Installing Ansible
Why Install Ansible
This install took a long time since I ran into a few issues and was really only working on it during the weekends since it is a more in-depth project to install. Currently, I am having a tough time updating my server stack, and the more that I add to it the harder it will be to keep up. Ansible is a command-line automation software that should help with system updates and possibly some other features depending on the features it has.
Starting The Install
I will be following this install guide to get this up and running. The first step is to spin up a VM in Proxmox that is gonna use Debian as its base. There was not much about machine requirements so I just gave it 2 cores, 4 Gb of ram, and 50 Gb of storage.
Prerequisites Install
I have to install Python to be able to install Ansible and get it running. I did this by following this Python install guide. As well as adding a user to the sudo users. I also need to make sure to install PIP which is a Python package manager.
Ansible Install
I will be outlining all the commands that I will be using here most them will be ripped from install guide.
Check Whether pip is installed for Python
1
python3 -m pip -V
If no error proceed to the next step to install ansible or ansible-core. I will be going with ansible because I want all the features I don’t even know about.
1
python3 -m pip install --user ansibleuser
Check the install
1
ansible --version
Which gave me a command not found. Which was fixed by adding a file path to $PATH with this command
1
export PATH=~/.local/bin:$PATH
Then after checking it again it ran the command and gave the correct output.
Configuring Ansible
When I ran the ansible version checker I saw that I had no configuration file. Not entirely sure why I did not get a configuration file. I then grabbed a example file from their github and left it default for now. After that I started looking into testing whether ansible is working or not. So I wrote a ip address into a inventory file I made following this inventory guide that points to my NUT(Network UPS Tools) server and added a public SSH key to the account following this SSH key guide. I think the best way to do this would be to create an ansibleuser or whatever your main account on ansible on the destination server.
On the Ansible server run this to get a public key to put on the destination server
1
sudo ssh-keygen -t rsa
Then run this command if you have OpenSSH since it has a built in way to add public keys from the host server
1
sudo ssh-copy-id -i ~/.ssh/id_rsa.pub YOUR_USER_NAME@IP_ADDRESS_OF_THE_SERVER
Then test if it can connect
1
ansible all -m ping
You should see something like this
1
2
3
4
5
6
7
nut | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
Creating a playbook
A “playbook” is what Ansible uses to run automation tasks. I will be getting a basic understanding follow this playbook guide.
First to create the playbook
1
sudo touch playbook.yaml
Then I edit it with nano following the example to look something like this
1
2
3
4
5
6
7
8
- name: My first play
hosts: virtualmachines
tasks:
- name: Ping my hosts
ansible.builtin.ping:
- name: Print message
ansible.builtin.debug:
msg: Hello world
Then I run it using this command
1
ansible-playbook -i inventory.yaml playbook.yaml
You should get some output that has this at the end
1
2
PLAY RECAP **********************************************************************************
nut : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Now to create a playbook file to update my debian os based virtual machines using this Ansible debian update guide. It looks something like this.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
- name: Update Machines
hosts: virtualmachines
become: yes
tasks:
- name: Ping my hosts
ansible.builtin.ping:
- name: Update apt-get repo and cache on Debian/Ubuntu VMs
ansible.builtin.apt:
update_cache=yes
force_apt_get=yes
cache_valid_time=3600
- name: Upgrade all apt packages
ansible.builtin.apt:
upgrade=dist
force_apt_get=yes
- name: Check if a reboot is needed for Debian and Ubuntu boxes
register: reboot_required_file
stat: path=/var/run/reboot-required get_md5=no
- name: Reboot the Debian or Ubuntu server
reboot:
msg: "Reboot initiated by Ansible due to kernel updates"
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 0
post_reboot_delay: 30
test_command: uptime
when: reboot_required_file.stat.exists
Now to run my update yaml
1
ansible-playbook -i inventory.yaml update.yaml
I ran into a permissions problem at this point and I think that it was because I was not becoming root. To fix that I had to change the sudoers file on the endpoint machine to allow sudo without a password for that users. Then run my update file again and the outcome looks something like this.
1
2
PLAY RECAP **********************************************************************************
nut : ok=5 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
This has now completed my Ansible install in my eyes and I now can work on automating stuff across many servers easily without worrying about the time I will have to spend.
As of now there are still several things that I have in mind to do.
- Self-Host Website
- Have VPN back to my home network
- Set up my servers in a server rack
- Get a third computer that will be able to break quorum between my two proxmox servers
- Setup a separate computer that will ping my servers and send wake up packets if it doesn’t get a response
- Self-host Bitwarden an open source password manager
- Setup a bare metal backup for Proxmox as a whole
- Setup a NAS that has at least 50 tb of storage
- Setup a personal documenting/notes such as something like Obsidian