Differences

This shows you the differences between two versions of the page.

--- ansible_server_config [2025/07/26 17:09] – - Imported by DokuWiki Advanced Plugin wikiadm
+++ ansible_server_config [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Configuração ansible server ======
-===== Configurando o ansible.cfg =====
-<file bash>
-$ cd /etc/ansible/
-$ ls
-ansible.cfg  hosts  roles
-</file>
-  * **ansible.cfg**: Arquivo de configuração do Ansible;
-  * **hosts**: Arquivo de inventário;
-  * **roles**: Diretório para armazenar as Roles no Ansible.
-<file bash>
-$ cat ansible.cfg
-# Since Ansible 2.12 (core):
-# To generate an example config file (a "disabled" one with all default settings, commented out):
-#               $ ansible-config init --disabled > ansible.cfg
-#
-# Also you can now have a more complete file by including existing plugins:
-# ansible-config init --disabled -t all > ansible.cfg
-# For previous versions of Ansible you can check for examples in the 'stable' branches of each version
-# Note that this file was always incomplete  and lagging changes to configuration settings
-# for example, for 2.9: https://github.com/ansible/ansible/blob/stable-2.9/examples/ansible.cfg
-</file>
-<file bash>
-$ sudo su
-# ansible-config init --disabled > ansible.cfg
-</file>
-<file basg>
-# egrep -v "^#|^;|^$" ansible.cfg
-[defaults]
-log_path=/var/log/ansible.log
-private_key_file=/etc/keys/sshkey
-remote_user=root
-roles_path=/etc/ansible/roles
-timeout=30
-[privilege_escalation]
-[persistent_connection]
-[connection]
-[colors]
-[selinux]
-[diff]
-[galaxy]
-[inventory]
-[netconf_connection]
-[paramiko_connection]
-[jinja2]
-[tags]
-</file>
-  * **log_path**: Define a localização do arquivo de logs do Ansible;
-  * **private_key_file**: Define a localização e o nome da chave privada usada nas conexões SSH entre o servidor Ansible e os nodes da rede;
-  * **remote_user**: Define o usuário de login para as máquinas de destino;
-  * **roles_path**: Determina a localização do diretório onde serão armazenadas as Roles do Ansible;
-  * **timeout**: Define o tempo utilizado na conexão SSH.
-===== Criando chave SSH =====
-<file bash>
-# mkdir /etc/keys
-</file>
-<file bash>
-# ssh-keygen
-Generating public/private rsa key pair.
-Enter file in which to save the key (/root/.ssh/id_rsa): /etc/keys/sshkey
-Enter passphrase (empty for no passphrase):
-Enter same passphrase again:
-Your identification has been saved in /etc/keys/sshkey
-Your public key has been saved in /etc/keys/sshkey.pub
-The key fingerprint is:
-SHA256:Y8rbHFuku02ApvJbLWD6bU4a3kiz2kmnIqbKPo0h1Iw root@ansible-server
-The key's randomart image is:
-+---[RSA 3072]----+
-|                 |
-|                 |
-|  +              |
-| E o   .         |
-|.   o o S .      |
-|.. o = + =       |
-|. * * B + o      |
-|o+.X #.= B       |
-|B+oo%+= *..      |
-+----[SHA256]-----+
-</file>
-FIXME **Informe o local aonde as chaves serão armazenadas. Como foi definido na configuração do Ansible, as chaves serão armazenadas em: ''/etc/keys/sshkey''**
-==== Permitindo acesso root ====
-<file bash>
-# vim /etc/ssh/sshd_config
-[...]
-#PermitRootLogin prohibit-password
-PermitRootLogin yes
-[...]
-</file>
-<file bash>
-# systemctl restart sshd
-</file>
-<file bash>
-root@ansible-server:/etc/ansible# passwd
-New password:
-Retype new password:
-passwd: password updated successfully
-root@ansible-server:/etc/ansible# exit
-exit
-</file>
-==== Copiando a chave ====
-Com as chaves geradas o próximo passo é copiar a chave pública para as VMs que o Ansible irá gerenciar.
