Gouranga's Tech Blog: October 2021

Oct 31, 2021

Deploy shell script using Ansible

How to deploy a shell script on a remote server using Ansible?

see the demo steps:

step#1 : Create or define your shell script in ansible server.

Here the script is demo.sh

Step#2 : Create your play book. example deploy_shell.yml

[root@demosys01 ~]# cat deploy_shell.yml

---

#deploy shell script

- name: Transfer and execute a script.

hosts: all

user: oracle

tasks:

- name: Transfer the script

copy: src=demo.sh dest=/home/oracle mode=0777

- name: Execute the script

command: sh /home/oracle/demo.sh

[root@demosys01 ~]#

Step#3 : Check the yaml play book is error free or not deploy_shell.yml

[root@demosys01 ~]# ansible-playbook deploy_shell.yml --syntax-check

playbook: deploy_shell.yml

Step#4 : Play the yaml play book deploy_shell.yml

[root@demosys01 ~]# ansible-playbook deploy_shell.yml

PLAY [Transfer and execute a script.] *************************************************************************************

TASK [Gathering Facts] *************************************************************************************

[WARNING]: Platform linux on host 192.168.100.1 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.1]

[WARNING]: Platform linux on host 192.168.100.2 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.2]

TASK [Transfer the script] *************************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

TASK [Execute the script] *************************************************************************************

changed: [192.168.100.1]

changed: [192.168.100.2]

PLAY RECAP *************************************************************************************

192.168.100.2 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

192.168.100.1 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

[root@demosys01 ~]#

Step#5 : Now verify whether script is deployed in the target machines or not

-- on target machine1

[oracle@example1 ~]$ hostname -i

192.168.100.1

[oracle@example1 ~]$ ls demo.sh

demo.sh

[oracle@example1 ~]$ pwd

/home/oracle

-- On target machine2

[oracle@example2 ~]$ hostname -i

192.168.100.2

[oracle@example2 ~]$ ls demo.sh

demo.sh

[oracle@example1 ~]$ pwd

/home/oracle

Yes, script successfully deployed in the target server.

Ansible ERROR! Using a SSH password instead of a key is not possible

Let us see very simple solution for below ansible error when running playbook.

FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."}

Issue:

Ansible verifying host key.

Solution:

create "ansible.cfg" file and below message:

vi ansible.cfg

[defaults]

host_key_checking = false

Note: Ansible version 2.6.2 and solution with host_key_checking = false doesn't work

This error can also be solved by simply export ANSIBLE_HOST_KEY_CHECKING variable.

export ANSIBLE_HOST_KEY_CHECKING=False

Demo:

when ansible.cfg not there or "host_key_checking = false" is commented in ansible.cfg file.

# cat test01.yml

---

- hosts: all

vars:

fail: false

tasks:

- fail: msg="Congrats, you asked for this playbook to fail ... and it has"

when: fail

-- Check the syntax for the newly created yml

# ansible-playbook test01.yml --syntax-check

playbook: test01.yml

-- play your play book

# ansible-playbook test01.yml

PLAY [all] **************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************

fatal: [192.168.100.1]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."}

fatal: [192.168.100.2]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host's fingerprint to your known_hosts file to manage this host."}

PLAY RECAP **************************************************************************************************************************************************

192.168.100.1 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

192.168.100.2 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

playbook: test01.yml

after adding "ansible.cfg" file and below message:

vi ansible.cfg

[defaults]

host_key_checking = false

# ansible-playbook test01.yml --syntax-check

playbook: test01.yml

# ansible-playbook test01.yml

PLAY [all] **************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************

[WARNING]: Platform linux on host 192.168.100.2 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.2]

[WARNING]: Platform linux on host 192.168.100.3 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python

interpreter could change this. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.

ok: [192.168.100.3]

TASK [fail] *************************************************************************************************************************************************

skipping: [192.168.100.3]

skipping: [192.168.100.2]

PLAY RECAP **************************************************************************************************************************************************

192.168.100.2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0

192.168.100.3 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0

Here, check the warnings and fix accordingly. There are no issues.

Oct 25, 2021

storeUserConfig - create User Config and Key files in weblogic

Creating configuration file to connect WebLogic domain using WLST :

Collect the following:

1. Domain Name and Home

2. WebLogic console User, Password and URL

Step#1 : Go to domain Home:

For my POC system, domain name is

/u01/fmw/user_projects/domains/ebsapp

See the value from nodemanager.properties:

Home : /u01/fmw/user_projects/domains/ebsapp/nodemanager

Port : ListenPort=5556

Step#2 : Create UserKey and UserConfig file:

Go to wlst location: /u01/fmw/oracle_common/common/bin

$ wlst.sh

wls:/offline> connect('weblogic','PassW00rd','t3://100.10.10.10:7100')

wls:/ebsapp/serverConfig/> storeUserConfig('/home/oracle/userconfigNM.secure', '/home/oracle/userkeyNM.secure')

Creating the key file can reduce the security of your system if it is not kept in a secured location after it is created. Creating new key...

