A small project to automate the provisioning of 2 small ARM servers (managed nodes) running Unifi Controller, Homebridge, Plex, etc. My stack of choise is Ansible with Raspbian and Ubuntu for the servers.
Ansible is an agentless automation tool that you install on a control node. From the control node, Ansible manages machines and other devices remotely (by default, over the SSH protocol).
I'm using my Windows laptop as a Control Node with Ubuntu subsystem, as described in more depth here. More on WSL in the last section.
sudo apt update
sudo apt install software-properties-common
sudo apt-add-repository --yes --update ppa:ansible/ansible
sudo apt install ansible
These are the servers that need to be configured on the Controller Node. Ansible keeps an inventory of managed nodes in /etc/ansible/hosts
. More on inventory here.
sudo nano /etc/ansible/hosts
I edited this file by adding the IP addresses of the 2 servers at the begining of the file and [microservers]
group.
[microservers]
<USERNAME>@<IP-ADDRESS>
<USERNAME>@<IP-ADDRESS>
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
This will enable seamless login from my laptop to the servers. More here
sudo apt install openssh-client
Then I was able to generate a public key. I chose not to use a passphrase and I saved the path of the generated certificate, usually linked to: ~/.ssh/id_rsa.pub
.
ssh-keygen -t rsa
I will need to replace <USERNAME>@<IP-ADDRESS>
for each server. This command will ask for the password.
cat ~/.ssh/id_rsa.pub | ssh <USERNAME>@<IP-ADDRESS> 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'
To test that all went well, I use ssh to login to the servers, without using a password:
ssh <USERNAME>@<IP-ADDRESS>
Running the ping command on all the inventory should return a JSON message for each host.
ansible all -m ping
<USERNAME>@<IP-ADDRESS> | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
<USERNAME>@<IP-ADDRESS> | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
Edit Ansible configuration file
sudo nano /etc/ansible/ansible.cfg
and add below [defaults]
line:
# config file for ansible -- https://ansible.com/
# ===============================================
# nearly all parameters can be overridden in ansible-playbook
# or with command line flags. ansible will read ANSIBLE_CONFIG,
# ansible.cfg in the current working directory, .ansible.cfg in
# the home directory or /etc/ansible/ansible.cfg, whichever it
# finds first
[defaults]
interpreter_python=auto_silent