読者です 読者をやめる 読者になる 読者になる

じっぱひとからげ

十把一絡げになんでもかんでもつづる。

Bulding testing invironment for Ansible according to "Ansible for Beginners"

I traced this article(Ansibleをはじめる人に。 - Qiita) to build testing invironment for Ansible.

Firstly I installed Vagrant. You can get the installer at this URL.  Click DOWNLOAD button.f:id:jippahitokarage:20161126111301p:plain

Choose the installer as you like.

f:id:jippahitokarage:20161126111318p:plain

Open the installer.  Double click Vagrant.pkg so it begins to install.  You just have to follow this install wizard.

f:id:jippahitokarage:20161126111542p:plain

Finished installing Vagrant

f:id:jippahitokarage:20161126111940p:plain

Next I installed VirtualBox.  You can get the installer at this URL.  Click Download VirtualBox button.f:id:jippahitokarage:20161126112047p:plain

Open the installer. Double click VirtualBox.pkg.  You just have to follow this install wizard.

f:id:jippahitokarage:20161126112752p:plain

Finished installing VirtualBox.

f:id:jippahitokarage:20161126112952p:plain

Let's check their version. 

$ vagrant -v
Vagrant 1.8.7 

$ VboxManage -v
5.1.10r112026 

That's all for preparing for installing Ansible.
Next I built virtual machines by Vagrant.  I made an directory for Vagrant.

$ mkdir vagrant
$ cd vagrant
$ vagrant init

Execute "vagrant init" so Vagrant generates Vagrantfile.  I edited this file according to bellow.

Vagrant.configure(2) do |config|
 config.vm.define "controller" do |node|
  node.vm.box = "centos6.7"
  node.vm.hostname = "controller"
  node.vm.network :private_network, ip: "192.168.100.10"
  node.vm.network :forwarded_port, id: "ssh", guest: 22, host: 2210
end
 config.vm.define "target" do |node|
  node.vm.box = "centos6.7"
  node.vm.hostname = "target"
  node.vm.network :private_network, ip: "192.168.100.20"
  node.vm.network :forwarded_port, id: "ssh", guest: 22, host: 2220
 end
end

 And excecute this command.

$ vagrant box add centos6.7 https://github.com/CommanderK5/packer-centos-template/releases/download/0.6.7/vagrant-centos-6.7.box

 If you have an error bellow so you shold reffer to this article (Solution of "vagrant add" error (An error occurred while downloading the remote file.) - じっぱひとからげ) I wrote.

$ vagrant box add centos6.7 https://github.com/CommanderK5/packer-centos-template/releases/download/0.6.7/vagrant-centos-6.7.box
==> box: Box file was not detected as metadata. Adding it directly...
==> box: Adding box 'centos6.7' (v0) for provider:
box: Downloading: https://github.com/CommanderK5/packer-centos-template/releases/download/0.6.7/vagrant-centos-6.7.box
An error occurred while downloading the remote file. The error
message, if any, is reproduced below. Please fix this error and try
again.

 

If you suceed you got messages like sucessflly.

$ vagrant box add centos6.7 https://github.com/CommanderK5/packer-centos-template/releases/download/0.6.7/vagrant-centos-6.7.box
==> box: Box file was not detected as metadata. Adding it directly...
==> box: Adding box 'centos6.7' (v0) for provider:
box: Downloading: https://github.com/CommanderK5/packer-centos-template/releases/download/0.6.7/vagrant-centos-6.7.box
==> box: Successfully added box 'centos6.7' (v0) for 'virtualbox'!

Next I started these virtual machine "controller" and "target". 

