Ansible...Installation Process

In this chapter, we will learn about the environment setup of Ansible.

Installation Process 

Mainly, there are two types of machines when we talk about Ansible deployment

Control machine − Machine from where we can manage other machines.
Remote machine − Machines which are handled/controlled by control machine.

Multiple remote machines can be handled by one control machine. So for managing remote machines we have to install Ansible on control machine.

Control Machine Requirements

Ansible can be run from any machine with Python 2 or higher version of Python installed.

By default, Ansible uses ssh to manage remote machine.

Ansible does not add any database. It does not require any daemons to start or keep it running.
While managing remote machines, Ansible does not leave any software installed or running on them. Hence, there is no question of how to upgrade it when moving to a new version.

Ansible can be installed on control machine which have above mentioned requirements in different ways.
You can install the latest release through Apt, yum, pkg, pip etc

Note − Windows does not support control machine.

Ansible...Automation Tool

Introduction

Ansible is an open source, powerful automation software for configuring, managing and deploying software applications on nodes without any downtime just by using SSH
Ansible is simple open source IT engine which automates application deployment
Ansible is easy to deploy because it does not use any agents or custom security infrastructure.
Ansible is designed for multi-tier deployment
After connecting to your nodes, Ansible pushes small programs called as “Ansible Modules”
Ansible runs that modules on your nodes and removes them when finished. Ansible manages your inventory in simple text files (These are the hosts file)
Ansible uses the hosts file where one can group the hosts and can control the actions on a specific group in the playbooks

How Ansible works

There are many similar automation tools available like Puppet, Chef, Salt etc, but Ansible categorize into two types of server: controlling machines and nodes

The controlling machine, where Ansible is installed and Nodes are managed by this controlling machine over SSH
The location of nodes are specified by controlling machine through its inventory.

Ansible is agent-less, that means no need of any agent installation on remote nodes
Ansible can handle multiple nodes from a single system over SSH connection and the entire operation can be handled and executed by single command ‘ansible’

In some cases, where you required to execute multiple commands for a deployment, here we can build playbooks
Playbooks are bunch of commands which can perform multiple tasks and each playbooks are in YAML file format

YAML (It’s a human-readable data serialization language and is commonly used for configuration files, but could be used in many applications where data is being stored) which is very easy for humans to understand, read and write.
Hence the advantage is that even the IT infrastructure support guys can read and understand the playbook and debug if needed (YAML – It is in human readable form)

Use of Ansible

Ansible can be used in IT infrastructure to manage and deploy software applications to remote nodes
For example, let’s say you need to deploy a single software or multiple software to multiple nodes by a single command,
Here Ansible comes into picture, with the help of Ansible you can deploy as many applications to multiple nodes with one single command. You must have a little programming knowledge for understanding ansible script

Setup NFS Server on CentOS 8 / RHEL 8

NFS stands for Network File System, helps you to share files and folders between Linux / Unix systems
NFS enables you to mount a remote share locally.

This guide helps you to setup NFS server on CentOS 8 / RHEL 8

Benefits of NFS

•File / Folder sharing between UNIX / Linux systems
•Allows to mount remote file systems locally
•Can act as Centralized Storage system
•Can be used as a Storage Domain (Datastore) for VMware and other Virtualization Platform.
•Allows applications to share configuration and data files with multiple nodes.
•Allows having updated files across the share.

Important Services

The following are important NFS services, included in nfs-utils packages.

rpcbind: The rpcbind server converts RPC program numbers into universal addresses.
nfs-server: It enables clients to access NFS shares.
nfs-lock / rpc-statd: NFS file locking. Implement file lock recovery when an NFS server crashes and reboots
nfs-idmap: It translates user and group ids into names and to translate user and group names into id's

Important Configuration Files

You would be working mainly on below configuration files to setup NFS server and Clients.

/etc/exports: It is the main configuration file, controls which file systems are exported to remote hosts and specifies options.
/etc/fstab: This file is used to control what file systems including NFS directories are mounted when the system boots.
/etc/sysconfig/nfs: This file is used to control which ports the required RPC services run on.
/etc/hosts.allow and /etc/hosts.deny: These files are called TCP wrappers, controls the access to  NFS server
It is used by NFS to decide whether or not to accept a connection coming in from another IP address.

Environment

Here, we will use CentOS 8 minimal for this demo. This guide should also work on Oracle Linux and Fedora systems

NFS Server

Host Name: server.local.com(CentOS 8)
IP Address: 192.168.0.170/24

NFS Client

Host Name: client.local.com (CentOS 8)
IP Address: 192.168.0.171/24

Configure NFS Server

Install NFS Server

Install the below package for NFS server using yum command.
yum install -y nfs-utils

Once the packages are installed, enable and start NFS services.
systemctl start nfs-server rpcbind
systemctl enable nfs-server rpcbind

Create NFS Share

Now, let’s create a directory to share with the NFS client. Here I will be creating a new directory named nfsfileshare in the / partition.

