Version 28 (modified by 9 years ago) (diff) | ,
---|
Appendix: Installing software using the Ansible Configuration Management tool
Tools:
To run this exercise, you will need two pieces of software. If you haven't already, get or install these now:
omni
installed on your local machine (instructions), andansible
installed on your local machine (find the instructions for your package manager here).Windows users should have done the following steps before they reserved their resources.
Before reserving their resources, Windows users should have followed the instructions for setting up a separate GENI node for running Ansible.
Resources:
- Ansible Resources:
Instructions
1. Establish the Environment
- Download the Ansible playbook, webpages, etc needed to configure the nodes.
Use
wget
to download the tarball of files onto your local machine and usetar
to uncompress it:wget http://www.gpolab.bbn.com/exp/scalingup/ansible/ansible.tar.gz tar zxvf ansible.tar.gz cd ansible
2. Configure and Initialize
omni
comes with a script, readyToLogin
which finds the login information for nodes in your slice. As of omni
version 2.8, readyToLogin
has an --ansible-inventory
flag which generates the Ansible inventory, which is a flat file which tells Ansible the name and login information for your nodes.
- Create your Ansible inventory file:
On your local machine:
$ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o $ cat inventory
Example output of running these commands:
$ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o Host info saved in inventory file: /Users/jdoe/projects/GENI/hellogeni/inventory $ cat inventory host-2 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31291 host-1 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31290 server-1 ansible_ssh_host=pcvm2-33.instageni.stanford.edu rt-1 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31292
Windows users should copy their 'inventory' file onto their node running the ansible client. - Be sure your private key has been added to your SSH agent:
ssh-add /path/to/your/private/key
- Check to see if your nodes are up and ready.
This command uses the
ping
module to ping the specified nodes (in this caseall
) listed in the inventory file:$ ansible -i inventory all -m ping
Example output showing all of the nodes responding to ping:
$ ansible -i inventory all -m ping server-1 | success >> { "changed": false, "ping": "pong" } host-1 | success >> { "changed": false, "ping": "pong" } rt-1 | success >> { "changed": false, "ping": "pong" } host-2 | success >> { "changed": false, "ping": "pong" }
- Try using the ping module in Ansible to only ping
server-1
orhost-1
by replacingall
in the above withserver-1
orhost-1
.
3. Configure the nodes
Ansible commands can be collected into files called Playbooks. Playbooks are in a configuration file format called YAML which is very straightforward. In particular, Ansible Ad Hoc commands easily map to commands used in an Ansible Playbook. |
The Playbook to configure the server
node is in server.yml
. It links to other files. For example, the code to tell the server
node to run an nmap
scan and post the results is in roles/nmap/tasks/map.yml
and looks as follows:
--- - name: map network using nmap command: nmap -sP -oX {{ nmap_xml_file }} {{ address_range }} - name: convert nmap xml to html shell: xsltproc /usr/share/nmap/nmap.xsl {{ nmap_xml_file }} > {{ nmap_html_file }} - name: create directory for nmap logs in WEB_ROOT/nmaplogs with permissions of 755 file: > dest={{ WEB_ROOT }}/{{ nmap_dir }} state=directory mode=755 - name: copy nmap html file to a public place command: mv {{ nmap_html_file }} {{ WEB_ROOT }}/{{ nmap_dir }}/nmap.html removes={{ nmap_html_file }}
Do these commands look like the Ad Hoc command (ping
) from the previous step?
Run the playbook to configure the server
with the following command on the local machine:
ansible-playbook server.yml -i inventory
- Browse to hostname of the server node in your browser. Click on the
nmap
link.
4. Update a portion of the configuration
- After some of your neighbors have brought up their nodes, run the following command to only update the
nmap
portion of theserver
configuration:ansible-playbook update-map.yml -i inventory
- If you repeatedly run the above command over time you should see more nodes found by the
nmap
scan. - Feel free to change the value of
address_range
ingroups_vars/all.yml
and rerunupdate-map.yml
to search for more nodes.