https://github.com/pratikshinde55/ansible-setup-onaws
Ansible-Master & Target node Configuration on AWS Cloud using ssh-key Authentication.
https://github.com/pratikshinde55/ansible-setup-onaws
ansible ansible-setup aws-ec2
Last synced: 3 months ago
JSON representation
Ansible-Master & Target node Configuration on AWS Cloud using ssh-key Authentication.
- Host: GitHub
- URL: https://github.com/pratikshinde55/ansible-setup-onaws
- Owner: Pratikshinde55
- Created: 2024-03-01T12:10:30.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2025-02-11T11:27:29.000Z (3 months ago)
- Last Synced: 2025-02-11T11:30:15.606Z (3 months ago)
- Topics: ansible, ansible-setup, aws-ec2
- Homepage:
- Size: 147 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Ansible-Master and target node configuration on AWS cloud using ssh-key Authentication
- About set-up:
I have installed ansible on the top of AWS Cloud EC2 Insatnce, Setup is like I take Three EC2 amazon linux Instances, One of these make Master-node(Ansible-master) and other remaining Two make
Target-node.
(Ansible-node-1,Ansible-node-2).
## On Three(Master & Target) Instances Following set-up do as it is:
### Step-1: [Create New/General User I create "psadmin" general user for Master-node & set password]
Command for create new user:
useradd psadmin
Command for Set password to user:
passwd psadmin
### Step-2: [Give Sudo power to general user "psadmin"]
The general user don't have so much power like root, So I give the root level power/permission to the general user. The file location is **/etc/sudoers**.
vi /etc/sudoers
### Step-3: [Allow Authentication in sshd config file]
To access the EC2 by SSH then we need to change some settings in SSH Config file, The Location of SSH Config file is **/etc/ssh/sshd_config**.
vi /etc/ssh/sshd_config
### Step-4: [Restart sshd service]
After change in the ssh config file then we need to restart that file to apply the new changes.
systemctl restart sshd
- NOTE: for Target-node 1 & 2 i use general user is "pratik" after created user above four steps do as it is in each target nodes.
## On Ansible Master-Node:-
After do 1st four steps then create Key in general user in my case psadmin is general user of my Ansible master node
su - psadmin
Go inside general user (psadmin) and create key for ssh Authentication:
ssh-keygen
- Note: **Create ssh key at general user on which we want run ansible command.**
ssh-key created in **.ssh/** folder:
cd .ssh/
Show hidden file:
ls -l
After Key created then need to copy my "psadmin" key to host nodes , use follw command to copy key to Target node:
Format of ssh key copy to the target:
ssh-copy-id @
Command for Copy ssh key:
ssh-copy-id [email protected]
- After key add we also check bye using following Command:
To add EC2 1st time with SSH we need to do manual, While adding they ask password.
ssh [email protected]
- NOTE: Do same Key-copy method to all target nodes .
**........Here our instances is successfully connected by "ssh"........**
## On master node: [Install Ansible on master node for different version]
Here i give Steo by step how to download ansible different versions latest/older on AWS Cloud:
### For Amazon-linux2:- [AMI with python3.8 latest version of "Ansible-core" (Latest version of Ansible-core in 2025)]
We Install ansible-core latest version with the help of python3.8 because latest version Ansible-core support from python3.8 version.
1. **Step-1 [Install Python 3.8 Using Amazon Linux Extras]**
- Amazon Linux 2 provides an easy way to install newer versions of Python through the Amazon Linux Extras repository.
- Enable the Python 3.8 repository:
sudo amazon-linux-extras enable python3.8
- Install Python 3.8:
sudo yum install python3.8
- Check Install:
python3.8 --version
2. **Step-2 [Install/Upgrade Ansible-Core Using pip for Python 3.8]**
- Now that pip3 for Python 3.8 is installed, we can use it to install or upgrade Ansible-Core.
