Ansible

Bootstrap your Linux server with Ansible

Ansible
Ansible

Introduction

Like me a lot of you homelabbers will probably roll out multiple Linux servers for production or test purposes. Alot of these tasks repetitive tasks. To make your deploying easier and take less time I will share my Ansible playbooks that I use to do almost all of the standard tasks for me.

Starting with the basics

After installing the basic Linux operating system we need to make sure that we can reach the server with SSH. This is needed for Ansible to function. In the most recent Ubuntu LTS release, 20.04 as of writing this post, we have the option to pull in the SSH public keys from GitHub. I have my public key available there so it’s inserted in the installation. In the installation menu for Ubuntu I always create the user “ansible”. With this user I will later run my bootstrap playbooks.

After you have installed the Linux operating system we need to make sure the server is reachable by Ansible. My previous post about Updating your Homelab with Ansible has everything explained to setup your Ansible inventory file. Put the hostname of the new Linux server in the inventory file.

We now should have the following things set:

  • The “ansible” user.
  • SSH key set on the “ansible” user.
  • Ansible inventory file setup with the hostname of the new server.

Configuring the bootstrap playbook

So we now have everything setup to run the bootstrap playbook.

First pull down the bootstrap playbook from GitHub.

git clone https://github.com/TiZuTech/ansible-homelab.git

You should now have the following folder structure:

bootstrap/
├── bootstrap.yml
└── roles
    └── bootstrap
        ├── defaults
        │   └── main.yml
        └── tasks
            ├── main.yml
            ├── open-vm-tools.yml
            ├── sshd.yml
            ├── update_os.yml
            ├── users.yml
            └── zabbix_agent.yml

4 directories, 8 files

Here we have multiple .yml files which configure multiple settings after the installation.

  • bootstrap.yml – The .yml containing includes for all the other needed .yml files.
  • roles/bootstrap/defaults/main.yml – The main .yml file that has all the variables used in the other .yml files.
  • roles/bootstrap/tasks/main.yml – The .yml including all the tasks .yml files.
  • roles/bootstrap/tasks/open-vm-tools.yml – Used for installing the VMware open-vm-tools.
  • roles/bootstrap/tasks/sshd.yml – Configuring SSH.
  • roles/boostrap/tasks/update_os.yml – Updates the Debian Linux based OS.
  • roles/boostrap/tasks/users.yml – Configures the local users and SSH keys.
  • roles/boostrap/tasks/zabbix_agent.yml – Installs and configures the Zabbix agent.

The only .yml file that needs to be editted is the roles/bootstrap/defaults/main.yml file. Like stated above. This file has all the variables that are used in the playbook. For example my .yml file looks like:

create_user: tizu
create_group: tizu
ssh_key_location: ~/.ssh/id_ed25519.pub
ssh_port: 22
ssh_permit_root_login: false
zabbix_server: zabbix.tizutech.com, 5.22.251.130

The file defines the following things

  • create_user – The users to create.
  • create_group – The groups to create.
  • ssh_key_location – The location of the SSH public key to copy over.
  • ssh_port – The SSH port to configure.
  • ssh_permit_root_login – The SSH permit root login setting.
  • zabbix_server – The Zabbix server settings to configure in the Zabbix configuration file.

Edit the parameters to your needs.

Running the bootstrap Ansible playbook

So we now have everything needed to run the bootstrap Ansible playbook. If you have everything configured correctly this is the simplest step.

Run the ansible-playbook command with a couple of parameters:

ansible-playbook ansible/playbooks/bootstrap/bootstrap.yml -K --limit "hostname"

This command will run the ansible-playbook command with the bootstrap.yml and limits it to the newly created Linux server. The -K parameter will ask for the sudo password so it will correctly elevate to run the bootstrap playbook.

Conclusion

This guide should be a starting point for you to setup your own bootstrapping Ansible playbook to reduce the time and steps needed to roll out new Linux servers for testing or production. Feel free to post a comment with your additions to the playbook so we can all benefit from it.

Leave a Reply

Your email address will not be published.