You can also share your existing directory with NFS
mkdir /nfsfileshare

Allow NFS client to read and write to the created directory.
chmod 777 /nfsfileshare/

We have to modify /etc/exports file to make an entry of directory /nfsfileshare that you want to share.
vi /etc/exports

Create a NFS share something like below.
/nfsfileshare 192.168.0.171(rw,sync,no_root_squash)

/nfsfileshare: shared directory

192.168.0.171: IP address of client machine. We can also use the hostname instead of an IP address.
It is also possible to define the range of clients with subnet like 192.168.1.0/24

rw: Writable permission to shared folder
sync: All changes to the according file system are immediately flushed to disk; the respective write operations are being waited for.
no_root_squash: By default any file request made by user root on the client machine is treated as by user nobody on the server.
(Exactly which UID the request is mapped to depends on the UID of user “nobody” on the server, not the client)
If no_root_squash is selected, then root on the client machine will have the same level of access to the files on the system as root on the server.

You can get to know all the option in the man page man exports or here.

Export the shared directories using the following command.
exportfs -r

Extra Parameters:

exportfs -v: Displays a list of shares files and export options on a server.
exportfs -a: Exports all directories listed in /etc/exports.
exportfs -u: UnExport one or more directories.
exportfs -r: ReExport all directories after modifying /etc/exports.

After configuring NFS server, we need to mount that shared directory in the NFS client.

Configure Firewall

We need to configure the firewall on NFS server to allow NFS client to access NFS share.
To do that, run the following commands on the NFS server.
firewall-cmd --permanent --add-service mountd
firewall-cmd --permanent --add-service rpc-bind
firewall-cmd --permanent --add-service nfs
firewall-cmd --reload

Configure and Install NFS client

We need to install NFS packages on NFS client to mount a remote NFS share.

Install NFS packages using below command.
yum install -y nfs-utils

Check NFS Share

Before mounting NFS share, I request you to check NFS shares available on NFS server by running the following command on NFS client.

Replace the IP Address with your NFS server IP Address or hostname
showmount -e 192.168.0.170

Output:
Export list for 192.168.0.170:
/nfsfileshare 192.168.0.171

As per the output, /nfsfileshare is available on NFS server (192.168.0.170) for NFS client (192.168.0.171)

Extras:
showmount -e : Shows the available shares on your local machine (NFS Server).
showmount -e <server-ip or hostname>: Lists the available shares on  remote server

Mount NFS Share

Now, create a directory on NFS client to mount NFS share /nfsfileshare which we have created in NFS server
mkdir /mnt/nfsfileshare

Use below command to mount a NFS share /nfsfileshare from NFS server 192.168.0.170 in

/mnt/nfsfileshare on NFS client
mount 192.168.0.170:/nfsfileshare /mnt/nfsfileshare

Verify mounted share on NFS client using mount command.
mount | grep nfs

Output:
ssunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
192.168.0.170:/nfsfileshare on /mnt/nfsfileshare type nfs4 (rw,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.0.171,local_lock=none,addr=192.168.0.170)

Also, you can use the df -hT command to check the mounted NFS share.
df -hT

Output:

Filesystem                 Type      Size  Used Avail Use% Mounted on
/dev/mapper/centos-root    xfs        50G  1.2G   49G   3% /
devtmpfs                   devtmpfs  485M     0  485M   0% /dev
tmpfs                      tmpfs     496M     0  496M   0% /dev/shm
tmpfs                      tmpfs     496M  6.7M  490M   2% /run
tmpfs                      tmpfs     496M     0  496M   0% /sys/fs/cgroup
/dev/mapper/centos-home    xfs        47G   33M   47G   1% /home
/dev/sda1                  xfs      1014M  154M  861M  16% /boot
tmpfs                      tmpfs     100M     0  100M   0% /run/user/0
192.168.0.170:/nfsfileshare nfs4       50G  1.2G   49G   3% /mnt/nfsfileshare

Create a file on the mounted directory to verify the read and write access on NFS share.
touch /mnt/nfsfileshare/test

If the above command returns no error, you have working NFS setup.

Automount NFS Shares

To mount the shares automatically on every reboot, you would need to modify /etc/fstab file of your NFS client.

vi /etc/fstab

Add an entry something like below.
#
# /etc/fstab
# Created by anaconda on Wed Jan 17 12:04:02 2018
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=60a496d0-69f4-4355-aef0-c31d688dda1b /boot                   xfs     defaults        0 0
/dev/mapper/centos-home /home                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0
192.168.0.170:/nfsfileshare /mnt/nfsfileshare    nfs     nosuid,rw,sync,hard,intr  0  0

Save and close the file.

Reboot the client machine and check whether the share is automatically mounted or not.

reboot

Verify the mounted share on NFS client using mount command.

mount | grep nfs

Output:
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
192.168.0.170:/nfsfileshare on /mnt/nfsfileshare type nfs4 (rw,nosuid,relatime,sync,vers=4.1,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.0.171,local_lock=none,addr=192.168.0.170)

If you want to unmount that shared directory from your NFS client after you are done with the file sharing, you can unmount that particular directory using umount command.

umount /mnt/nfsfileshare

Conclusion

You have set up NFS Server and NFS Client on CentOS 8 / RHEL 8 successfully.
If you wish not to use static mounts, you can configure AutoFS on CentOS 7 to mount NFS share only when a user accesses them