Getting started with Ansible 13 - Adding Users & Bootstrapping
Рет қаралды 45,448
Күн бұрынAnsible is an incredible configuration management and provisioning utility that enables you to automate all the things. In this series, you'll learn everything you need to know in order to use Ansible for your day-to-day administration duties. In video 13, we'll look at adding a user, and then we'll set up Ansible to use a specific user for running tasks. Also, we'll walk through creating a bootstrap playbook specifically for adding new nodes.
Full series:
Part 1 (Introduction): linux.video/an...
Part 2 (SSH Overview & Setup): linux.video/an...
Part 3 (Setting up the Git Repository): linux.video/an...
Part 4 (Running Commands): linux.video/an...
Part 5 (Running Elevated Commands): linux.video/an...
Part 6 (Writing our First Playbook): linux.video/an...
Part 7 (The 'when' Conditional): linux.video/an...
Part 8 (Improving your Playbook): linux.video/an...
Part 9 (Targeting Specific Nodes): linux.video/an...
Part 10 (Tags): linux.video/an...
Part 11 (Managing Files): linux.video/an...
Part 12 (Managing Services): linux.video/an...
Part 13 (Adding Users): This video
Part 14 (Roles): linux.video/an...
Part 15 (Host Variables): linux.video/an...
Part 16 (Templates): linux.video/an...
☁️ Get $100 in credit toward deploying your very own Linux servers on Linode!
➡️ linode.com/lear...
🙌 Support me on Patreon and get early access to new content!
➡️ learnlinux.lin...
Wiki article for this video:
www.learnlinux...
🛒 Affiliate store for Linux compatible hardware/accessories (commission earned):
➡️ learnlinux.lin...
💻 Check out the Tiny Pilot KVM for your Homelab (commission earned):
➡️ learnlinux.lin...
🐦 Follow me on Twitter!
➡️ learnlinux.lin...
💬 Official LearnLinux.tv Community:
➡️ community.lear...
📖 Check out jay's latest book, Mastering Ubuntu Server 3rd Edition. Available now!
➡️ ubuntuserverbo...
👨 More about me:
➡️ www.jaylacroix...
➡️ www.learnlinux...
💽 How to create a bootable flash drive for installing Linux:
➡️ linux.video/fl...
🐧 Which distro do I use?
➡️ learnlinux.lin...
🔐 How to better secure OpenSSH:
➡️ linux.video/se...
☁️ How to create a cloud Linux server with Linode:
➡️ learnlinux.lin...
#DevOps #Automation #Ansible
@raymondfb 2 жыл бұрын
very cool course thank you so very much. it was cool updating a couple of machines, but things started to stink when i had six. now i push one command and every server is done. what a time and pain saver! thank you again for taking the time to make this and all of your videos. you have taught me so much and i really appreciate it .
@LearnLinuxTV 2 жыл бұрын
Glad it helped!
@1gold4 Жыл бұрын
for anybody following along today Ansible changed the way you can add sudoers files - name: Copy a new "sudoers" file into place, after passing validation with visudo copy: src: /mine/sudoers dest: /etc/sudoers validate: /usr/sbin/visudo -csf %s This format is the only way I got it to work for me
@petergoodall6258 3 жыл бұрын
I just read you can use the 'content:' argument to directly put sudoers content into the file. Just a one line change and doesn't require an external file. These tutorials are very helpful - thanks!
@Y.S.777 4 жыл бұрын
Thank you for doing these tutorials, i find them very informative and simple to understand.
@feiloose Жыл бұрын
Thanks for the content, its great. bottom title at 0:37 says "Part 12 - Managing Services", should be "13- Adding Users & Bootstrapping". :)
@bamhm182 3 жыл бұрын
"0440 because we want to keep it locked down" As we give simone ALL=(ALL) NOPASSWD XD Just thought that was really funny. Thank you so much for putting this series together. It's excellent.