$ vagrant up
Bringing machine 'controller' up with 'virtualbox' provider...
Bringing machine 'target' up with 'virtualbox' provider...
==> controller: Importing base box 'centos6.7'...
==> controller: Matching MAC address for NAT networking...
==> controller: Setting the name of the VM: vagrant_controller_1480126123690_27574
==> controller: Clearing any previously set network interfaces...
==> controller: Preparing network interfaces based on configuration...
controller: Adapter 1: nat
controller: Adapter 2: hostonly
==> controller: Forwarding ports...
controller: 22 (guest) => 2210 (host) (adapter 1)
==> controller: Booting VM...
==> controller: Waiting for machine to boot. This may take a few minutes...
controller: SSH address: 127.0.0.1:2210
controller: SSH username: vagrant
controller: SSH auth method: private key
controller: Warning: Remote connection disconnect. Retrying...
controller:
controller: Vagrant insecure key detected. Vagrant will automatically replace
controller: this with a newly generated keypair for better security.
controller:
controller: Inserting generated public key within guest...
controller: Removing insecure key from the guest if it's present...
controller: Key inserted! Disconnecting and reconnecting using new SSH key...
==> controller: Machine booted and ready!
==> controller: Checking for guest additions in VM...
controller: The guest additions on this VM do not match the installed version of
controller: VirtualBox! In most cases this is fine, but in rare cases it can
controller: prevent things such as shared folders from working properly. If you see
controller: shared folder errors, please make sure the guest additions within the
controller: virtual machine match the version of VirtualBox you have installed on
controller: your host and reload your VM.
controller:
controller: Guest Additions Version: 4.3.30
controller: VirtualBox Version: 5.1
==> controller: Setting hostname...
==> controller: Configuring and enabling network interfaces...
==> controller: Mounting shared folders...
controller: /vagrant => /Users/xxxxxx/vagrant
==> target: Importing base box 'centos6.7'...
==> target: Matching MAC address for NAT networking...
==> target: Setting the name of the VM: vagrant_target_1480126209432_5679
==> target: Clearing any previously set network interfaces...
==> target: Preparing network interfaces based on configuration...
target: Adapter 1: nat
target: Adapter 2: hostonly
==> target: Forwarding ports...
target: 22 (guest) => 2220 (host) (adapter 1)
==> target: Booting VM...
==> target: Waiting for machine to boot. This may take a few minutes...
target: SSH address: 127.0.0.1:2220
target: SSH username: vagrant
target: SSH auth method: private key
target: Warning: Remote connection disconnect. Retrying...
target:
target: Vagrant insecure key detected. Vagrant will automatically replace
target: this with a newly generated keypair for better security.
target:
target: Inserting generated public key within guest...
target: Removing insecure key from the guest if it's present...
target: Key inserted! Disconnecting and reconnecting using new SSH key...
==> target: Machine booted and ready!
==> target: Checking for guest additions in VM...
target: The guest additions on this VM do not match the installed version of
target: VirtualBox! In most cases this is fine, but in rare cases it can
target: prevent things such as shared folders from working properly. If you see
target: shared folder errors, please make sure the guest additions within the
target: virtual machine match the version of VirtualBox you have installed on
target: your host and reload your VM.
target:
target: Guest Additions Version: 4.3.30
target: VirtualBox Version: 5.1
==> target: Setting hostname...
==> target: Configuring and enabling network interfaces...
==> target: Mounting shared folders...
target: /vagrant => /Users/xxxxxx/vagrant

 Let's check VMs status.  controller and target got running.

$ vagrant status
Current machine states:

controller running (virtualbox)
target running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.

I found these VMs running, I connected to controller using ssh.  username and password are below.

username = 'root'
password = 'vagrant'

When you want to connect to controller, you shold connect to localhost:2210 using ssh because Vagrantfile has definition of portforwarding.  When you connect to localhost:2210, you can connect to controller:22 using ssh. And you can connect to localhost:2220, you can connect to target:22 using ssh.

 $ ssh -p 2210 root@127.0.0.1
The authenticity of host '[127.0.0.1]:2210 ([127.0.0.1]:2210)' can't be established.
RSA key fingerprint is SHA256:DlfYowfYXbiO/fj3pF9Fu6WWE1pt/FV6XIw2YpHAWw0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:2210' (RSA) to the list of known hosts.
root@127.0.0.1's password:
[root@controller ~]# 

 Ansible needs python 2.6. Let's check it.

[root@controller ~]# python --version
Python 2.6.6

 I installed Ansible using yum.

