= Appendix: Installing software using the Ansible Configuration Management tool =
== Tools: ==
To run this exercise, you will need two pieces of software. If you haven't already, get or install these now:
i. `omni` installed on your local machine ([http://trac.gpolab.bbn.com/gcf/wiki#GettingStarted instructions]), and
i. `ansible` installed on your local machine ([http://docs.ansible.com/intro_installation.html#latest-release-via-yum find the instructions for your package manager here]).
{{{
#!div style="background: #fdd; border: 3px ridge; width: 800px;"
Windows users should have done the following steps before they reserved their resources.
{{{
#!html
}}}
}}}
== Resources: ==
* Ansible Resources:
- A third party [https://serversforhackers.com/an-ansible-tutorial Getting Started with Ansible walk through]
- [http://docs.ansible.com/modules_by_category.html Ansible Module Documentation]
== Instructions ==
=== 1. Establish the Environment ===
a. Download the Ansible playbook, webpages, etc needed to configure the nodes.
{{{
#!div style="background: #ffd; border: 3px ridge; width: 800px;"
Use `wget` to download the tarball of files onto your local machine and use `tar` to uncompress it:
{{{
#!sh
wget http://www.gpolab.bbn.com/experiment-support/XXXXX.tar.gz
tar zxvf XXXXXX.tar.gz
}}}
}}}
=== 2. Configure and Initialize ===
`omni` comes with a script, `readyToLogin` which finds the login information for nodes in your slice. As of `omni` version 2.8, `readyToLogin` has an `--ansible-inventory` flag which generates the Ansible inventory, which is a flat file which tells Ansible the name and login information for your nodes.
a. Create your Ansible inventory file:
{{{
#!div style="background: #ffd; border: 3px ridge; width: 800px;"
On your local machine:
{{{
#!sh
$ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o
$ cat inventory
}}}
Example output of running these commands:
{{{
#!sh
$ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o
Host info saved in inventory file: /Users/jdoe/projects/GENI/hellogeni/inventory
$ cat inventory
host-2 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31291
host-1 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31290
server-1 ansible_ssh_host=pcvm2-33.instageni.stanford.edu
rt-1 ansible_ssh_host=pc2.instageni.stanford.edu ansible_ssh_port=31292
}}}
}}}
{{{
#!div style="background: #fdd; border: 3px ridge; width: 800px;"
{{{
#!html
|
Windows users should copy their 'inventory' file onto their node running the ansible client.
|
}}}
}}}
b. Be sure your private key has been added to your SSH agent:
{{{
#!div style="background: #ffd; border: 3px ridge; width: 800px;"
{{{
ssh-add /path/to/your/private/key
}}}
}}}
c. Check to see if your nodes are up and ready.
{{{
#!div style="background: #ffd; border: 3px ridge; width: 800px;"
This command uses the `ping` module to ping the specified nodes (in this case `all`) listed in the inventory file:
{{{
#!sh
$ ansible -i inventory all -m ping
}}}
Example output showing all of the nodes responding to ping:
{{{
#!sh
$ ansible -i inventory all -m ping
server-1 | success >> {
"changed": false,
"ping": "pong"
}
host-1 | success >> {
"changed": false,
"ping": "pong"
}
rt-1 | success >> {
"changed": false,
"ping": "pong"
}
host-2 | success >> {
"changed": false,
"ping": "pong"
}
}}}
}}}
c. Try using the ping module in Ansible to only ping `server-1` or `host-1` by replacing `all` in the above with `server-1` or `host-1`.
=== 3. Configure the nodes ===
{{{
#!div style="background: #ffd; border: 3px ridge; width: 800px;"
{{{
#!html
|
Ansible commands can be collected into files called Playbooks. Playbooks are in a configuration file format called YAML which is very straightforward. In particular, Ansible Ad Hoc commands easily map to commands used in an Ansible Playbook.
|
}}}
The Playbook to configure the `server` node is in `server.yml`. It links to other files. For example, the code to tell the `server` node to run an `nmap` scan and post the results is in `roles/nmap/tasks/map.yml` and looks as follows:
{{{
#!python
---
- name: map network using nmap
command: nmap -sP -oX {{ nmap_xml_file }} {{ address_range }}
- name: convert nmap xml to html
shell: xsltproc /usr/share/nmap/nmap.xsl {{ nmap_xml_file }} > {{ nmap_html_file }}
- name: create directory for nmap logs in WEB_ROOT/nmaplogs with permissions of 755
file: >
dest={{ WEB_ROOT }}/{{ nmap_dir }}
state=directory
mode=755
- name: copy nmap html file to a public place
command: mv {{ nmap_html_file }} {{ WEB_ROOT }}/{{ nmap_dir }}/nmap.html removes={{ nmap_html_file }}
}}}
''Do these commands look like the Ad Hoc ping command from the previous step?''
Run the playbook to configure the `server` with the following command on the local machine:
{{{
#!python
ansible-playbook server.yml -i inventory
}}}
}}}
a. Browse to hostname of the server node in your browser. Click on the `nmap` link.
=== 4. Update a portion of the configuration ===
a. After some of your neighbors have brought up their nodes, run the following command to only do the nmap portion of the `server` configuration:
{{{
#!python
ansible-playbook update-map.yml -i inventory
}}}
a. Over time you should see more nodes found by the nmap scan.
a. Change the value of `address_range` in `groups_vars/all.yml` and rerun `update-map.yml` to search for more nodes.