- Run the following command to install Ansible using Python 3.8's pip:
sudo python3.8 -m pip install --upgrade ansible-core
- Check Ansible Version:
ansible --version
3. **Step-3 [Create the Configuration File Directory(/etc/ansible/ansible.cfg)]**
- Create the `/etc/ansible/` directory: (The -p flag ensures that the directory is created only if it doesn't exist. If it already exists, no error will be thrown.)
sudo mkdir -p /etc/ansible
- Create the ansible.cfg file:
sudo vim /etc/ansible/ansible.cfg
- If you want to create the ansible.cfg file with the default configuration, you can use the ansible-config command:
sudo ansible-config init --disabled > /etc/ansible/ansible.cfg
- This will generate a default ansible.cfg file with all options commented out (disabled).
4. **[Optional- If path is not set of ansible & ansible cmd not work then use]**
- Check the Installation Path:
which ansible
- path to the executable have been set correctly: (`~/.bash_profile` is the file where user-specific shell configurations are stored (for bash shell users).)
echo 'export PATH=$PATH:/usr/local/bin' >> ~/.bash_profile
source ~/.bash_profile
5. **[Optinal- To remove older version of ansible if new version not configure]**
- Remove Ansible:
sudo yum remove ansible
6. **sshpass install: [If we don't want share manual public key by using aah-copy-id cmd then use this method]**
- Install the `epel-release` package:(This is for amazon linux2 AMI to enable to download sshpass)
- Enable amazon-linux-extras epel :
sudo amazon-linux-extras enable epel
- install epel-release:
sudo yum install epel-release
- After enabling the EPEL repository, install sshpass:
sudo yum install sshpass
### For Amazon-linux2:- Download older ansible using python2(Older Ansible-version)
- If Amazon linux 2 ami use then use following command for download Ansible (/etc/ansible/ansible.cfg this config file provide).
sudo amazon-linux-extras install ansible2
### Method 3:- for Install Ansible: (AMI- Amazon-linux)
- Install ansible-core, but in this ansible do not provide config file, generally ansible-config file loaction = **/etc/ansible/ansible.cfg**
sudo yum install ansible-core -y
- Command for check ansible version:
ansible --version
- We can create ansible config file manually:
NOTE: Fom General user we can't create config file so we need to go root or use sudo.
exit <<-- this helps to exit from General user
- On master Root user:
- Go inside **/etc/ansible** folder and create config file(ansible.cfg) use follw commands:
cd /etc/ansible
- Create ansible.cfg file:
touch ansible.cfg
- After we created ansible config file it is empty, So we pull file and copy in it for this use following command:
ansible-config init
- Copy to destination **/etc/ansible/ansible.cfg**:
ansible-config init --disabled > /etc/ansible/ansible.cfg
### Method 4th:-- [Installing Ansible with download extra package for yum:(AMI- Amazon-linux-2/Amazon-linux)]
sudo yum update -y
sudo amazon-linux-extras install epel -y
sudo yum install ansible -y
- Command for check ansible version and /etc/ansible/ansible.cfg location:
ansible --version
- **In this way we give pre-created ansible config file**
## Ansible Config file settings: [ansible.cfg]
- This Step is very important to run in every ansible version
- Ansible config file location-> /etc/ansible/ansible.cfg
Command for open ansible.cfg
vi /etc/ansible/ansible.cfg
1. **In this file we Add privilege escalation this give become method:**
2. **In this file we also uncomment ansible Inventory (remove semi colon):**
3. **Making host_key_checking is False:** (This is because while connecting to target by ssh the target node password ask, So deactive Host_key_checking)
- become=True: Enables privilege escalation (e.g., running tasks as root).
- become_method=sudo: Specifies that the sudo command is used for privilege escalation.
- become_user=root: Defines that the tasks will be executed as the root user (or any other user you specify).
- become_ask_pass=False: Prevents Ansible from prompting for the password when escalating privileges (assuming passwordless sudo or other configuration).
- Now ansible config file set-up:
- Create ansible inventory, Location is **/etc/ansible/host**:
vi /etc/ansible/host
- On "psadmin" general user (Master Node):
- Command for checking all hosts are connected or not:
ansible all -m ping
- Create & Run Ansible-Playbook:
vi web.yml
- Command for Run ansible-playbook:
ansible-playbook web.yml
- Check on target node httpd install or not:
rpm -q httpd
