Deploy Linux Agent with Ansible

Ansible is an easy-to-use configuration management tool. Designed for multi-tier application deployment, this configuration management and provisioning tool uses SSH to connect to the servers and run the configured tasks.

Prerequisites

Ansible must be installed in one of the servers (Ansible Server).
SSH must be installed on all the target devices and the devices must communicate with Ansible server.
All the target devices public keys must be shared with Ansible server( to do this you must log into target devices on Ansible server).
You must allow OpsRamp URL in Ansible server to download all the latest Agent packages.
Device user must have sudo permissions.

Install Agent

Prerequisite

Before you install an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

Example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Note

A few configuration parameters in the ansible.cfg file must be changed by the users:

By default, the ansible.cfg file contains a privilege escalation section with default values such as become=True, become method=sudo. If these values are not present in the privilege escalation section, add them as shown below.

become=True
become method=sudo

By default, the ansible.cfg file contains a defaults section with the default value as host key checking = False. If this value is not present in the defaults section, add it as shown below.

host key checking = False

Step 1: Install the Linux OS Integration

Refer to Install Linux OS Integration document.

Step 2: Download the OpsRamp Ansible Recipe

Refer Download Linux Agent document to download the ansible.
Copy the downloaded file to /etc/ansible/ and extract it.
Go to opsrampagent/roles/common/vars/ and replace agentconfig.yml. See the Instruction page for Agentconfig yaml content information.
Navigate to the opsrampagent folder to run playbooks.

Step 3: Install Agent using Ansible

If a resource already has an agent, you can reinstall an agent or skip such resources. By default, the playbook tries to deploy agents on all the available servers in the inventory file without reinstalling the existing agents. If you do not specify the hostlist category, by default playbook tries to install agents on all the available resources list in the inventory file. This playbook deploys agents on the target resources.

Install a root agent without uninstalling the existing agent

You have multiple resources. Some of the resources already have agent installed and you want to skip agent installation. Some resources need agent installation.

Solution:

You can install the latest version of the agent on those resources that do not have an agent installed and skip installation on those resources that already have an agent installed. Run the following commands accordingly:

ansible-playbook agent-install-uninstall.yml -e  "hostlist=<devicelist>"  -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -f 10

Install a non-root agent without uninstalling the existing agent

Default OpsRamp user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -f 10

Specific/custom user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -e "agentuser=dsr" -f 10

Reinstall a root agent

You have multiple resources. Some of the resources already have agent installed and you want to reinstall the agent. Some resources need agent installation.

Solution:

You can install the latest version of the agent on resources that do not have an agent installed and reinstall the agent on resources that already have an agent installed. The existing agent is uninstalled and the latest version of the agent is installed. Run one of the following commands, depending on root or non-root user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>"  -e "reinstall=yes" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents"  -e "reinstall=yes" -f 10

Reinstall a non-root agent with default OpsRamp user

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -f 10

Reinstall a non-root agent with specific/custom OpsRamp user

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f 10

Uninstall Agent

Prerequisite

Before you uninstall an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsRampAgents" -e "executionType=uninstall" -f 10

Migrate Agent

You can migrate agents on target resources from proxy to direct and vice versa.

Prerequisite

Before you start migrating an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]  
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

Migrate proxy agents to direct agents

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct"

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=direct"

Migrate Direct Agents to Proxy Agents

Migrated direct agent to proxy agent without authentication:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "gatewayUUID=<gateway_profile_uuid>" -e "proxyProto=<http/https>" -f <number of forks>

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "gatewayUUID=445ee640-99b4-46e9-a8cf-88ddeb841b2c" -e "proxyProto=http" -f 10

Migrated direct agent to proxy agent with authentication:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "gatewayUUID=<gateway_profile_uuid>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks>

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "gatewayUUID=445ee640-99b4-46e9-a8cf-88ddeb841b2c" -e "proxyProto=http" -e "proxyUser=user name" -e 'proxyPassword=password' -f 10

To migrate agents from direct to proxy, proxy to proxy, or from one proxy to another, enter valid migrationType and proxyServer values. If migrationType is not valid, the playbook exits without taking an action on target resources. By default, Ansible recipe considers http as proxyProto if protocol is not configured.

Update Agent

You can update agents on all target resources.

Prerequisite

Before you start updating an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category] 
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

Run the following command to update agents on target resources:

ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks>

example:

ansible-playbook agentupdate.yml -e "hostlist=OpsRampAgents" -f 10

Ansible Vault/Encryption process

If you want to use encrypted inventory files for different procedures, include the flag --ask-vault in the respective command. The command directs you to the credentials.

For more information about how to secure an inventory file using encryption, refer to the Ansible documenttion on Encrypting content with Ansible Vault.

Example commands with encrypted inventory file

If you want to use encrypted inventory files for different procedures, include the --ask-vault flag in the command. The command prompts credentials.

Install a root agent without uninstalling the existing agents

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault

Install a non-root agent without uninstalling the existing agents

Default OpsRamp user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -f <number of forks> --ask-vault

Specific/custom user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault

Reinstall a Root Agent

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>"  -e "reinstall=yes" -f <number of forks> --ask-vault

Reinstall a Non-root Agent

Default user:

     ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -f <number of forks> --ask-vault

Specific/custom user:

      ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault

Uninstall Commands

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks> --ask-vault

Migration Commands

Proxy to Direct:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct" --ask-vault

Direct to Proxy:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks> --ask-vault

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=<http/https>" -f <number of forks> --ask-vault

Update Commands

ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault

References

Ansible Documentation