Ansible Using the ansible command in AWS

2023年1月28日

We will build a virtual runtime environment on AWS and use ansible commands We will try ansible using only commands, not a playbook We will prepare a RHEL7.7 server on AWS EC2 and build a virtual runtime environment for python We will install ansible and run ansible commands using the module on localhost. Install ansible and run the ansible command using the module on localhost.

Set up t2.micro on AWS EC2

Try ansible on AWS.
We selected and created an AMI of Cent OS7.

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.7 (Maipo)

Create an Ansible user and allow SSH connection

sudo su
useradd -s /bin/bash -m ansible
passwd ansible
echo "ansible ALL=(ALL) NOPASSWD:ALL" |tee -a /etc/sudoers.d/ansible
sudo su ansible

Install ansible in a virtual execution environment (virtualenv)

Create a virtual execution environment.

sudo localectl set-locale LANG=ja_JP.utf8
sudo yum groupinstall -y "Development Tools"
sudo yum install -y python-devel 
sudo yum install -y https://repo.ius.io/ius-release-el7.rpm
sudo yum install -y python
su - ansible
cd
pip3 install virtualenv --user
virtualenv venv
source ~/venv/bin/activate
pip3 install ansible

When reconnecting to the virtual execution environment, do not forget to do the following again.

su - ansible
cd
source ./venv/bin/activate

If you try typing the command and the help contents are displayed, the environment has been successfully built.

ansible-playbook --help
ansible --help

Try Ansible commands

Try the ansible command.
As a simple command, run the setup module against localhost.
setup is a module to get information about the device. The command is to get information about yourself.
You can retrieve a lot of information.

ansible localhost -m setup

If it does not work, you may not be able to connect to localhost with ssh.
You must be able to connect to localhost with ssh.

ssh localhost

To type a shell command in ansible, use the command module.
You can use the shell command with any command, and you can see that there is a venv directory.

ansible localhost -m command -a "ls"
localhost | CHANGED | rc=0 >>
venv

The subject can also be listed by IP address.

ansible 127.0.0.1 -m command -a "ls"
127.0.0.1 | CHANGED | rc=0 >>
venv

Basic module

There are various modules besides the setup and command modules.
By understanding the modules, you will know what you can do with ansible.
It is a good idea to search the official documentation page you are interested in.
All modules are listed on the page, and you can use your browser’s search function to find out more.

As an introduction, here are some commonly used modules.

<yum module> 

yum can specify present(install), etc. with the state parameter.
The state can be abcent,installed,latest,present,removed.
If you set “present", you can install.
I run python install and changed is false because it has already been installed.

 ansible localhost -m yum -a "state=present name=python"
localhost | SUCCESS => {
    "ansible_facts": {
        "pkg_mgr": "yum"
    },
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
        "python-2.7.5-92.el7_9.x86_64 providing python is already installed"
    ]
}

<debug module>

The debug module can display debug.

ansible localhost -m debug -a "var=groups"
localhost | SUCCESS => {
    "groups": {
        "all": [],
        "ungrouped": []
    }
}

Create an Ansible inventory file

You can define a grouping of what to do to what.
In an inventory file, you can define a grouping of operation targets.

Let’s put localhost in web_servers and change it to specify localhost as a group.
In db_servers, group 5 servers from 192.168.11.1~192.168.11.5.

[web_servers]
localhost
[db_servers]
db-1 ansible_host=192.168.11.[1:5]

The command specifies the inventory file with the -i option. The same can be done with the -i option.

ansible -i inventory.ini web_servers -m setup

non-flammable module

The following commands are not guaranteed to be valid. If you use them, you must include a conditional branch and make sure that they work properly. Viability is the property that an operation will produce the same result even if it is performed multiple times. This is one of the strengths of Ansible, and it is necessary to create a playbook so as not to lose it. To keep it simple, we should use the modules that are already in place and be careful how we use them.

command
expect
psexec
raw
script
shell
telnet

Conclusion

I have built an ansible environment on AWS and tested simple ansible commands. I would like to learn how to automate without losing the functionality of ansible, and I would also like to learn the quirks of ansible.