The wind blows wherever it pleases. You hear its sound, but you cannot tell where it comes from or where it is going.
In comparison with ad-hoc commands, playbooks are used in complex scenarios, and they offer increased flexibility. Playbooks use YAML format, so there is not much syntax needed, but indentation must be respected. Ansible playbooks tend to be more of a configuration language than a programming language.
Tailing /var/log/secure on the target machine is a lot more useful :
|
1 2 3 4 |
sudo tail -f /var/log/secure Sep 14 01:26:31 new-server sshd[22107]: Authentication refused: bad ownership or modes for directory /home/dave/.ssh Sep 14 01:26:46 new-server sshd[22108]: Connection closed by 98.76.54.32 |
Finally we’re getting somewhere – bad ownership or modes for directory /home/dave/.ssh.
SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :
|
1 2 3 |
chmod g-w /home/your_user chmod 700 /home/your_user/.ssh chmod 600 /home/your_user/.ssh/authorized_keys |
You can also get around this by adding StrictModes off to your ssh_config file, but I’d advise against it – fixing permissions is the way to go.
One of the simplest ways Ansible can be used is by using ad-hoc commands. These can be used when you want to issue some commands on a server or a bunch of servers. Ad-hoc commands are not stored for future uses but represent a fast way to interact with the desired servers.
Ansible is an open source configuration management and orchestration utility. It can automate and standardize the configuration of remote hosts and virtual machines. Its orchestration functionality allows Ansible to coordinate the launch and graceful shutdown of multitiered applications. Because of this, Ansible can perform rolling updates of multiple systems in a way that results in zero downtime.
Continue reading “Ansible – Inventory”