-<file bash>
-$ sudo ssh-copy-id -i /etc/keys/sshkey.pub ansible-server
-</file>
-<file bash>
-$ sudo ssh -i /etc/keys/sshkey ansible-server cat /etc/hosts
-.0.0.1 localhost
-.0.1.1 ubuntu2204.localdomain
-# The following lines are desirable for IPv6 capable hosts
-::1     ip6-localhost ip6-loopback
-fe00::0 ip6-localnet
-ff00::0 ip6-mcastprefix
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
-.0.0.1 ubuntu2204.localdomain
-.0.2.1 ansible-server ansible-server
-</file>
-===== Inventário =====
-<file bash>
-$ cat /etc/ansible/hosts
-# This is the default ansible 'hosts' file.
-#
-# It should live in /etc/ansible/hosts
-#
-#   - Comments begin with the '#' character
-#   - Blank lines are ignored
-#   - Groups of hosts are delimited by [header] elements
-#   - You can enter hostnames or ip addresses
-#   - A hostname/ip can be a member of multiple groups
-# Ex 1: Ungrouped hosts, specify before any group headers:
-## green.example.com
-## blue.example.com
-## 192.168.100.1
-## 192.168.100.10
-# Ex 2: A collection of hosts belonging to the 'webservers' group:
-## [webservers]
-## alpha.example.org
-## beta.example.org
-## 192.168.1.100
-## 192.168.1.110
-# If you have multiple hosts following a pattern, you can specify
-# them like this:
-## www[001:006].example.com
-# Ex 3: A collection of database servers in the 'dbservers' group:
-## [dbservers]
-##
-## db01.intranet.mydomain.net
-## db02.intranet.mydomain.net
-## 10.25.1.56
-## 10.25.1.57
-# Here's another example of host ranges, this time there are no
-# leading 0s:
-## db-[99:101]-node.example.com
-</file>
-<file bash>
-$ sudo vim /etc/ansible/hosts +$
-[...]
-[local]
-ansible-server
-[ubuntu]
-ub-vm-01
-[oracle]
-ol-vm-02
-ansible_python_interpreter=/usr/bin/python3.9
-[debian]
-de-vm-03
-</file>
-<file bash>
-$ sudo ansible-inventory --list -y
-all:
-  children:
-    debian:
-      hosts:
-        de-vm-03: {}
-    local:
-      hosts:
-        ansible-server: {}
-    oracle:
-      hosts:
-        ol-vm-02: {}
-    ubuntu:
-      hosts:
-        ub-vm-01: {}
-    ungrouped: {}
-</file>
-===== Ajustes no arquivo hosts =====
-<file yaml hosts.yaml>
-$ cat hosts.yaml
----
-- name: File /etc/hosts
-  hosts: local
-  tasks:
-    - name: Testing entries in the /etc/hosts file
-      lineinfile:
-        path: /etc/hosts
-        line: "10.240.0.200 ansible-server.juntotelecom.com.br  ansible-server"
-      register: etc_hosts_result
-    - name: Clear file /etc/hosts
-      when: etc_hosts_result is changed
-      shell: echo '' > /etc/hosts
-      register: etc_hosts_clear
-      tags: hosts
-    - name: Config file /etc/hosts
-      when: etc_hosts_clear is succeeded
-      lineinfile:
-        path: /etc/hosts
-        line: "{{ item.ip }}  {{ item.fqdn }} {{ item.alias }}"
-      with_items:
-        - { ip: '127.0.0.1', fqdn: 'localhost.localdomain', alias: 'localhost' }
-        - { ip: '10.240.0.200', fqdn: 'ansible-server.juntotelecom.com.br', alias: 'ansible-server' }
-        - { ip: '10.240.0.201', fqdn: 'ub-vm-01.juntotelecom.com.br', alias: 'ub-vm-01' }
-        - { ip: '10.240.0.202', fqdn: 'ol-vm-02.juntotelecom.com.br', alias: 'ol-vm-02' }
-        - { ip: '10.240.0.203', fqdn: 'de-vm-03.juntotelecom.com.br', alias: 'de-vm-03' }
-</file>
-<file bash>
-$ sudo ansible-playbook --syntax-check hosts.yaml
-playbook: hosts.yaml
-</file>
-<file bash>
-$ sudo ansible-playbook hosts.yaml
-PLAY [File /etc/hosts] ******************************************************************************************************************************************************************************************
-TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
-ok: [ansible-server]
-TASK [Testing entries in the /etc/hosts file] *******************************************************************************************************************************************************************
-changed: [ansible-server]
-TASK [Clear file /etc/hosts] ************************************************************************************************************************************************************************************
-changed: [ansible-server]
-TASK [Config file /etc/hosts] ***********************************************************************************************************************************************************************************
-changed: [ansible-server] => (item={'ip': '127.0.0.1', 'fqdn': 'localhost.localdomain', 'alias': 'localhost'})
-changed: [ansible-server] => (item={'ip': '10.240.0.200', 'fqdn': 'ansible-server.juntotelecom.com.br', 'alias': 'ansible-server'})
-changed: [ansible-server] => (item={'ip': '10.240.0.201', 'fqdn': 'ub-vm-01.juntotelecom.com.br', 'alias': 'ub-vm-01'})
-changed: [ansible-server] => (item={'ip': '10.240.0.202', 'fqdn': 'ol-vm-02.juntotelecom.com.br', 'alias': 'ol-vm-02'})
-changed: [ansible-server] => (item={'ip': '10.240.0.203', 'fqdn': 'de-vm-03.juntotelecom.com.br', 'alias': 'de-vm-03'})
-PLAY RECAP ******************************************************************************************************************************************************************************************************
-ansible-server             : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
-</file>
-<file bash>
-$ sudo ansible local -m shell -a "cat /etc/hosts"
-ansible-server | CHANGED | rc=0 >>
-.0.0.1  localhost.localdomain localhost
-.240.0.200  ansible-server.juntotelecom.com.br ansible-server
-.240.0.201  ub-vm-01.juntotelecom.com.br ub-vm-01
-.240.0.202  ol-vm-02.juntotelecom.com.br ol-vm-02
-.240.0.203  de-vm-03.juntotelecom.com.br de-vm-03
-</file>
-===== Compartilhando a chave SSH =====
-<file bash>
-$ sudo ssh-copy-id -i /etc/keys/sshkey.pub ub-vm-01
-$ sudo ssh-copy-id -i /etc/keys/sshkey.pub ol-vm-02
-$ sudo ssh-copy-id -i /etc/keys/sshkey.pub de-vm-03
-</file>
-<file bash>
-$ sudo ansible all -m ping
-ansible-server | SUCCESS => {
-    "ansible_facts": {
-        "discovered_interpreter_python": "/usr/bin/python3"
-    },
-    "changed": false,
-    "ping": "pong"
-}
-de-vm-03 | SUCCESS => {
-    "ansible_facts": {
-        "discovered_interpreter_python": "/usr/bin/python3"
-    },
-    "changed": false,
-    "ping": "pong"
-}
-ub-vm-01 | SUCCESS => {
-    "ansible_facts": {
-        "discovered_interpreter_python": "/usr/bin/python3"
-    },
-    "changed": false,
-    "ping": "pong"
-}
-[WARNING]: Platform linux on host ol-vm-02 is using the discovered Python interpreter at /usr/bin/python3.9, but future installation of another Python interpreter could change the meaning of that path. See
-https://docs.ansible.com/ansible-core/2.13/reference_appendices/interpreter_discovery.html for more information.
-ol-vm-02 | SUCCESS => {
-    "ansible_facts": {
-        "discovered_interpreter_python": "/usr/bin/python3.9"
-    },
-    "changed": false,
-    "ping": "pong"
-}
-</file>
-<file bash>
-$ sudo ansible oracle -m ping -e 'ansible_python_interpreter=/usr/bin/python3.9'
-ol-vm-02 | SUCCESS => {
-    "changed": false,
-    "ping": "pong"
-}
-</file>
-===== Referências =====
-  - [[https://docs.ansible.com/ansible/latest/reference_appendices/python_3_support.html|Python 3 Support]]