Pictured above is an Ansible Ping verifying Connectivity to my two VM Hosts
(I was so excited about getting this working properly I had to share, no idea if this is well known knowledge, but wanted to post / sticky it just in case!)
First you will need to have a main VM, which I do for all things Ubuntu in DevNet, as well as two VMs that will serve as your Automation Clients, being that I already ran through the setup on everything I created a text file with needed commands.
I ran into some issues while setting it up that caused me to rebuild the Cient VMs a few times, and on the working run I used the same creds on all 3 devices, so not sure if that is part of getting this particular lab setup to succeed but I’d advise it!
Once the two Automation Clients are setup, you will want to run this on the main VM:
^^^ These will also be actually executed in the Ubuntu Terminal / Bash shell.
You will want to run the first 4-5 non-Ansible commands on all VMs so they have both version of Python, PIP, and net-tools so you can ‘ifconfig’ to get your VMs IP Addresses – The rest of the commands will be on your Main VM only hosting Ansible.
The final “ansible -m ping localhost” is just a test that Ansible installed properly, and you are ready for step 2, which is using “ifconfig” to get get the two client IPs to map in a DNS way so you can connect via VM name rather than IP (so name the VMs intuitive).
Once you do a “sudo nano /etc/hosts” it will bring you into a file where you will want to add your two VM entries as shown here for autovm1 and autovm2, hit ctrl+x, y, enter:
Don’t adjust anything else, just add your hosts exactly as shown here, and once you ctrl + x / y / enter to save on your way out you should now be able to ping the clients by name.
NOTE – Do not put a / at the end of “/etc/host” or you will open a blank file!
Next will be setting up SSH between all hosts, the first one you will want to focus on is the Main VM to run the command “ssh-keygen” and hit enter LEAVING THE FIELDS BLANK(!) when it asks if you want to enter a password or it will cause issues!
If you accidentally got ahead of the instructions and entered a PW in the “ssh key-gen” simply type it again to overwrite the old keys before proceeding this time leaving the field blank, or you will end up spinning up two new Client VMs!
(Note – You will need “sudo apt install net-tools” to get your ifconfig info on all VMs)
Next you will go to your Client VMs BUT WILL NOT GENERATE A KEY(!!), but rather type “sudo apt install openssh-server” on both of them, this will allow them to accept SSH Connections and the Main VM being the only one holding a Public Key will allow access to these VMs without the need to type a password (to allow Automation).
ANOTHER NOTE – Make sure to install openssh-server and not just openssh on Clients!
Then go back to the main VM and do “ssh-copy-id -i .ssh/id_rsa.pub (remote client name” which you will do for both Hosts from the Main VM, which will bring up a prompt that will ask for the Root PW of the Client VM, which is why I made all my creds the same as something was not working so making them all the same it was just easier!
Again do this to both Client VM’s, and once it appears you are Authenticated to SSH via your public SSH Key, you will then want to SSH into each Client VM both to test and to issue a command on each Client VM “sudo visudo” to allow your Main VM name (if they are not all the same) the following permission per this line:
^^ You will want to add this line to the bottom of this file, and ctrl+x / y / enter to save and exit so your username will have full root access on this Client, and repeat for the second client as well to both test SSH and set this permission for yourself.
To get back to your Main VM from the SSH session you just type ‘exit’ to close and ‘ssh (clientVMname)’ to resume at any time, and then the final piece that will actually fully setup the “Automation” open connectivity we need is to set what is called an “Inventory File” which consists of of making a grouping enclosed in brackets followed by the names or IPs of the hosts by typing in “sudo nano /etc/ansible/hosts” as shown here:
In this example I intentionally setup the autovm1 and autovm2 in their own groups as indicated by the brackets [host1] and [host2], so that I could demonstrate the concept of making a children object that will group together as many of the groupings as you want.
Again this is adjusted at the bottom of this file exactly as shown, save on your out with ctrl+x / y / enter, and then you can now ping these hosts in Ansible by Host, Groups, or by the Parent name to ping or issue a command to all address objects attached to it:
This was like a WOW moment to me, as the ping is just a demonstration with single host “groups” and two groups defined as the children to show the parent/child configuration, but think of how powerful being able to define which groups get which commands?
You could make groups like [switches] / [routers] / [wlcs] / ANYTHING, and then you can make as many parent:child entries that group these groups together as well to issue batch commands from a single host to every device on the network – Automation is now 100% open for business and we know how to add more hosts / groups / children as we need to accomplish tasks which makes this just ridiculously powerful.
Anyhow I just wanted to get on here to show how you can demo Ansible with 3 VMs!
This is platform independent, its flexible, and just an incredibly powerful automation tool where you can easily leverage this to tool to be triggered by a CI/CD Pipeline Tool like Jenkins (which I admittedly have yet to explore) to trigger events to happen every so often to whichever devices you want them to happen to that is vendor neutral.
What a beautiful tool, I was so excited I just wanted to post this demo for others to get their feet wet with configuring this and understanding the setup requirements to make Automation possible (no password prompts for your username / one way SSH / grouping different devices together to even run them all at once manually and have all configs just kaboom hit the network like a bolt of Automation lightning from the skies! 😀
Ok back to playing with my new toy, wanted to throw up a quick demo config for others to play with and for myself at a later time for reference – Until next time!
The DEVNET GRIND! 