This could be the most underrated channel in YT!! You are doing a great job and I hope your subscribers exploded to find this hidden treasure!! Have enjoyed a lot of your videos and super advanced Sysadmin and Devops! 🙌
Very informative Christian! So many dont provide the details on real world Ansible setup for many servers with different passwords. Thank You from Texas US!
Thank you, Christian, for making this video. It helped me to get started with Ansible. Trying to get started by just visiting the Ansible documentation is daunting.
10:17 you don't need the three hyphens. It comes from the YAML spec. The hyphens are a separator, before are directives (like yaml version, yaml tags,...) and after is the actual yaml content. If you have no yaml directives, then you *may* drop the 3 hyphens. Yaml directives are not really relevant for ansible, so feel free to drop the hyphens. Similarly, the yaml spec specifies 3 dots to end yaml content. That's when one document contains multiple yaml parts, or when the yaml is not a file but a stream and you want to signal your yaml processor to stop instead of waiting until the stream is closed. Again, not relevant for ansible, so drop the 3 dots. I think almost everyone is doing that already without knowing why. I suggest to configure your yamlling to NOT check for --- or ...
Excellent!! Just what I was looking for! You helped me tremendously with clarifying on using the ansible.cfg and inventory files correctly. Thank you for sharing 🙏 I forgot I had seen this and had to revert back 😁
Never, ever, EVER allow sudo access without a password - if any bad actors gain access to your machine, then they will have access to the entire thing and not just user files. Keep your sudo passwords in a yaml file (key-value pairs) that is encrypted with ansible-vault, then include that secrets file in the vars_files array at the top level of the playbook hierarchy, then create a task (set fact) to import those sudo passwords into the ansible_become_pass variable per host. Only add become: true to individual tasks and not the playbook as a whole.
Thanks for the video! The best one of starting with Ansible I found :) But I have one think to ask: Wouldn't it be safer to only add the user to the sudoers file and add the nopasswd instead of allow it for all users?
Maybe you can also limit the sudoer without password entering to a functional user for ansible. I like the concept of having systems contained in their own functional users with just the privileges they need, in this case the root user group or an administrative group. So if anything goes wrong you can much more easily track down the source of an issue, and if security concerns apply about a comprised ansible master, you can get rid of the functional users
Entirely curious -- I really like your terminal layout. I see you're using powerline theme...what shell are you using? Zsh? and what terminal emulator? I really like the paste prompt. My OCD is kicking in and I noticed on the right side of your prompt, you have some artifact bleedover in the symbols. I believe you need to use a different patched Powerline font to get rid of that. Of course, just because it bothers me doesn't mean it bothers you, or anyone else!
Hi, I actually setup the Ansible master and server configuration in two docker containers. When I am executing the following command it is asking for sudo password: ```ansible-playbook ``` - My question is when it is asking for "SUDO" password, what I need to enter there a. Root password of worker container ? b. Password of the user that we defined in hosts file (ex: Madhav user) of worker container ?
Thanks for the great intro to Ansible. I have no experience in this area but interested to learn as much as possible. Do you use Nagios? I guess it is commonly used for monitoring.
With version 2.10.7 even ping does not work so this tutorial is obsolete by now. It always use user upon which you execute ansible command and if this user is not available on target host it will fail on ssh connection. Inventory variables like ansible_user=root does not work now.... I'm searching for solution but all YT tutorials use the same practice to authorize.
The issue is about variables squashing "By default Ansible merges groups at the same parent/child level in ASCII order, and the last group loaded overwrites the previous groups" So when you have added two list of variables to one inventory file it may not work :/
This probably sounds like a stupid question and maybe I missed it, but would the master be where all these config files and inventory files should be stored?
Good question, usually you have them on your workstation, but of course this might be not best in a team setup. You could use github or also a project like AWX, I hopefully can make a video about somewhere next year.
I have 500+ servers and i want to install telegraf agent on those servers gor grafana monitoring.. how can i add 500+ servers on ansible and run commands on all those servers
Learn more about Ansible and how to automate virtual machine provisioning with Vagrant and Ansible: th-cam.com/video/7Di0twyxw1M/w-d-xo.html
This could be the most underrated channel in YT!! You are doing a great job and I hope your subscribers exploded to find this hidden treasure!! Have enjoyed a lot of your videos and super advanced Sysadmin and Devops! 🙌
Haha thank you so much! :)
Very informative Christian! So many dont provide the details on real world Ansible setup for many servers with different passwords. Thank You from Texas US!
good starting point for ansible, short and informative; thumbs up!
Thank you, Christian, for making this video. It helped me to get started with Ansible. Trying to get started by just visiting the Ansible documentation is daunting.
Thank you, it makes me happy to see it helped you :)
Thanks for this great tutorial! It helped me a lot getting started with ansible. Keep up the extremely good work
Thank you! I'm glad it helped you :)
10:17 you don't need the three hyphens.
It comes from the YAML spec. The hyphens are a separator, before are directives (like yaml version, yaml tags,...) and after is the actual yaml content. If you have no yaml directives, then you *may* drop the 3 hyphens. Yaml directives are not really relevant for ansible, so feel free to drop the hyphens. Similarly, the yaml spec specifies 3 dots to end yaml content. That's when one document contains multiple yaml parts, or when the yaml is not a file but a stream and you want to signal your yaml processor to stop instead of waiting until the stream is closed. Again, not relevant for ansible, so drop the 3 dots. I think almost everyone is doing that already without knowing why.
