参考URL

• How To Install and Configure Ansible on RHEL 8 / CentOS 8
  • このページの手順を確認した結果です

準備

• 最小構成のCentOS 8 がインストールされている前提です

$ cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core) 

パッケージのUPDATE

$ sudo dnf update -y

Python のインストール

• Python 3 のインストール

$ sudo dnf -y install python36
 ...
$ python3 --version
 Python 3.6.8
$ pip3 --version
 pip 9.0.3 from /usr/lib/python3.6/site-packages (python 3.6)

• Python package manager のアップグレード

$ sudo pip3 install --upgrade pip
Collecting pip
  Downloading https://files.pythonhosted.org/packages/00/b6/9cfa56b4081ad13874b0c6f96af8ce16cfbc1cb06bedf8e9164ce5551ec1/pip-19.3.1-py2.py3-none-any.whl (1.4MB)
    100% || 1.4MB 790kB/s 
Installing collected packages: pip
Successfully installed pip-19.3.1

Ansible のインストール

• rpm の追加

$ sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 ...

• リポジトリの確認

$ dnf repolist
CentOS-8 - AppStream                            734 kB/s | 6.3 MB     00:08    
CentOS-8 - Base                                 890 kB/s | 7.9 MB     00:09    
CentOS-8 - Extras                               481  B/s | 2.1 kB     00:04    
Extra Packages for Enterprise Linux 8 - x86_64  284 kB/s | 3.4 MB     00:12    
repo id            repo の名前                                             状態
AppStream          CentOS-8 - AppStream                                    5,089
BaseOS             CentOS-8 - Base                                         2,843
*epel              Extra Packages for Enterprise Linux 8 - x86_64          3,165
extras             CentOS-8 - Extras                                           3

• Ansible のインストール

$ sudo dnf install  --enablerepo epel-playground  ansible
 ...
インストール済み:
  ansible-2.8.5-2.epel8.playground.noarch                           python3-paramiko-2.4.3-1.epel8.playground.noarch                  python3-babel-2.5.1-3.el8.noarch                                  python3-jinja2-2.10.1-2.el8_0.noarch                              python3-jmespath-0.9.0-11.el8.noarch                              python3-markupsafe-0.23-19.el8.x86_64                             python3-pyasn1-0.3.7-6.el8.noarch                                 python3-pytz-2017.2-9.el8.noarch                                  python3-pyyaml-3.12-12.el8.x86_64                                 python3-bcrypt-3.1.6-2.epel8.playground.1.x86_64                  python3-pynacl-1.3.0-5.epel8.playground.x86_64                    sshpass-1.06-9.epel8.playground.x86_64                            libsodium-1.0.18-2.el8.x86_64                                     
完了しました!

• Ansible のバージョンを確認

$ ansible --version
ansible 2.8.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/user-a/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Oct  7 2019, 17:58:22) [GCC 8.2.1 20180905 (Red Hat 8.2.1-3)]

Ansible の動作確認

• sshd の起動

$ sudo systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset>
   Active: active (running) since Sat 2019-11-16 17:31:02 JST; 24min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 795 (sshd)
    Tasks: 1 (limit: 5073)
   Memory: 4.3M
   CGroup: /system.slice/sshd.service
           └─795 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com,chacha20-po>

11月 16 17:31:02 localhost.localdomain systemd[1]: Starting OpenSSH server daem>
11月 16 17:31:02 localhost.localdomain sshd[795]: Server listening on 0.0.0.0 p>
11月 16 17:31:02 localhost.localdomain systemd[1]: Started OpenSSH server daemo>
11月 16 17:31:02 localhost.localdomain sshd[795]: Server listening on :: port 2>
11月 16 17:34:38 localhost.localdomain sshd[6323]: Accepted password for user-a >
11月 16 17:34:38 localhost.localdomain sshd[6323]: pam_unix(sshd:session): sess>

• sshキーの作成

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user-a/.ssh/id_rsa): 
Created directory '/home/user-a/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user-a/.ssh/id_rsa.
Your public key has been saved in /home/user-a/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:.............................. user-a@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|            .+*= |
|            +=B  |
|      E    oo* . |
|       o   .*.  .|
|      o S oo ooo |
|       o . o++*. |
|        .   +=+= |
|         . o++B. |
|          o===++ |
+----[SHA256]-----+

• 公開鍵を管理対象サーバーへコピー
  • コピー完了後、ssh コマンドで接続の確認をする

$ ssh-copy-id user-a@192.168.56.101
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/user-a/.ssh/id_rsa.pub"
The authenticity of host '192.168.56.101 (192.168.56.101)' can't be established.
ECDSA key fingerprint is SHA256:392VezsBF8dPQ+yGhfuoptPjvhkcEpQ4sa5I7l14Aak.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
user-a@192.168.56.101's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'user-a@192.168.56.101'"
and check to make sure that only the key(s) you wanted were added.

• インベントリファイルの作成
  • ファイルを作成し、管理対象サーバーのIPアドレスを記載する

$ vi ./hosts
192.168.56.101

• Ansible での疎通確認

$ ansible -i ./hosts 192.168.56.101 -m ping
192.168.56.101 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}