#ansible
My #Gentoo #linux #userstory in brief
Inspired by a post from 2019 by @know, here is my #linux #userstory in brief.
Back in early 2004 there was no #Ubuntu yet, and I was ready to go dualboot. So I started that journey with a #gentoo iso image because the documentation was excellent, verbose and taught you everything, so you knew what you were doing all along. I checked, the Gentoo Handbook still does this very well.
How rewarding a learning curve! 😁
The experience was so different from the S.u.S.E. ncurses-based installer that I had used once in 1998 or so, which hid everything behind menus and kinda put me off the idea. Pressing buttons doesn't teach you a thing, typing stuff after you understand what it'll do does. It was only upwards from then on.
Today I'm using setups closely following Sakaki's Installation Guide (https://wiki.gentoo.org/wiki/Sakaki%27sEFIInstall_Guide) on all my workstations with LVM, LUKS and GPG. Practically, today, the actual distribution used on a target system to configure, maintain and run does not matter much. Sadly, that set of Sakaki's instructions is not actively maintained any more.
With #ansible automation has gone far, and typed commands have been abstracted away for the most part. You declare what you want in playbooks, and whatever Gentoo, Ubuntu or #Debian have you is made to match the requirements. Hands-on commandline only gets you so far, won't scale to many hosts, and as much as clicking about a Windows UI to do stuff has limits at some point you'll be taking next steps. #Puppet, ansible, and #git are your friends. #Vagrant be useful still. You'll want to get to know them pretty soon if you haven't already.
So Gentoo initially gave me that joy of discovering technical details which make systems work. With the community on IRC and folks over at https://forums.gentoo.org/ you'll almost never hear "did you try turning it off and on again", but instead meet knowledgeable gentoo users who help you get to the bottom of it. Using gentoo means growth.
How was discovering your favourite distribution for you, and how have you been using it?
#servicepost
Tilde (~) does not expand to the user's home directory.
That does not work in #ansible's inventory:
[all:vars]
ansible_python_interpreter=/usr/bin/python
ansible_ssh_common_args="-F ~/.ssh/config.ansible"
[…]
That does work:
[all:vars]
ansible_python_interpreter=/usr/bin/python
ansible_ssh_common_args="-F {{ lookup('env', 'HOME') }}/.ssh/config.ansible"
[…]
Ich habe ein Playbook zum Updaten. Ausschnitt:
- name: Upgrade all packages (Debian)
apt:
upgrade: dist
allow_change_held_packages: yes
update_cache: yes
autoremove: yes
when:
- ansible_facts['distribution'] == "Debian"
Meistens funktioniert das, aber nicht immer. Ansible läuft dennoch fehlerfrei durch. Dann bleibt der Host in Zabbix rot, und Zabbix meint, es gäbe Updates.
Das sieht dann so aus:
root@zabbix:~# apt update
[…]
6 packages can be upgraded. Run 'apt list --upgradable' to see them.
root@zabbix:~# apt dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
apport dpkg dpkg-dev libdpkg-perl python3-apport python3-problem-report
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
Es funktioniert dann:
root@zabbix:~# apt -y dist-upgrade apport dpkg dpkg-dev libdpkg-perl python3-apport python3-problem-report
[…]
root@zabbix:~# echo $?
0
Ich würde das aber gerne Ansible erledigen lassen.
Weiß jemand, wie?
Ok, let's get into this #Ansible thing. Fresh #Debian #Linux, which Ansible playbooks (that is what they are called, right?) should I use?
I want to remove password of root, disable ssh login for root, create a user and add it to sudoers list (#sudo without password), add ssh key, disable login with password, set hostname, configure some DNS server on 127.0.0.1 and get the box to reboot.
Other useful things welcome.
Proprietary: Games, Red Hat Satellite (More #Ansible Vendor Lock-in), and Microsoft • Tux Machines ⇨ http://www.tuxmachines.org/node/161723 #GNU #Linux #TuxMachines
● NEWS ● #JeffGeerling ☞ Using an #Ansible playbook with an SSH bastion / jump host https://www.jeffgeerling.com/blog/2022/using-ansible-playbook-ssh-bastion-jump-host
Kubernetes - Déployer un cluster avec Kubespray sur des micro-VM
J’ai voulu pousser mes tests d’ignite en installant un cluster
kubernetes avec KubeSpray. 5 nodes (3 masters + workers). Ca marche !
https://blog.stephane-robert.info/post/kubernetes-cluster-ignite-footloose-kubespray/
#conteneurs #ansible
Ansible : comment installer prometheus/grafana et node exporter ?
https://xavki.blog/comment-installer-la-stack-de-monitoring-prometheus-grafana-avec-ansible/
#ansible
Kubeadm avec Vagrant et Ansible, idéal pour réviser votre certification !
https://blog.filador.fr/kubeadm-avec-vagrant-et-ansible-ideal-pour-reviser-votre-certification/
#virtualisation #conteneurs #ansible
4 unexpected ways to use #Ansible | Enable Sysadmin ⚓ https://www.redhat.com/sysadmin/unexpected-ways-use-ansible ䷉ #RedHat #IBM #GNU #Linux | more in http://schestowitz.com/2021/11/26/#latest
● NEWS ● #JanPietMens ☞ A cow and bull story about #Ansible https://jpmens.net/2021/11/18/a-cow-and-bull-story-about-ansible/