Ansible's inventory file

We use Ansible manage and automate some tasks on a remote host. All the hosts to be managed by the Ansible controller are listed in the inventory file. The file is located by default in the following path /etc/ansible/hosts.

Basically, this contains a lists of all the hosts that Ansible may manage. The machines can be identified by their IP address or by their hostname. You can also create groups with similar machines. The independent hosts must be at the beginning of the file, before any group.

Here is an example inventory file:

192.168.1.160

[test-servers]
192.168.1.161

[production-servers]
192.168.1.162

This configuration file specifies three hosts. The first node is specified by its IP address and the latter two hosts are specified in two groups: test-servers and production-servers.

By default, Ansible will look for the inventory file in /etc/ansible/hosts. You can also specify an alternative path for an inventory file with the -i flag:

A good description about the configuration of our hosts file can be found at: https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html

One of the main features of Ansible is the capacity to manage machines remotely through SSH. For this task, make sure that your public SSH key is in the authorized_keys file on the remote machines. There are other authentication mechanisms that Ansible supports, such as providing plain-text passwords (which is not recommended) and Vault (https://docs.ansible.com/ansible/2.4/vault.html).

Ansible has to be able to connect to these machines over SSH, so you will likely need to have these entries in your .ssh/config file. Now, we can use the ssh-keygen command for generating our own SSH key. For this, we open a console in the central machine and execute the following command:

$ ssh-keygen
Generating public/private rsa key pair.
 Enter file in which to save the key (/home/user/.ssh/id_rsa):
 Enter passphrase (empty for no passphrase):
 Enter same passphrase again:
 Your identification has been saved in /home/user/.ssh/id_rsa.
 Your public key has been saved in /home/user/.ssh/id_rsa.pub.

Once the generation process is finished, we have two files: ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub.

With the ssh-copy-id command we can copy the public key in the machine we want the controller in:

$ ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

This is the output of the preceding command:

The authenticity of host '192.168.1.161' can't be established.
 ECDSA key fingerprint is b5:47:7b:dd:d7:16:07:0e:97:5a:bd:6b:21:e9:b9:e6.
 Are you sure you want to continue connecting (yes/no)? yes
 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
 /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
 Number of key(s) added: 1
 Now try logging into the machine, with: "ssh '192.168.1.161'"
 and check to make sure that only the key(s) you wanted were added.

Now we can start an SSH session with the root user without using a password.

Once we have defined our inventory file, we will perform our first execution, as follows:

$ ansible -i <path/to/custom/inventory> <group|host> -m <module> -a “<module arguments>”

In the inventory file, the names of the host or their IP addresses are assigned. You can also make groupings of machines based on their role (such as database or web server). Once we have the inventory, we can start using Ansible, for example, by pinging all the machines or installing a certain package, as follows:

$ ansible test-servers -i hosts -m ping
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset