Managing a lot of servers is not an easy job, we need to plan and create a good and manageable Ansible Playbook to implement Ansible properly.
Since then, we are all agree that it is hard to manage a lot of server at once. For example, you have installed 50 VMs/Servers with fresh OS and need to add some users into it.
Thus, In this class we will learn how to add some users to the servers using Ansible Playbook.
First, create a folder called ansible_try
Under folder ansible_try, create files for inventory and YML master playbook.
For inventory file, please fill with the lists of the IP address server.
[allserver]
192.168.20.183
192.168.20.184
Then, create a YML file for master playbook
hosts: allservers
gather_facts: false
roles:
- usergroup
Then, go to Task folder and create file as below:
main.ym
import_tasks: configureSudoers.yml
import_tasks: configureUsers.yml
__________________________________________________
configureSudoers.yml
name: Create Engineer Group
group: name=engineer state=present
ignore_errors: yes
become: true
tags:
- sudoersgroup
name: Engineer Group As Sudoers
copy: src=sudoers.d/00-engineer.j2 dest=/etc/sudoers.d/00-engineer
owner=root
group=root
mode=440
backup=no
ignore_errors: yes
become: true
tags:
- sudoersgroup
_________________________________________________
configureUsers.yml
name: Manage Users SA
user:
name: "{{ item.key }}"
state: "{{ item.value.state }}"
groups: "{{ item.value.groups }}"
shell: "{{ item.value.shell }}"
with_dict: '{{users_sa}}'
become: true
tags:
- usergroup
name: Manage User Keys SA
authorized_key:
user: "{{ item.key }}"
state: present
key: "{{ lookup('file', item.value.authkey) }}"
with_dict: '{{users_sa}}'
become: true
tags:
- usergroup
name: Remove inactive User
user:
name: "{{ item.key }}"
state: "{{ item.value.state }}"
remove: "{{ item.value.remove }}"
with_dict: '{{ inactiveUsers }}'
become: true
tags:
- usergroup
- remove
main.ymlusers_sa:
user1:
name: user1
state: present
groups: engineer
shell: /bin/bash
authkey: authkeys/user1.pub
users_noc:
user2:
name: user2
state: present
groups: engineer
shell: /bin/bash
authkey: authkeys/user.pubinactiveUsers:
alfian:
state: absent
remove: yes
ansible-playbook -i inventory usergroup.yml -u ubunt
u
PLAY [allserver] *************************************************************************************************************************************
TASK [usergroup : Create Engineer Group] *************************************************************************************************************
ok: [192.168.20.184]
ok: [192.168.20.183]
TASK [usergroup : Engineer Group As Sudoers] *********************************************************************************************************
changed: [192.168.20.183]
changed: [192.168.20.184]
TASK [usergroup : Manage Users SA] *******************************************************************************************************************
ok: [192.168.20.183] => (item={'key': 'user1', 'value': {'name': 'user1', 'state': 'present', 'groups': 'engineer', 'shell': '/bin/bash', 'authkey': 'authkeys/user1.pub'}})
ok: [192.168.20.184] => (item={'key': 'user1', 'value': {'name': 'user1', 'state': 'present', 'groups': 'engineer', 'shell': '/bin/bash', 'authkey': 'authkeys/user1.pub'}})
ok: [192.168.20.183] => (item={'key': 'user2', 'value': {'name': 'user2', 'state': 'present', 'groups': 'engineer', 'shell': '/bin/bash', 'authkey': 'authkeys/user2.pub'}})
ok: [192.168.20.184] => (item={'key': 'user2', 'value': {'name': 'user2', 'state': 'present', 'groups': 'engineer', 'shell': '/bin/bash', 'authkey': 'authkeys/user2.pub'}})
TASK [usergroup : Remove inactive User] **************************************************************************************************************
ok: [192.168.20.183] => (item={'key': 'alfian', 'value': {'name': 'alfian', 'state': 'absent', 'remove': True}})
ok: [192.168.20.184] => (item={'key': 'alfian', 'value': {'name': 'alfian', 'state': 'absent', 'remove': True}})
PLAY RECAP *******************************************************************************************************************************************
192.168.20.183 : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.20.184 : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
ansible allserver -m shell -a "lsb_release -a" -i inventory -u ubuntu
192.168.20.184 | CHANGED | rc=0 >>
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenialNo LSB modules are available.
192.168.20.183 | CHANGED | rc=0 >>
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenialNo LSB modules are available.
To manage a lot of servers, you need to learn how to run ansible post the installation. Eager to know more? Visit our site.