With Ansible being agentless we don't have a what came first, chicken or the egg, issue with it. What I mean by this is, in most automation/configuration tools which require an agent to be installed, you would have to first install the agent on the host that you are going to manage.
In the case of Ansible you don't have to install anything on the host that you wish to manage. As long as you can ssh onto the host, you are good to go.
So consider a brand you RHEL server or VM that you created, and that you can ssh onto it as root. Here are the steps that you would need to do to run Ansible playbooks as user 'mango', or any other fruit of your choice.
The Ansible playbook below would do exactly that for you:
In the case of Ansible you don't have to install anything on the host that you wish to manage. As long as you can ssh onto the host, you are good to go.
So consider a brand you RHEL server or VM that you created, and that you can ssh onto it as root. Here are the steps that you would need to do to run Ansible playbooks as user 'mango', or any other fruit of your choice.
- Get the root password of the managed host.
- Check to see if you can ssh to the managed host using root password.
- Create ssh key using ssh-keygen on the control host for root.
- Copy the ssh key to the managed host using ssh-copy-id
- If you want to run the Ansible playbooks as user 'mango' then create a user 'mango' on the remote host using Ansible playbook shown below.
- Make can entry for that user under /etc/sudoers.d so that the user can run commands that need root priviliges.
The Ansible playbook below would do exactly that for you:
---
- name: Adding a new user
hosts: all
tasks:
- name: Create user mango
user:
name: mango
append: yes
state: present
createhome: yes
- name: Add file mango to the sudoers.d directory
copy:
content: "mango ALL=(ALL) NOPASSWD: ALL"
dest: /etc/sudoers.d/mango
- name: Set up authorized keys for the mango user
authorized_key:
user=mango
key="{{ item }}"
with_file:
- /home/devops/.ssh/id_rsa.pub
...