[root@controller ~]# yum install ansible
読み込んだプラグイン:fastestmirror
インストール処理の設定をしています
Determining fastest mirrors
epel/metalink | 5.3 kB 00:00
* base: ftp.yz.yamagata-u.ac.jp
* epel: epel.mirror.angkasa.id
* extras: ftp.yz.yamagata-u.ac.jp
* updates: ftp.yz.yamagata-u.ac.jp
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:03
epel | 4.3 kB 00:00
epel/primary_db | 5.8 MB 00:01
extras | 3.4 kB 00:00
extras/primary_db | 37 kB 00:00
puppetlabs-pc1 | 2.5 kB 00:00
puppetlabs-pc1/primary_db | 92 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 3.7 MB 00:01
依存性の解決をしています
--> トランザクションの確認を実行しています。
---> Package ansible.noarch 0:2.2.0.0-3.el6 will be インストール
--> 依存性の処理をしています: sshpass のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-six のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-simplejson のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-setuptools のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-paramiko のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-keyczar のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-jinja2-26 のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-httplib2 のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: python-crypto2.6 のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> 依存性の処理をしています: PyYAML のパッケージ: ansible-2.2.0.0-3.el6.noarch
--> トランザクションの確認を実行しています。
---> Package PyYAML.x86_64 0:3.10-3.1.el6 will be インストール
--> 依存性の処理をしています: libyaml-0.so.2()(64bit) のパッケージ: PyYAML-3.10-3.1.el6.x86_64
---> Package python-crypto2.6.x86_64 0:2.6.1-2.el6 will be インストール
---> Package python-httplib2.noarch 0:0.7.7-1.el6 will be インストール
---> Package python-jinja2-26.noarch 0:2.6-3.el6 will be インストール
--> 依存性の処理をしています: python-babel >= 0.8 のパッケージ: python-jinja2-26-2.6-3.el6.noarch
--> 依存性の処理をしています: python-markupsafe のパッケージ: python-jinja2-26-2.6-3.el6.noarch
---> Package python-keyczar.noarch 0:0.71c-1.el6 will be インストール
--> 依存性の処理をしています: python-pyasn1 のパッケージ: python-keyczar-0.71c-1.el6.noarch
--> 依存性の処理をしています: python-crypto のパッケージ: python-keyczar-0.71c-1.el6.noarch
---> Package python-paramiko.noarch 0:1.7.5-2.1.el6 will be インストール
---> Package python-setuptools.noarch 0:0.6.10-3.el6 will be インストール
---> Package python-simplejson.x86_64 0:2.0.9-3.1.el6 will be インストール
---> Package python-six.noarch 0:1.9.0-2.el6 will be インストール
---> Package sshpass.x86_64 0:1.05-1.el6 will be インストール
--> トランザクションの確認を実行しています。
---> Package libyaml.x86_64 0:0.1.3-4.el6_6 will be インストール
---> Package python-babel.noarch 0:0.9.4-5.1.el6 will be インストール
---> Package python-crypto.x86_64 0:2.0.1-22.el6 will be インストール
---> Package python-markupsafe.x86_64 0:0.9.2-4.el6 will be インストール
---> Package python-pyasn1.noarch 0:0.0.12a-1.el6 will be インストール
--> 依存性解決を終了しました。

依存性を解決しました

================================================================================
パッケージ アーキテクチャ
バージョン リポジトリ
容量
================================================================================
インストールしています:
ansible noarch 2.2.0.0-3.el6 epel 4.7 M
依存性関連でのインストールをします。:
PyYAML x86_64 3.10-3.1.el6 base 157 k
libyaml x86_64 0.1.3-4.el6_6 base 52 k
python-babel noarch 0.9.4-5.1.el6 base 1.4 M
python-crypto x86_64 2.0.1-22.el6 base 159 k
python-crypto2.6 x86_64 2.6.1-2.el6 epel 513 k
python-httplib2 noarch 0.7.7-1.el6 epel 70 k
python-jinja2-26 noarch 2.6-3.el6 epel 527 k
python-keyczar noarch 0.71c-1.el6 epel 219 k
python-markupsafe x86_64 0.9.2-4.el6 base 22 k
python-paramiko noarch 1.7.5-2.1.el6 base 728 k
python-pyasn1 noarch 0.0.12a-1.el6 base 70 k
python-setuptools noarch 0.6.10-3.el6 base 336 k
python-simplejson x86_64 2.0.9-3.1.el6 base 126 k
python-six noarch 1.9.0-2.el6 base 28 k
sshpass x86_64 1.05-1.el6 epel 19 k

