Ansible

New node bootstrap

Install required packages:

# apt-get install sudo openssh-server

Create the ansible deployment user:

# useradd -m -G sudo deploy

on Koumbit servers:

# useradd -m -G admins deploy

Copy the key:

# mkdir /home/deploy/.ssh
# chown deploy:deploy /home/deploy/.ssh
# chmod 0700 /home/deploy/.ssh
# wget -O /home/deploy/.ssh/authorized_keys https://www.example.org/files/xx-ansible-deploy.pub
# chown deploy.deploy /home/deploy/.ssh/authorized_keys

Configure sudo:

# echo "deploy   ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/deploy
# chmod 0640 /etc/sudoers.d/deploy

Tip: make sure you keep your ssh key encrypted with a passphrase, and restrict logins per-IP.

References:

https://dan.langille.org/2013/12/22/creating-a-new-ansible-node/

Running a playbook

See what hosts would be affected by a playbook before you run it:

# ansible-playbook foo.yml --list-hosts

Run it in single mode:

# ansible-playbook foo.yml

Run 10 “things” (servers?) in parallel:

# ansible-playbook foo.yml -f 10

Contents

New node bootstrap

Running a playbook