• Commands to install ansible on Red Hat Enterprise Linux (RHEL)
• A files with ad-hoc ansible commands to perform simple tasks like ping
• 2 playbooks that have 1 tasks each. 1 uses the copy module and 1 uses the shell module
• 1 playbook that calls a role that's contained in copy-role folder

I'm doing this lab on AWS environment with Amazon EC2's where password auhencation is disabled by default

0. Become the root user.

sudo su - 

1. Download the EPEL repo

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Note: if you get an error for a conflict, you already have epel downloaded

Enter this to enable the repo

yum-config-manager --enable epel

2. Install Ansible

yum install ansible -y

3. • Add a user named ansible

sudo useradd ansible

4. Add a password to the user and choose a password of your choice

sudo passwd ansible

• Enable password authentication. To do this open tis file

sudo vi /etc/ssh/sshd_config 

• Then uncomment the line that says PasswordAuthentication yes and comment the line that says PasswordAuthentication no :

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
#PasswordAuthentication no

• Restart the sshd daemon on the master machine

sudo service sshd restart

Note: by default ansible may need to setup the environment before we can use /etc/ansible. Use the link to find alternatives for host , config and inventory files https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html

5. Create/Edit the hosts file for ansible and add the slave Ip.

sudo vi inventory.ini

6. Inside the file add these 3 lines. Let's give the group ( in this case only 1 instance ) a name . This is on top of the IP of the slave enclosed in the square brackets.

[webservers]
10.0.0.5
127.0.0.1

7. Open the sudoers file

sudo visudo

8. Add this line. There is a line similar to this already for the wheel group . Put it right under it. This makes sure that the ansible user can call all commands without the need of password

ansible         ALL=(ALL)       NOPASSWD: ALL

9. Open the /etc/ansible/ansible.cfg file

sudo vi /etc/ansible/ansible.cfg

10. Find and Uncomment this line inside the file. THis will disable ssh key check

# uncomment this to disable SSH key host checking
host_key_checking = False

11. Install SSHPASS . Without this you may not able to use ssh with password

sudo yum --enablerepo=epel -y install sshpass

• Become root user

sudo su -

• Add a user named ansible

sudo useradd ansible

• Add a password to the user and choose a password of your choice

sudo passwd ansible

• Enable password authentication. To do this open tis file

sudo vi /etc/ssh/sshd_config 

• Then uncomment the line that says PasswordAuthentication yes and comment the line that says PasswordAuthentication no :

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
#PasswordAuthentication no

• Restart the sshd daemon on the Slave machine

sudo service sshd restart

• Try logging into the slave machine from the Ansible master. you should be able to

ssh [email protected] 

• Open the sudoers file on the slave machine

sudo visudo

• Add this line. There is a line similar to this already for the wheel group . Put it right under it. This makes sure that the ansible user can call all commands without the need of password

ansible         ALL=(ALL)       NOPASSWD: ALL

• From the Ansible master ping the slave server:

ansible -m ping all -u ansible --ask-pass -i inventory.ini

• you should see a return like this

172.31.10.247 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

**Congratulations , you are able to ping the slave server using the ping module!

• Now, let's install apache web server on the slave server.

ansible all  -m yum -a "name=httpd state=present" -u ansible --ask-pass --become

**In the above command -m stands for module , in this case we are using the yum module. -a is for arguements where we pass the the name of the package and state. present means install. Similarly if you run the command and say state=absent then the web server will be removed. --become is used to be the root user with sudo

• Use the service module to start the apache web server

ansible all  -m service -a "name=httpd state=started " -u ansible --ask-pass --become 

• Congratulations! your web server should be installed now. Browse the public IP of the slave server on a browser to verify. You should see the apache web server test page.

1. Write a "hello. This is my webserver" line and save it to a file called index.html . This will replace our webserver default page.

echo "hello. This is my webserver" > index.html

2. Create a new yaml file with vi editor and call it copy.yml

vi copy.yml

3. copy and paste this to the file and save

- hosts: all
  become: yes
  tasks:
    - copy:
        src: /home/ansible/index.html
        dest: /var/www/html/index.html
        owner: ansible
        group: ansible
        mode: 0655

4. Use the ansible playbook command to run the playbook. As you can see above, the task has a copy module that will copy the index.html to the remote machine.

ansible-playbook copy.yml -u ansible --ask-pass

5. You should get a success response. Check your web server now. It should display the contents of index.html that you copied to the slave machine.