トランザクションの要約
================================================================================
インストール 16 パッケージ

総ダウンロード容量: 9.0 M
インストール済み容量: 44 M
これでいいですか? [y/N]y
パッケージをダウンロードしています:
(1/16): PyYAML-3.10-3.1.el6.x86_64.rpm | 157 kB 00:00
(2/16): ansible-2.2.0.0-3.el6.noarch.rpm | 4.7 MB 00:01
(3/16): libyaml-0.1.3-4.el6_6.x86_64.rpm | 52 kB 00:00
(4/16): python-babel-0.9.4-5.1.el6.noarch.rpm | 1.4 MB 00:00
(5/16): python-crypto-2.0.1-22.el6.x86_64.rpm | 159 kB 00:00
(6/16): python-crypto2.6-2.6.1-2.el6.x86_64.rpm | 513 kB 00:00
(7/16): python-httplib2-0.7.7-1.el6.noarch.rpm | 70 kB 00:00
(8/16): python-jinja2-26-2.6-3.el6.noarch.rpm | 527 kB 00:00
(9/16): python-keyczar-0.71c-1.el6.noarch.rpm | 219 kB 00:00
(10/16): python-markupsafe-0.9.2-4.el6.x86_64.rpm | 22 kB 00:00
(11/16): python-paramiko-1.7.5-2.1.el6.noarch.rpm | 728 kB 00:00
(12/16): python-pyasn1-0.0.12a-1.el6.noarch.rpm | 70 kB 00:00
(13/16): python-setuptools-0.6.10-3.el6.noarch.rpm | 336 kB 00:00
(14/16): python-simplejson-2.0.9-3.1.el6.x86_64.rpm | 126 kB 00:00
(15/16): python-six-1.9.0-2.el6.noarch.rpm | 28 kB 00:00
(16/16): sshpass-1.05-1.el6.x86_64.rpm | 19 kB 00:00
--------------------------------------------------------------------------------
合計 1.8 MB/s | 9.0 MB 00:05
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Importing GPG key 0x0608B895:
Userid : EPEL (6) <epel@fedoraproject.org>
Package: epel-release-6-8.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
これでいいですか? [y/N]y
rpm_check_debug を実行しています
トランザクションのテストを実行しています
トランザクションのテストを成功しました
トランザクションを実行しています
インストールしています : python-crypto-2.0.1-22.el6.x86_64 1/16
インストールしています : python-paramiko-1.7.5-2.1.el6.noarch 2/16
インストールしています : python-markupsafe-0.9.2-4.el6.x86_64 3/16
インストールしています : python-httplib2-0.7.7-1.el6.noarch 4/16
インストールしています : sshpass-1.05-1.el6.x86_64 5/16
インストールしています : python-setuptools-0.6.10-3.el6.noarch 6/16
インストールしています : python-crypto2.6-2.6.1-2.el6.x86_64 7/16
インストールしています : python-simplejson-2.0.9-3.1.el6.x86_64 8/16
インストールしています : python-pyasn1-0.0.12a-1.el6.noarch 9/16
インストールしています : python-keyczar-0.71c-1.el6.noarch 10/16
インストールしています : libyaml-0.1.3-4.el6_6.x86_64 11/16
インストールしています : PyYAML-3.10-3.1.el6.x86_64 12/16
インストールしています : python-six-1.9.0-2.el6.noarch 13/16
インストールしています : python-babel-0.9.4-5.1.el6.noarch 14/16
インストールしています : python-jinja2-26-2.6-3.el6.noarch 15/16
インストールしています : ansible-2.2.0.0-3.el6.noarch 16/16
Verifying : PyYAML-3.10-3.1.el6.x86_64 1/16
Verifying : python-babel-0.9.4-5.1.el6.noarch 2/16
Verifying : python-six-1.9.0-2.el6.noarch 3/16
Verifying : python-keyczar-0.71c-1.el6.noarch 4/16
Verifying : libyaml-0.1.3-4.el6_6.x86_64 5/16
Verifying : python-pyasn1-0.0.12a-1.el6.noarch 6/16
Verifying : ansible-2.2.0.0-3.el6.noarch 7/16
Verifying : python-simplejson-2.0.9-3.1.el6.x86_64 8/16
Verifying : python-crypto2.6-2.6.1-2.el6.x86_64 9/16
Verifying : python-crypto-2.0.1-22.el6.x86_64 10/16
Verifying : python-jinja2-26-2.6-3.el6.noarch 11/16
Verifying : python-paramiko-1.7.5-2.1.el6.noarch 12/16
Verifying : python-setuptools-0.6.10-3.el6.noarch 13/16
Verifying : sshpass-1.05-1.el6.x86_64 14/16
Verifying : python-httplib2-0.7.7-1.el6.noarch 15/16
Verifying : python-markupsafe-0.9.2-4.el6.x86_64 16/16