@cakes.gaming 7 ай бұрын
sudoers files must be 440 and the whole point is to make an ansible account that doesn't need to use a password vov
@zachsandvik1867 3 жыл бұрын
Wow Jay. You did an awesome effort to learn us Ansible. I really appreciate this. Amazing. Thank you so much.
@davidandersson4091 3 жыл бұрын
Thanks for great videos! I have ran into a issue with the bootstrap playbook: When in your case the ansible.cfg has "remote_user" set to simone, Ansible will try to use that user when the bootstrap playbook is executed. But in fact the servers default user, such as root, ubuntu or whatever should be used for the bootstrap. This can be solved by adding the argument "-u default_user_on_server" to the ansible-playbook command.
@djvincon 3 жыл бұрын
It still gives me a permission denied error.... Any tips?
@ahmedbadr6362 10 ай бұрын
I just ran the boorstrap playbook before added the "remote_user" to the config file.
@n-o-i-d Ай бұрын
My solution is to set the "remote_user" argument at the top of the boostrap.yml file, between "become" and "pre_tasks".
@n00bnommer 3 жыл бұрын
Hey Jay, your videos are awesome! I wanted to let you know this video has the title card from Part 12.
@Johann75 Ай бұрын
Everything works just fine. Thank you
@sma92878 2 жыл бұрын
This series has been really awesome!
@peterpekny_goo 8 ай бұрын
... and thank you for movie advice 😉 ,, i will take a look.. and for sure for whole ansible series.. very very cool
@fabrice9848 Жыл бұрын
You forgot to explain the sudoers file. A little research on visudo helped me understand though.
@jgranahan 4 жыл бұрын
Thank you, Jay. This series is really great!
@Cyko359 5 ай бұрын
very cool, loved your included sim one
@akyumurkov 3 жыл бұрын
We do love this series!
@weniweedeewiki.6237 Жыл бұрын
WOW i got to watch that film love your content.........and they way you explain everything......thanks bro
@fabrice9848 Жыл бұрын
You did a fantastic job! Thank you very much.
@duffyscottc 9 ай бұрын
This series is super great and extremely helpful! One question from this lesson: is it "safe"/"best practice" to leave the simone user (and their sudoer file) on the systems after we're done running all of our ansible scripts, or should there also be a "teardown" file that we run at the end which removes her?
@tomasceska1648 Жыл бұрын
Great series! Thank you
@name1355_0ne Жыл бұрын
Thanks a lot, that was useful!
@dzonsmit 6 ай бұрын
16:54 I'm not sure what 'update_only/update_cache' really does.. following along I added one centos server vm when you did. everything worked for some time but I started to receive 'unknown error' or something similar. error was gone after 'yum update' directly over centos terminal, centos downloaded 800mb of updates..
@ravitejareddy3818 Жыл бұрын
could you please make a video series on Kubernetes/k8s and Terraform
@mihai6564 2 жыл бұрын
great lesson
@joseluismartins8340 3 жыл бұрын
Jay, why are you always saying another play instead of another task?
@TheCaysed 5 ай бұрын
Is it okay to put into play public key in plain text?
@aminebenamor8445 2 жыл бұрын
Great content thank you
@Yanahamm2012 Жыл бұрын
Thank you for such a great video. I have tried to create users with bash scrip, csv list. It worked well. I wanted to verify the users with a custom module and csv new list of random users against a python ansible module. I have ran into tons of syntaxes issues. I wanted my script give me a printout of users that exist and and others who doesn't exist. How would you do that? Is there a better way to verify large amount of users with custom module?
@papiwaley4400 11 ай бұрын
thanks for the series, your videos are awesome and very insightful. after concluding this series I keep getting: ERROR! couldn't resolve module/action 'authorized_key'. This often indicates a misspelling, missing collection, or incorrect module path. I have searched and implemented different fixes but they seem not to work. i will appreciate if anyone can help
@spitfire184 7 ай бұрын
Did you get this sorted? I think you were missing the ansible.posix module?
