Ansible is an easy-to-use configuration management tool. Designed for multi-tier application deployment, this configuration management and provisioning tool uses SSH to connect to the servers and run the configured tasks.
Prerequisites
- Ansible must be installed in one of the servers (Ansible Server).
- SSH must be installed on all the target devices and the devices must communicate with Ansible server.
- All the target devices public keys must be shared with Ansible server( to do this you must log into target devices on Ansible server).
- You must allow OpsRamp URL in Ansible server to download all the latest Agent packages.
- Device user must have sudo permissions.
Install Agent
Prerequisite
- Before you install an agent with Ansible, add the device details in
/etc/ansible/hosts
in the following format:
[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>
Example:
[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123
Note
A few configuration parameters in the ansible.cfg
file must be changed by the users:
- By default, the
ansible.cfg
file contains a privilege escalation section with default values such asbecome=True
,become method=sudo
. If these values are not present in the privilege escalation section, add them as shown below.
become=True
become method=sudo
- By default, the
ansible.cfg
file contains a defaults section with the default value ashost key checking = False
. If this value is not present in the defaults section, add it as shown below.
host key checking = False
Step 1: Install the Linux OS Integration
Refer to Install Linux OS Integration document.
Step 2: Download the OpsRamp Ansible Recipe
- Refer Download Linux Agent document to download the ansible.
- Copy the downloaded file to
/etc/ansible/
and extract it. - Go to opsrampagent/roles/common/vars/ and replace agentconfig.yml. See the Instruction page for Agentconfig yaml content information.
- Navigate to the
opsrampagent
folder to run playbooks.
Step 3: Install Agent using Ansible
If a resource already has an agent, you can reinstall an agent or skip such resources. By default, the playbook tries to deploy agents on all the available servers in the inventory file without reinstalling the existing agents. If you do not specify the hostlist category, by default playbook tries to install agents on all the available resources list in the inventory file. This playbook deploys agents on the target resources.
Install a root agent without uninstalling the existing agent
You have multiple resources. Some of the resources already have agent installed and you want to skip agent installation. Some resources need agent installation.
Solution:
You can install the latest version of the agent on those resources that do not have an agent installed and skip installation on those resources that already have an agent installed. Run the following commands accordingly:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -f 10
Install a non-root agent without uninstalling the existing agent
Default OpsRamp user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -f 10
Specific/custom user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -e "agentuser=dsr" -f 10
Reinstall a root agent
You have multiple resources. Some of the resources already have agent installed and you want to reinstall the agent. Some resources need agent installation.
Solution:
You can install the latest version of the agent on resources that do not have an agent installed and reinstall the agent on resources that already have an agent installed. The existing agent is uninstalled and the latest version of the agent is installed. Run one of the following commands, depending on root or non-root user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -f 10
Reinstall a non-root agent with default OpsRamp user
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -f 10
Reinstall a non-root agent with specific/custom OpsRamp user
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f 10
Uninstall Agent
Prerequisite
Before you uninstall an agent with Ansible, add the device details in /etc/ansible/hosts
in the following format:
[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>
example:
[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123
Procedure
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks>
example:
ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsRampAgents" -e "executionType=uninstall" -f 10
Migrate Agent
You can migrate agents on target resources from proxy to direct and vice versa.
Prerequisite
Before you start migrating an agent with Ansible, add the device details in /etc/ansible/hosts
in the following format:
[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>
example:
[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123
Procedure
Migrate proxy agents to direct agents
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct"
example:
ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=direct"
Migrate Direct Agents to Proxy Agents
Migrated direct agent to proxy agent without authentication:
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "gatewayUUID=<gateway_profile_uuid>" -e "proxyProto=<http/https>" -f <number of forks>
example:
ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "gatewayUUID=445ee640-99b4-46e9-a8cf-88ddeb841b2c" -e "proxyProto=http" -f 10
Migrated direct agent to proxy agent with authentication:
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "gatewayUUID=<gateway_profile_uuid>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks>
example:
ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "gatewayUUID=445ee640-99b4-46e9-a8cf-88ddeb841b2c" -e "proxyProto=http" -e "proxyUser=user name" -e 'proxyPassword=password' -f 10
To migrate agents from direct to proxy, proxy to proxy, or from one proxy to another, enter valid migrationType
and proxyServer
values. If migrationType
is not valid, the playbook exits without taking an action on target resources. By default, Ansible recipe considers http
as proxyProto
if protocol is not configured.
Update Agent
You can update agents on all target resources.
Prerequisite
Before you start updating an agent with Ansible, add the device details in /etc/ansible/hosts
in the following format:
[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>
example:
[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123
Procedure
Run the following command to update agents on target resources:
ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks>
example:
ansible-playbook agentupdate.yml -e "hostlist=OpsRampAgents" -f 10
Ansible Vault/Encryption process
If you want to use encrypted inventory files for different procedures, include the flag --ask-vault
in the respective command. The command directs you to the credentials.
For more information about how to secure an inventory file using encryption, refer to the Ansible documenttion on Encrypting content with Ansible Vault.
Example commands with encrypted inventory file
If you want to use encrypted inventory files for different procedures, include the --ask-vault
flag in the command. The command prompts credentials.
Install a root agent without uninstalling the existing agents
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault
Install a non-root agent without uninstalling the existing agents
Default OpsRamp user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -f <number of forks> --ask-vault
Specific/custom user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault
Reinstall a Root Agent
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -f <number of forks> --ask-vault
Reinstall a Non-root Agent
Default user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -f <number of forks> --ask-vault
Specific/custom user:
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault
Uninstall Commands
ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks> --ask-vault
Migration Commands
Proxy to Direct:
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct" --ask-vault
Direct to Proxy:
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks> --ask-vault
ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=<http/https>" -f <number of forks> --ask-vault
Update Commands
ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault