This is an old revision of the document!
Hands-on session 2/2 - part 2/3
on your VMs node as <your_user> in your home folder
1. DEPLOYMENT SCRIPT
#!/usr/bin/env bash
# AUTHOR | Mircea VRABIE
# TARGET | Automated deployment for Ansible environment with pip
# DATE | Jul 2022
# HOW TO RUN | ~
PATH:\
i:/etc/sudoers.d/; done
3. CREATE YOUR ansible USER ON REMOTE HOSTS
vim useradd.sh
#!/usr/bin/env bash useradd -m -d /home/<your_user> -s /bin/bash <your_user> && echo ”<your_user>:<your_password>” | chpasswd
chmod +x useradd
./useradd
for i in `cat /home/<your_user>/inventory`; do ssh root@
i; done
…and check connection
ssh <your_user>@<node1..3>
5. CREATE YOUR ansible.cfg
/home/<your_user>/ansible.cfg
[defaults] inventory=/home/<your_user>/inventory remote_user=<your_user> host_key_checking=False
[privilege_escalation] become=True become_method=sudo become_user=root become_ask_pass=False
6. LAB
Do not forget to define “lists” to called by ansible in “inventory” file between”[]”.
vim inventory
[all] IP_node1 IP_node2 IP_node3
ansible node1 -m ping OR ansible all -m ping
# Add user
openssl passwd -6 -salt xyz <your_password> - (Generate password hash for /etc/shadow)
mkdir playbooks vim playbooks/add_user.yml
— - name: add_user
hosts: all (IP_node1) tasks: - name: add user "<your_user1>" on all hosts user: name: <your_user1> shell: /bin/bash home: /home/<your_user1> password: $6$xyz$73Q3Z.l5kN5BNAGMmP5IKozhqw3Zhj8bqQuJy3.Wf44.I3/nkSnzPMeX6rozvFiDHgi2DIt/BOc/lt14/2PH91 generate_ssh_key: yes ssh_key_bits: 2048 ssh_key_file: .ssh/id_rsa - name: create /etc/sudoers.d/<your_user1> file: path: /etc/sudoers.d/<your_user1> state: touch - name: add sudoers rights for <your_user1> copy: content: "<your_user1> ALL=(ALL) NOPASSWD: ALL" dest: /etc/sudoers.d/<your_user1> - name: set rights for /etc/sudoers.d/<your_user1> file: path: /etc/sudoers.d/<your_user1> mode: '0440'
…
ansible-playbook –syntax-check playbooks/add_user.yml ansible-playbook -v -C playbooks/add_user.yml (” '-C' - dry run”) ansible-playbook -v playbooks/add_user.yml (“execute playbook”) (” '-v' TO '-vvvv' =⇒ verbosity for debuging, usualy '-v' is enought”)
# Delete user with one liner ansible all (node1) -m shell -a 'userdel -r <your_user1>'
