back. Okay, now I need to create a so-called inventory. Echo Ubuntu

51
00:05:39,600 --> 00:05:45,359
greater than, greater than inventory. The inventory file for Ansible identifies all

52
00:05:45,359 --> 00:05:51,040
the managed assets. So it's a pretty important file. Without an inventory file, Ansible only

53
00:05:51,040 --> 00:05:57,440
knows localhost. So Ansible doesn't use hostname resolution. When you are going to use an Ansible

54
00:05:57,440 --> 00:06:03,600
command, Ansible uses inventory to find more information about managed hosts. And now I can

55
00:06:03,679 --> 00:06:10,160
use a so-called Ansible ad hoc command. Doing that using Ansible Ubuntu minus m ping minus

56
00:06:10,160 --> 00:06:16,239
i inventory. I'm using the ping module. The ping module, in fact, is a Python script that can be

57
00:06:16,239 --> 00:06:23,200
used to ping assets in Ansible. Minus i inventory is telling Ansible to use the inventory file I

58
00:06:23,200 --> 00:06:30,480
just created in my current directory. Minus u student is using the student user, which is my

59
00:06:30,480 --> 00:06:36,239
current user account. And not really necessary here, but let me show you anyway. Minus uppercase

60
00:06:36,239 --> 00:06:44,480
k will prompt for the sudo password at the other side. So there we go. Here is the become password.

61
00:06:44,480 --> 00:06:50,880
I'm entering it. And here we see the result of the Ansible ping module. So what does that mean?

62
00:06:50,880 --> 00:06:55,119
Congratulations, you just successfully ran your first Ansible command.