I suggest to configure your yamlling to NOT check for --- or ...
Excellent!! Just what I was looking for! You helped me tremendously with clarifying on using the ansible.cfg and inventory files correctly. Thank you for sharing 🙏 I forgot I had seen this and had to revert back 😁
Thanks :)
@christianlempa - I very much appreciate all the effort you put into your videos, including the extra work of time and chapter indexes! Danke schön 😀
Awesome, I'm glad you like them :)
Wow man that's a no crap goldmine! Thank you, enjoying the video quite a lot, and I have what I was searching for for the last 3 hours!! :p
I find it kinda funny to see old fashion ordner maps behind Christian.
fantastic video!
Very helpful tutorial to get started. Thank you!
Just came across this channel and love it, your awesome.
Thanks man 😊
@@christianlempa your welcome, you put a lot of hard work in to those videos.
As always, gret video ! Thanks. Git hub subscriber now ^^ cheers
Awesome! Thank you :)
Thank you sir!! Very helpful and I will follow in github
Thank you! Highly appreciated :)
Great video and great explanation
Awesome thanks 😊
Great tutorial
Thanks
It really help. Thanks.
Happy to help
Share more videos with variety of examples 🙏🙏
I'll do :)
Mega! Danke
Never, ever, EVER allow sudo access without a password - if any bad actors gain access to your machine, then they will have access to the entire thing and not just user files.
Keep your sudo passwords in a yaml file (key-value pairs) that is encrypted with ansible-vault, then include that secrets file in the vars_files array at the top level of the playbook hierarchy, then create a task (set fact) to import those sudo passwords into the ansible_become_pass variable per host. Only add become: true to individual tasks and not the playbook as a whole.
Thankyou; which terminal you use ?😜
Super!
Thanks
beautiful nothing else
Thanks for the video! The best one of starting with Ansible I found :)
But I have one think to ask: Wouldn't it be safer to only add the user to the sudoers file and add the nopasswd instead of allow it for all users?
Thanks! Yeah thats a good point!
@@christianlempa I've tested this and it's working like your way, only with one additional row 👌
Maybe you can also limit the sudoer without password entering to a functional user for ansible.
I like the concept of having systems contained in their own functional users with just the privileges they need, in this case the root user group or an administrative group. So if anything goes wrong you can much more easily track down the source of an issue, and if security concerns apply about a comprised ansible master, you can get rid of the functional users
please create a video playbook for installing ansible for install adminer in targeted server.
how to get those nodes ips ? like, from where & how do we get the nodes ?
Entirely curious -- I really like your terminal layout. I see you're using powerline theme...what shell are you using? Zsh? and what terminal emulator? I really like the paste prompt.
My OCD is kicking in and I noticed on the right side of your prompt, you have some artifact bleedover in the symbols. I believe you need to use a different patched Powerline font to get rid of that. Of course, just because it bothers me doesn't mean it bothers you, or anyone else!
make same on dockers nice video last part was little fast but good
Thanks 😉
What is the terminal being used in this video? Reminds me of the kali Linux terminal
Hi, I actually setup the Ansible master and server configuration in two docker containers. When I am executing the following command it is asking for sudo password:
```ansible-playbook ```
- My question is when it is asking for "SUDO" password, what I need to enter there
a. Root password of worker container ?
b. Password of the user that we defined in hosts file (ex: Madhav user) of worker container ?
Thanks for the great intro to Ansible. I have no experience in this area but interested to learn as much as possible. Do you use Nagios? I guess it is commonly used for monitoring.
Pliiz show the result of playbook in the hosts
I don't want to see the easy way. I always want to see how setup or use as you would in production.
Thanks for this. Have you figured out without using NOPASSWD for sudo? Also can you pass password with Ansible vault for sudo?
I think you can do it, but I feel it's a bit uncomfortable to always inject it into the command, that's why I prefer the NOPASSWD statement.
With version 2.10.7 even ping does not work so this tutorial is obsolete by now.
It always use user upon which you execute ansible command and if this user is not available on target host it will fail on ssh connection. Inventory variables like ansible_user=root does not work now....
I'm searching for solution but all YT tutorials use the same practice to authorize.
The issue is about variables squashing "By default Ansible merges groups at the same parent/child level in ASCII order, and the last group loaded overwrites the previous groups" So when you have added two list of variables to one inventory file it may not work :/
how to enable and disable network adapter using ansible playbook ...pls revert
Can you show how to automate Oracle database patch on Linux server using Ansible....please
I love your PS1, do you mind share it?
Can Ansible return output as JSON?
This probably sounds like a stupid question and maybe I missed it, but would the master be where all these config files and inventory files should be stored?
Good question, usually you have them on your workstation, but of course this might be not best in a team setup. You could use github or also a project like AWX, I hopefully can make a video about somewhere next year.
Hi bro, i wanna write ansible playbook that performs ssh login into remote hosts and then checks for sudo access, please help me
👀 that sounds bad
I have 500+ servers and i want to install telegraf agent on those servers gor grafana monitoring.. how can i add 500+ servers on ansible and run commands on all those servers
😂