In this Ansible tutorial for beginners, we’ll cover getting started with Ansible as a configuration management tool for setting up a bare CentOS, Debian, and Ubuntu server with more secure SSH settings and a few tools to make your life a little easier.
Our goals:
- Set up a non-root user
- Give the new user sudo access
- Disable password-based logins
- Disable root logins
- Use SSH keys for logins
- Ansible by default manages machines over the SSH protocol. Install the Command Line Developer Tools for OS X El Capitan. If Xcode is not currently installed, we can simply grab the Command Line Developer Tools for OS X El Capitan.
- Ansible is an all in one IT solution. It’s an IT orchestration engine which automates configuration management, application deployment, remote infrastructure management command based simple tool. Today we will go over detailed steps on Ansible installation steps and complete.
- Addhost – Add a host (and alternatively a group) to the ansible-playbook in-memory inventory aerospikemigrations – Check or wait for migrations between nodes airbrakedeployment – Notify airbrake about app deployments.
Prerequisites for this Ansible configuration management tutorial
- A newly-provisioned or rebuilt server running any of our OS options—CentOS, Debian, or Ubuntu.
Get a $50 Bonus for 72 hours only…
Enabling NX-API ¶. Before you can use NX-API to connect to a switch, you must enable NX-API. To enable NX-API on a new switch via Ansible, use the nxosnxapi module via the CLI connection. Set up groupvars/nxos.yml just like in the CLI example above, then run a playbook task like this. You must have Ansible installed on your computer. You must have CentOS 7 or CentOS 8 machines configured for Ansible automation. There are many articles on LinuxHint dedicated to Installing Ansible and configuring hosts for Ansible automation. You may want to.
To celebrate our newest datacenters in Tokyo & London, we’re offering a $50 hosting credit with any 3-year hosting plan. And a $20 Bonus with a 1-year plan. Use your bonus to add backups, discount your renewal or add a new server, super cheap. We’re shutting this one down soon, though. So get there now…
Score a 24GB Performance VPS with 240GB of SSD storage for just $99/year…PLUS a $50 Credit!)
Step 1: Install Ansible on your local machine
To get started using Ansible for configuration management, you first need to install it on your local machine. Ansible’s documenation gives installation instructions for a variety of platforms, including various *nix distributions and OS X.
Step 2: Edit the Ansible hosts file
To connect Ansible to your VPS, you need to specify its IP address within Ansible’s hosts file. On Linux and OS X machines, that can be found at
/etc/ansible/hosts
.Remind 101 for mac os x 10 13 download. The beginning of the file should look like this:
To enable your VPS, simply add the IP address anywhere in this file underneath an
[ssdnodes]
grouping.There should be no other symbols—like the
#
comment—in the line.Now, test out your configuration by pinging your VPS. For now, you have to use
-u root
to ensure you’re trying to connect via the root account.If it’s successful, you’ll see the following output:
Step 3: Getting started with Ansible playbooks
To get started using Ansible to manage server configurations, we need to create an Ansible playbook. A playbook is the core component of any Ansible configuration.
The playbook will define the tasks that need to be completed to configure your servers. The ability to create and run Playbooks is the key reason that it’s so powerful to use Ansible for configuration management.
![Ansible_network_os xr Ansible_network_os xr](/uploads/1/2/6/5/126524899/214538815.png)
The Ansible playbook is in the common
.yaml
language.And here is a basic playbook example that accomplishes our goals.
Note: This playbook is meant to run on a bare CentOS 7 server. If you want to run this on an Ubuntu/Debian server, simply change the
yum
line to apt
.Before we go into how you run this command, let’s walk through what some of these lines do in practice.
These two lines dictate which host group we’re going to work with—in this case, the
ssdnodes
group we created earlier—and specify that we’re using the root login (just this once) to complete our steps.These two
vars_prompt
Openemu for os x 10.7 10 7 download free dmg files. commands will ask for user input to define which username and password they would like to associate with the newly-created account.Beyond this, each nested block of script that begins with
- name:
defines a new task that Ansible will complete in sequential order, once the previous task has completed successfully. Failed tasks will cause the entire playbook to stop running.If you follow along with each of the tasks, you can see that we’re installing
sudo
, creating our new user, adding your SSH public key to the server, and putting some basic restrictions on sshd
before restarting it.Step 4: Run the Ansible playbook
Running this Ansible playbook is fairly straightforward. Here’s the command we’ll use:
![Capitan Capitan](/uploads/1/2/6/5/126524899/155253370.png)
We need to include
--ask-pass
so that Ansible uses a password to log into the server rather than try to use an SSH key that isn’t there.Once you run the command, you’ll be asked to enter the
SSH password:
. This is the root login for your server—that password can be found in your SSD Nodes dashboard.Once you’ve entered the root password, you’ll be prompted to specify and confirm a username and password. Once that’s done, Ansible will get to work!
With any luck, Ansible runs smoothly, and you’ll see the following in your terminal:
At this point, you’ll be able to log into your new user account using your SSH key.
More resources on Ansible for configuration management:
Ansible Os X
You’re now ready to get started using Ansible to manage the configuration of new servers with ease, and with an eye toward security.
For a deeper dive into getting started with Ansible, including in-depth explanations of all the components and terminology, check out our “Step by step guide to Ansible” tutorial.
Os X Download
To get more concrete playbook examples aimed toward maximizing security– to help you harden your SSH, fend off brute force attacks, and more– check out our 2-part series:
Ansible playbook for a more secure VPS (part 1)
A More Secure Ansible Playbook (Part 2)
A More Secure Ansible Playbook (Part 2)
Ansible For Os X Download
And finally, for more information about how to use Ansible for automated server hardening, check out one these resources:
Os X El Capitan
[cta text2=”You’re 90 seconds away from running Ansible on an SSD Nodes cloud server!” button=”Ansible all the things!”]