インストール:
ansible.noarch 0:2.2.0.0-3.el6

依存性関連をインストールしました:
PyYAML.x86_64 0:3.10-3.1.el6
libyaml.x86_64 0:0.1.3-4.el6_6
python-babel.noarch 0:0.9.4-5.1.el6
python-crypto.x86_64 0:2.0.1-22.el6
python-crypto2.6.x86_64 0:2.6.1-2.el6
python-httplib2.noarch 0:0.7.7-1.el6
python-jinja2-26.noarch 0:2.6-3.el6
python-keyczar.noarch 0:0.71c-1.el6
python-markupsafe.x86_64 0:0.9.2-4.el6
python-paramiko.noarch 0:1.7.5-2.1.el6
python-pyasn1.noarch 0:0.0.12a-1.el6
python-setuptools.noarch 0:0.6.10-3.el6
python-simplejson.x86_64 0:2.0.9-3.1.el6
python-six.noarch 0:1.9.0-2.el6
sshpass.x86_64 0:1.05-1.el6

完了しました!
[root@controller ~]#

 Let's check Ansible version.

[root@controller ~]# ansible --version
ansible 2.2.0.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides

I had controller to be able to connect to target without root password using ssh-key.

[root@controller ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
fc:4b:b4:c9:31:47:c0:97:41:ab:30:bb:42:02:93:57 root@controller
The key's randomart image is:
+--[ RSA 2048]----+
| E ...oo |
| . . ..o. |
| + . o .o |
| + . + o |
| . . S = . |
| o = * |
| . . * |
| . . . |
| . |
+-----------------+\

[root@controller ~]# ssh-copy-id root@192.168.100.20
The authenticity of host '192.168.100.20 (192.168.100.20)' can't be established.
RSA key fingerprint is 5c:97:4b:96:a2:41:a8:44:cc:70:b1:5e:8d:a7:a5:3b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.20' (RSA) to the list of known hosts.

root@192.168.100.20's password:

Now try logging into the machine, with "ssh 'root@192.168.100.20'", and check in:

 

  .ssh/authorized_keys

 

to make sure we haven't added extra keys that you weren't expecting.

 

 Try to connect to target from controller without root password.  

[root@controller ~]# ssh root@192.168.100.20
[root@target ~]# 

Exit target, Let's use Ansible.  I shold prepare inventory file.

[root@controller ~]# mkdir /ansible
[root@controller ~]# cd /ansible/
[root@controller ansible]# mkdir inventory
[root@controller ansible]# vi inventory/hosts

 inventory/hosts includes hosts' IP addresses.

[targets]
192.168.100.20

 Try to ping targets from controller using ansible.

[root@controller ansible]# ansible all -i inventory/hosts -m ping
192.168.100.20 | SUCCESS => {
"changed": false,
"ping": "pong"
}

That's all for building testing invironment for Ansible.