Ansible
This material is work-in-progress ... At the moment Alpine Linux can't be used |
ansible is a simple configuration management, deployment, task-execution, and multinode orchestration framework. It uses SSH for the communication between the involved systems, no server or client daemons are needed, and no additional software beside Python on client boxes is required.
Installation of ansible
ansible is available in testing. The latest package is broken, sorry.
apk add ansible
Create a SSH key
Generate a SSH key for the managed node. It's recommended to use a key which is protected with a password.
ssh-keygen -t rsa
Managed nodes
There are only minimal requirements for the clients. For every system you want to manage, you need to have the client's SSH key in the authorized_keys
file of the management system and Python.
Install the Python package.
apk add python
Transfer the SSH key
There are two ways to do it. From a default Alpine installation you can use ssh and cat to do it.
ssh root@[IP of the management system] 'cat ~/.ssh/id_rsa.pub' | cat - >> ~/.ssh/authorized_keys
If you are planning to use additional features of SSH. ssh-copy-id
, which is provided by the openssh-client
package, can help you with the key setup.
ssh-copy-id -i ~/.ssh/id_rsa.pub root@[IP of the management system]
Setup hosts
Add all your remote systems to /etc/ansible/hosts
. For details, please refer to Hosts and Groups in the ansible documentation.
Contents of /etc/ansible/hosts
First test
$ ansible all -m ping -u you --sudo
Another test is check all variables.
# ansible [IP of your Alpine Linux box] -m setup
Playbooks
When writing playbooks for Alpine Linux there are some issues:
- At the moment APK is not supported natively by Ansible. But the following will work
action: command /sbin/apk add lighttpd
- Same with the OpenRC, the Init System
action: command /etc/init.d/lighttpd start
- If you are going to re-use playbooks from other Linux distribution, please keep in mind that Alpine Linux uses different paths for the binaries.
/bin/rm