Author: Xavier C (Set C/J) QA(s): Jason M (Set C/J), Jilliam S (Set C/J)
Table of Contents:
IntroductionLab GoalsResourcesStep 0: VirtualBox Networking Woes (Creating a NAT network)Step 1: Minty Fresh 2: Electric Boogaloo (Installing the Mint VM)Initial Setup and InstallPost Installation ShenanigansStep 2: Areeb-Man: Into the Command Line (Installing the Debian 10 VM)Initial Setup and InstallMaking this CLI a home (Debian post installation)Step 3: This Program Runs on Magic but it's just SSH (Configuring Ansible)Adding our Debian vm into the "inventory"Setting up the SSH componentThe Moment of Truth/Screenshot Moment (Verifying that Ansible Works)Conclusion
Another term, another guide. In this guide, I will show you the (very) basics of Ansible. This includes installing ansible on a controller, creating and "inventorying" an ansible target, and pinging the target using an ansible command.
The goal of this lab is to have a private network that contains 1 ansible controller running any mint version, and 1 ansible target running Debian 10
Debian 10 VirtualBox (for Windows) Mint (My preferred version) Areeb's Original Guide
The first step of this lab is to create a private network for our current and future ansible endeavors. It is a good idea to have a private network for a lab environment so the VMs can communicate with each other and not touch your real network. Start by opening up Virtualbox and clicking "file" then "preferences"
We want to create a new nat network to create a private network for our VMs. Under "network", click the plus icon to create a new Nat network.
A new item will appear on the window. We want to modify these settings, click the gear icon when highlighting the new item
In the new window that pops up, I want to modify the network name, network CIDR (CHANGE THIS CIDR TO MATCH YOUR OWN ADDRESSING SCHEME), and we also want to disable DHCP. After this, make sure to hit Ok on all open windows.
IMPORTANT NOTE: Whenever we create a NAT network, remember that the first host is the default gateway. (In my case it would be 192.168.0.1) Also do not use the first 5 addresses. So for me, my first host would be .6
TAKEAWAY: In this step, we created a NAT network to allow our VMs to communicate with each other, and access the internet.
Let's get to installing that mint VM. Create a new virtual machine like normal. Make sure the machine type is Linux/Ubuntu(64-bit)
For ram, 2GB is enough. When it comes to asking the disk type, leave that default. As for the size, anywhere above 10GB will be fine.
When done creating the VM, we need to change some initial settings. Highlight the VM and click settings
Under network, we want to change the adapter to be attached to a NAT Network, and make sure you select the one you just created
Now let's begin installing mint!
For this mint installation, I will be using the ISO I provided in resources. Once you boot into the live environment, double click the "Install Linux Mint" Icon.
We will want to leave everything default for the installer. So just spam next and accept all defaults. When it comes to the, "Who are you?" screen. Type in whatever you want, just make sure to remember your username and password. When it prompts you to restart now, it's a good idea to restart now.
Virtualbox should eject your ISO for you, after that hit enter. And login to mint.
The first thing we want to do on our mint vm is to setup internet access. Let's start by modifying our ethernet settings in mint by clicking the appropriate icon and clicking "Edit Connections..."
Select "Wired Connection 1", and click edit.
Here we will assign a static IP to our vm. Change the method to manual, assign it an IP address that isn't the first 5 hosts of the network, netmask should be whatever you set your NAT network to (mine was a /24) and the gateway is the first host in your NAT network. For DNS servers, specify 8.8.8.8.
Click on save, then wait for mint to notify you that you have internet access. The icon you clicked should now be colored in black.
Now we want to install virtualbox tools. Under devices, click "Insert additions CD"
After the dialog box opens up showing the CD contents, open up terminal and type in the following:
xxxxxxxxxx
11sudo sh /media/(your username here)/Vbox*/VboxLinuxAdditions.run
It will prompt you for your password. Then after that, type yes for every question. If everything goes well, you should end up with this
When you get to this point, eject the additions cd from the vm (force unmount if need be) and reboot the vm.
After logging into your account, you can now resize your vm window to adjust the vm resolution. Another useful thing we can do is enable the clipboard for copy and pasting. Under machine, click "settings"
Change the settings in general under the advanced tab to this:
Now run the following commands in terminal to prep for the next steps:
xxxxxxxxxx
51sudo apt update # Updates all packages
2sudo apt upgrade # Upgrades all packages (this will take a long time)
3sudo apt install ansible nano # Installs ansible and an editor
4reboot
5# You can use vim or any other editor you want
TAKEAWAY: In this step, we created installed mint, assigned a static IP to it, installed vm tools to allow for copy/paste and vm window resizing, and installed base packages needed for the lab (ansible and an editor)
For our Debian 10 VM, we will be going into CLI only territory. The terminal may look scary at first, but you'll quickly realize it's the fastest and least resource intensive way for setting up applications like a webserver. You'll want to do almost the exact same steps as we did for the mint vm. Change the type to Linux/Debian(64-bit), and attach the NAT network you created to the vm.
