====== Instalando e configurando o Ansible ======

===== Instalação =====

<code bash>
$ vagrant ssh automation
Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-53-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.
Last login: Wed Mar  1 21:01:57 2023 from 192.168.121.1
vagrant@automation:~$
</code>

<code bash>
$ sudo apt update
$ sudo apt install software-properties-common
$ sudo add-apt-repository --yes --update ppa:ansible/ansible
$ sudo apt install -y ansible
</code>

<code bash>
$ ansible --version 
ansible [core 2.14.3]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/vagrant/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.10.6 (main, Nov  2 2022, 18:53:38) [GCC 11.3.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True
</code>

===== Configuração =====
<code bash>
$ cd /etc/ansible/
$ ls
ansible.cfg  hosts  roles
</code>

  * **ansible.cfg**: Arquivo de configuração do Ansible;
  * **hosts**: Arquivo de inventário;
  * **roles**: Diretório para armazenar as Roles no Ansible.

<code bash>
$ sudo su
</code>

<code bash>
# ansible-config init --disabled > ansible.cfg
</code>

Alterar as seguintes diretivas no arquivo ''**ansible.cfg**'':
<code bash>
log_path=/var/log/ansible.log
private_key_file=/etc/keys/sshkey
remote_user=vagrant
roles_path=/etc/ansible/roles
timeout=30
become=true
</code>

  * **log_path**: Define a localização do arquivo de logs do Ansible;
  * **private_key_file**: Define a localização e o nome da chave privada usada nas conexões SSH entre o servidor Ansible e os nodes da rede;
  * **remote_user**: Define o usuário de login para as máquinas de destino;
  * **roles_path**: Determina a localização do diretório onde serão armazenadas as Roles do Ansible;
  * **timeout**: Define o tempo utilizado na conexão SSH;
  * **become**: Eleva os privilégios do usuário.

===== Configurando chave SSH =====
<code bash>
# mkdir /etc/keys
</code>

<code>
# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /etc/keys/sshkey
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /etc/keys/sshkey
Your public key has been saved in /etc/keys/sshkey.pub
The key fingerprint is:
SHA256:cB2CvXwi/8Q4cpP2czNr81adKtEaC1XTAC9JXjDiQFU root@automation
The key's randomart image is:
+---[RSA 3072]----+
|      .=oooEooo  |
|      . +o+.=o . |
|      ...o.+...  |
|      .o+ ...    |
|       oS*. .   o|
|      . O.oo . .o|
|       + *. = .. |
|          ++*..  |
|           +oB.  |
+----[SHA256]-----+
</code>

<code bash>
# ssh-copy-id -i /etc/keys/sshkey.pub vagrant@10.240.100.10
# ssh-copy-id -i /etc/keys/sshkey.pub vagrant@10.240.100.20
# ssh-copy-id -i /etc/keys/sshkey.pub vagrant@10.240.100.30
</code>

===== Inventário =====
<file>
# vim hosts +$
[local]
10.240.100.10

[oracle]
10.240.100.20

[debian]
10.240.100.30
</file>

<code bash>
# ansible-inventory --list -y
all:
  children:
    debian:
      hosts:
        10.240.100.30: {}
    local:
      hosts:
        10.240.100.10: {}
    oracle:
      hosts:
        10.240.100.20: {}
    ungrouped: {}
</code>

===== Testando a comunicação =====

<code bash>
# ansible local -m ping
10.240.100.10 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
</code>

<code bash>
# ansible oracle -m ping
[WARNING]: Platform linux on host 10.240.100.20 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another Python
interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.14/reference_appendices/interpreter_discovery.html for more
information.
10.240.100.20 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.9"
    },
    "changed": false,
    "ping": "pong"
}
</code>

<code bash>
# ansible debian -m ping
10.240.100.30 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
</code>

FIXME Corrigindo o warning da máquina oracle.
<code bash>
# vim hosts +$
[oracle:vars]
ansible_python_interpreter=python3
</code>

<code bash>
# ansible oracle -m ping
10.240.100.20 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
</code>