@djvincon 3 жыл бұрын
Hi Jay, I have a question. When I build a Ubuntu VM or server I ofcourse create a linux user and I already pull down the SSH keys from github with the option in the installer. So I dont want to make an other user: simone for example but I want to use my already made user: user_example. Is this possible with the config you made?
@zeocamo 4 жыл бұрын
what is best only have 1 BIG file with all the servers in (in my case around 140) or more files ... we don't really got any servers with the same packages on ???
@daviddunkelheit9952 Жыл бұрын
What? If you want someone to try and help you…. Would be best to make your problem clear and understandable. Otw. 🤷♂️
@papiwaley4400 11 ай бұрын
resolve the error, the error was in the playbook,
@matteoo3923 2 жыл бұрын
on my Centos Stream 8 i was getting crazy with the following error: ERROR! couldn't resolve module/action 'authorized_key'. This often indicates a misspelling, missing collection, or incorrect module path. It turned out i was missing a collection. Fixed installing it: ansible-galaxy collection install ansible.posix
@thereds32 Жыл бұрын
Hi, thanks for the video. I am new to Ansible and following your videos. Silly question - there is no password for the user Simone? Is this done to deny password authentication for user simone?? I can su - simone when logged on as root . Thank you
@iancurtisfan898 10 ай бұрын
ran into same problem, i gave simone a password and then it worked fine
@thedarkparadox 9 ай бұрын
The bootstrap as explained in this video does not work. The ansible.cfg is looking for whatever amount I set up as the remote user. Commenting that out and trying --ask-become-pass still fails to connect with correct credentials. More time should have been spent on explaining initial bootstrap and initialization files.
@lightiv 3 жыл бұрын
No matter what I do I get the following error when running bootstrap.yml: " FAILED! => {"changed": false, "msg": "Unsupported parameters for (apt) module: update Supported parameters include: allow_unauthenticated, autoclean, autoremove, cache_valid_time, deb, default_release, dpkg_options, force, force_apt_get, install_recommends, only_upgrade, package, policy_rc_d, purge, state, update_cache, upgrade"}"
@Netz0 Жыл бұрын
If you disable the password in the sudoers group and is set to ALL, then why even bother with creating a second account in the first place? You are basically disabling the whole security purpose in sudo and might as well just use the root account directly because that is what it is at that point, just with a different name.
@veehenry8026 3 жыл бұрын
Hi Jay, after doing this several times, my "simone" user is not able to ssh into the server with no password. It keeps prompting me for the password. I'm running Centos 8. Do you know of any issues that might cause this?
@tonym6435 3 жыл бұрын
had the same problem, "simone ALL=(ALL:ALL) NOPASSWD: ALL" instead of "simone ALL=(AL) NOPASSWD: ALL" did the trick for me
@anthonychaple3031 2 жыл бұрын
👍🏻👍🏻
@nanapee2319 4 жыл бұрын
Will you recommend hosting my Django project on linode
@GC-qe8vc 2 жыл бұрын
Yes
@markdavis7645 9 ай бұрын
this mofo left himself a backdoor, right on video. BLAGOW!
@steeveknight1079 3 жыл бұрын
Good content but SOOO ANNOYING! It's "eS-Ewe(Doers)" - ie SUPER USER DO... - NOT SueDew!!! Uggh!
@miyalys 2 жыл бұрын
There's an interview with the creator of sudo here - you can hear his pronunciation of it as well: kzbin.info/www/bejne/gpKkqJ9pfbNomtU
@PraveenKumar-jd6ur Ай бұрын
One of many ways to add key and create sudoers file. - name: Add Auth key to user from file authorized_key: user: neo state: present key: "{{ lookup('file','/home/pravs/.ssh/ansible.pub') }}" - name: Add sudoers file for neo user with content copy: dest: /etc/sudoers.d/neo owner: root group: root mode: 0440 content: | neo ALL=(ALL) NOPASSWD: ALL
Real Douluo Short Video
Рет қаралды 12 МЛН
Learn Linux TV
Рет қаралды 33 М.