Now booting into the debian install, select just "Install" not "Graphical Install". We might as well get used to it, as it is a good skill to learn how to navigate the CLI.
Use the arrow keys and enter button to navigate through the first set of menus. For the first couple of dialog boxes, click options that make sense to you. Like country and keyboard type.
After a few menus, you'll see it try and fail to get a DHCP address. Select continue, then select the option to manually configure and IP.
Enter in an IP address that isn't the first 5 hosts or the IP of your mint vm. Be sure to assign the CIDR of your network to the end. After finished, hit enter.
Remember that the gateway is the first host of your subnet. Here's mine for an example
For name server, specify 8.8.8.8
When it comes to hostname, it can be anything you want. Leave the domain name blank
The rest of the options (for now) is all up to you! Just make sure you remember them. If you do not know which option to pick, accept most of the defaults.
When it comes time to configure the package manager, select the appropriate country. Use the default option when you come to the archive mirror question. Mine looks like this (for Canada)
leave the proxy blank and hit enter.
Now it will install all the necessary base packages. Select no when it asks you about the package survey. When it comes to this screen, only select the utilities and ssh option. Then hit enter (Use the arrow keys to move, and space to select/deselect options)
When it asks you to install grub, select yes. The next screen should have 2 options. Select /dev/sda. It might be different if you configured things differently. But it should look like this
After everything, it will ask you to reboot. Eject the install iso, and press continue.
After booting, it should kick you into a really basic looking login screen. Login as root.
First we need to update our packages, and install some other tools. Since we are logged in as root, we do not need to use the sudo command (but we will use it eventually)
xxxxxxxxxx
31apt update
2apt upgrade
3apt install sudo (editor) # replace editor with your favourite CLI editor
Next we want to edit the sudoers file to allow for our user to use sudo. Start by using your editor to edit the sudoers file:
xxxxxxxxxx
11(editor) /etc/sudoers
Now make the changes like so, but instead of "target", specify the user you made during the install process:
Doing this is pretty unsafe because it allows this user to have the same access as root. But we know what we're doing. So force save the file and continue.
The last thing we want to do is edit the ssh config file to allow for root logon. (we will need this for later ansible labs) Start by opening the config file with your favourite editor:
xxxxxxxxxx
11(editor) /etc/ssh/sshd_config
Find the line that says "PermitRootLogin" and uncomment the line, and change the value to "yes"
Save changes, and restart the ssh service with this command:
xxxxxxxxxx
11systemctl restart sshd
TAKEAWAY: In this step, we installed debian the super cool way, modified it enough to contain all the packages we need, and configured ssh to work as intended for ansible.
ALL OF THESE INSTRUCTIONS ARE FOR THE MINT VM
First things first, we need to add our debian vm into the inventory. What exactly is an inventory? It's pretty much just a hosts file that defines which computers we want to manage. There's a whole other slew of things we can do with the ansible hosts file. But our goal is to just shove the ip of our debian vm under a server group. Start by going into the mint vm, opening terminal, and editing the hosts file like so:
xxxxxxxxxx
11sudo (editor) /etc/ansible/hosts
At the end of the file, specify a server group name (you need to remember this!) then the IP of your debian vm:
xxxxxxxxxx
31# Some text above
2[MyCoolGroup] # Change this to whatever Areeb specifies to use for the group
3(ip of debian vm goes here)
Here's an example of what my file looks like:
After that, we need to specify a user we're going to ssh with for that group (which will be root to prep us for future labs). Start by running these commands:
xxxxxxxxxx
21sudo mkdir /etc/ansible/group_vars
2sudo (editor) /etc/ansible/group_vars/(group name goes here)
Now inside our editor, enter this text:
xxxxxxxxxx
11ansible_ssh_user: root
DO NOT RUN ANY OF THE FOLLOWING COMMANDS IN SUDO
First let's generate an ssh key with the following command:
xxxxxxxxxx
11ssh-keygen
Accept defaults for everything and put no password on the key.
Now we need to copy this key into the debian vm, do that by running this command:
xxxxxxxxxx
11ssh-copy-id root@(ip of debian vm here)
It will ask you if you want to continue connecting. Type "yes", then enter the root password of your debian vm. If all is well, it should look like this
And now for the moment of truth, seeing if ansible worked. Enter the following command in terminal:
xxxxxxxxxx
11ansible -m ping (group name goes here)
If everything was correct, you will have your screenshot for this lab!
TAKEAWAY: In this step, we configured ansible to add our debian vm to our inventory under a server group, copied our ssh key to the debian vm, and tested ansible to see if the connection to our debian vm worked.
Ansible is a really neat tool for automating a lot of things in bulk. We also learned that the underlying technology that ansible uses is SSH. Without having a proper SSH connection to the target, ansible will fail.