Nodes setting
Basic setting on each node
I’m going to log to my primary control node control01. The dedicated one as "control plane" for my Kubernetes cluster.
First, we should confirm that all our nodes are up:
#switch to root
sudo -su
#install nmap
apt install nmap
#scan local network range to see who is up
nmap -sP 192.168.0.1-254This confirmed all my nodes are up and connected. I’m going to use this primary node to connect to everything within this network. However, before we can leverage some automation with Ansible, there are a couple of manual tasks to do.
First, prepare /etc/hosts file on the one control node you are on right now:
# Edit /etc/hosts with your favorite editor, mine looks like:
127.0.0.1 localhost
192.168.0.10 control01 control01.local
192.168.0.11 cube01 cube01.local
192.168.0.12 cube02 cube02.local
192.168.0.13 cube03 cube03.local
192.168.0.14 cube04 cube04.local
192.168.0.15 cube05 cube05.local
192.168.0.16 cube06 cube06.local
192.168.0.17 cube07 cube07.localMaking life easier with Ansible
I’m going to use Ansible in a very simple manner so that everybody can understand what is going on. Of course, all of the following steps can be done via playbook, that you would run and leave for coffee…
Install Ansible
apt install ansibleNext, we need to create a file /etc/ansible/hosts, and add our hosts. In essence, here we define hosts and groups of hosts that Ansible will try to manage.
# Edit file /etc/ansible/hosts
[control]
control01 ansible_connection=local
[workers]
cube01 ansible_connection=ssh
cube02 ansible_connection=ssh
cube03 ansible_connection=ssh
cube04 ansible_connection=ssh
cube05 ansible_connection=ssh
cube06 ansible_connection=ssh
cube07 ansible_connection=ssh
[cube:children]
control
workersAbove, you can see I have added 3 groups: control, workers and cube. Name of the group is the one in between [ ]. This was split so that if I want to execute some actions only on control server, I use the “control” group. Group “cube” has children. This basically means that it’s a group of groups, and when I’m using cube I’m targeting every single node from the listed groups.
Variable: ansible_connection: we are telling Ansible how to connect to that host. The primary method is ssh, but I specified “local” for control01, because this is the node that we are running Ansible from. This way, it won’t try to ssh to itself.
Lastly, we are going to make it so that user root will be able to log in to other nodes from contro01 without the password using an ssh key. This step is optional, but after this you won’t need to type the password every time you run Ansible.
# Make sure you are user root
cd
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Do not fill anything in next command just enter
ssh-keygen -t rsa
# Copy keys to each node, for example:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube01
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube02
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube03
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cube04
.
.
.After this, we are ready for some mass settings with Ansible, but that will be in the next part. I’m trying to keep them shorter so that you don’t get overwhelmed by walls of text.
Your very first Ansible command
This is the last thing before we head on to the next article. We are going to check if Ansible is working fine and can connect to all nodes:
# Run following as root user
# We are going to execute ping via ansible, the "cube" is group we specified in /etc/ansible/hosts
# And if you rememeber this will execute the command on all nodes.
# -m mean we are going to use module, in our case module: ping
ubuntu@ubuntu:~$ ansible cube -m ping
#Result should be:
ubuntu@ubuntu:~$ ansible cube -m ping
control01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
cube02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
cube01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
cube03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
.
.
.