wiki:GENIExperimenter/Tutorials/SystematicExperimentationAnsible/Execute

Version 12 (modified by Hussamuddin Nasir, 3 months ago) (diff)

--

Systematic Experimentation (with Ansible)

Image Map

4. Configure and Initialize

4.1. Download the Ansible playbook

  1. Download the Ansible playbook, webpages, etc needed to configure the nodes.

    Use wget to download the tarball of files onto your local machine and use tar to uncompress it:

    mkdir ansible
    cd ansible
    wget https://github.com/GENI-NSF/geni-tutorials/raw/master/ansible/ansible.tar.gz
    tar zxvf ansible.tar.gz
    

4.2. Create the Ansible inventory file

omni comes with a script, readyToLogin which finds the login information for nodes in your slice. As of omni version 2.8, readyToLogin has an --ansible-inventory flag which generates the Ansible inventory, which is a flat file which tells Ansible the name and login information for your nodes.

  1. Create your Ansible inventory file:

    On your local machine:

    $ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o
    $ cat inventory
    

    Example output of running these commands:

    $ readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o
    Host info saved in inventory file: /Users/jdoe/projects/GENI/hellogeni/inventory
    
    $ cat inventory
    host-2  ansible_ssh_host=pc2.instageni.stanford.edu  ansible_ssh_port=31291
    host-1  ansible_ssh_host=pc2.instageni.stanford.edu  ansible_ssh_port=31290
    server-1  ansible_ssh_host=pcvm2-33.instageni.stanford.edu
    rt-1  ansible_ssh_host=pc2.instageni.stanford.edu  ansible_ssh_port=31292
    
    Tip Windows users should copy their 'inventory' file onto their node running the ansible client.
  2. Be sure your private key has been added to your SSH agent:
    ssh-add /path/to/your/private/key
    

    Example output of running these commands:

    $ ssh-add /home/lnevers/.ssh/geni_cert_portal_key
    Identity added: /home/lnevers/.ssh/geni_cert_portal_key (/home/lnevers/.ssh/geni_cert_portal_key)
    
  3. Check to see if your nodes are up and ready.

    This command uses the ping module to ping the specified nodes (in this case all) listed in the inventory file:

    $ ansible -i inventory all -m ping 
    

    Example output showing all of the nodes responding to ping:

    $ ansible -i inventory all -m ping 
    server-1 | success >> {
        "changed": false,
        "ping": "pong"
    }
    
    host-1 | success >> {
        "changed": false,
        "ping": "pong"
    }
    
    rt-1 | success >> {
        "changed": false,
        "ping": "pong"
    }
    
    host-2 | success >> {
        "changed": false,
        "ping": "pong"
    }
    
  4. Try using the ping module in Ansible to only ping server-1 or host-1 by replacing all in the above with server-1 or host-1.

4.3. Configure the nodes

Tip Ansible commands can be collected into files called Playbooks. Playbooks are in a configuration file format called YAML which is very straightforward. In particular, Ansible Ad Hoc commands easily map to commands used in an Ansible Playbook.

The Playbook to configure the server node is in server.yml. It links to other files. For example, the code to tell the server node to run an nmap scan and post the results is in roles/nmap/tasks/map.yml and looks as follows:

---
   - name: map network using nmap
     command: nmap -sP -oX {{ nmap_xml_file }} {{ address_range }}
   - name: convert nmap xml to html
     shell:  xsltproc /usr/share/nmap/nmap.xsl {{ nmap_xml_file }} > {{ nmap_html_file }}
   - name: create directory for nmap logs in WEB_ROOT/nmaplogs with permissions of 755
     file: >
        dest={{ WEB_ROOT }}/{{ nmap_dir }}
        state=directory
        mode=755
   - name: copy nmap html file to a public place
     command: mv {{ nmap_html_file }} {{ WEB_ROOT }}/{{ nmap_dir }}/nmap.html removes={{ nmap_html_file }}
  1. Edit the file group_vars/all.yml so that the address_range variable uses the IP subnet from your topology. It should look like this:
    address_range: 10.10.1.1-10
    
  2. Run the playbook to configure the server with the following command on the local machine:
    ansible-playbook server.yml -i inventory --limit server
    
  3. Browse to hostname of the server node in your browser. Click on the nmap link.
  4. If this looks ok, run the following to install the code on both of your servers:
    ansible-playbook server.yml -i inventory
    
  5. Browse to the hostname of the server-0 node in your browser.

4.4. Update a portion of the configuration

  1. Run the following command to only update the nmap portion of the server configuration:
    ansible-playbook update-map.yml -i inventory
    
  2. Feel free to change the value of address_range in groups_vars/all.yml and rerun update-map.yml to search for different nodes.

5. Execute Experiment

For a real experiment, you would now run your procedure.


Setup

Next: Finish