The username and password that were used for this WebLogic Server connection are stored in /home/oracle/userconfigNM.secure and /home/oracle/userkeyNM.secure.

wls:/ebsapp/serverConfig/> exit()

Step#3 : Verify

$ pwd

/home/oracle

$ ls -lrt

...

-rw-r----- 1 oracle dba 64 Oct 4 06:10 userkeyNM.secure

-rw-r----- 1 oracle dba 227 Oct 4 06:10 userconfigNM.secure

Install Ansible - troubleshoot Error: Nothing to do

While I am installation ansible once of OCI linux system, then got below error:

# yum install ansible

Loaded plugins: langpacks, ulninfo

No package ansible available.

Error: Nothing to do

Verification:

Verify the repository using "sudo yum repolist"

e.g.,

# sudo yum repolist

Loaded plugins: langpacks, ulninfo

repo id repo name status

ol7_latest/x86_64 OracleLinux OL7 latest x86_64 23,277

ol7_pdit_tools/x86_64 PDIT OL7 x86_64 132

ol7_u8_base/x86_64 OracleLinux OL7 8 base x86_64 7,447

ol7_u8_patch/x86_64 OracleLinux OL7 8 patch x86_64 1,071

repolist: 31,927

Solution:

Here it seems, you need to enable ol7_developer_EPEL.

Now enable it using "sudo yum-config-manager --enable ol7_developer_EPEL" command.

e.g.,

# sudo yum-config-manager --enable ol7_developer_EPEL

Loaded plugins: langpacks

================================================================= repo: ol7_developer_epel =================================================================

[ol7_developer_epel]

async = True

bandwidth = 0

base_persistdir = /var/lib/yum/repos/x86_64/7Server

baseurl = http://pd-yum-bom-01.oci.oraclecorp.com/pditrepos/OracleLinux/OL7/developer/EPEL/x86_64

cache = 0

cachedir = /var/cache/yum/x86_64/7Server/ol7_developer_epel

check_config_file_age = True

compare_providers_priority = 80

cost = 1000

deltarpm_metadata_percentage = 100

deltarpm_percentage =

enabled = 1

enablegroups = True

exclude =

failovermethod = priority

ftp_disable_epsv = False

gpgcadir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel/gpgcadir

gpgcakey =

gpgcheck = True

gpgdir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel/gpgdir

gpgkey = http://pd-yum-bom-01.oci.oraclecorp.com/pditrepos/gpgkeys/RPM-GPG-KEY-ol7

hdrdir = /var/cache/yum/x86_64/7Server/ol7_developer_epel/headers

http_caching = all

includepkgs =

ip_resolve =

keepalive = True

keepcache = False

mddownloadpolicy = sqlite

mdpolicy = group:small

mediaid =

metadata_expire = 21600

metadata_expire_filter = read-only:present

metalink =

minrate = 0

mirrorlist =

mirrorlist_expire = 86400

name = OracleLinux OL7 developer EPEL x86_64

old_base_cache_dir =

password =

persistdir = /var/lib/yum/repos/x86_64/7Server/ol7_developer_epel

pkgdir = /var/cache/yum/x86_64/7Server/ol7_developer_epel/packages

proxy = _none_

proxy_dict = {'ftp': '', 'http': '', 'https': ''}

proxy_password =

proxy_username =

repo_gpgcheck = False

retries = 10

skip_if_unavailable = False

ssl_check_cert_permissions = True

sslcacert =

sslclientcert =

sslclientkey =

sslverify = True

throttle = 0

timeout = 30.0

ui_id = ol7_developer_epel/x86_64

ui_repoid_vars = releasever,

basearch

username =

Install Ansible:

Now install ansible again using "sudo yum install ansible"

e.g.,

# sudo yum install ansible

Loaded plugins: langpacks, ulninfo

ol7_developer_epel | 3.6 kB 00:00:00

ol7_latest | 3.6 kB 00:00:00

ol7_pdit_tools | 2.5 kB 00:00:00

ol7_u8_base | 2.7 kB 00:00:00

Not using downloaded ol7_u8_base/repomd.xml because it is older than what we have:

Current : Tue Feb 9 00:00:04 2021

Downloaded: Wed Apr 8 15:45:38 2020

ol7_u8_patch | 2.5 kB 00:00:00

Not using downloaded ol7_u8_patch/repomd.xml because it is older than what we have:

Current : Mon Feb 8 23:58:12 2021

Downloaded: Tue Sep 29 18:32:22 2020

(1/3): ol7_developer_epel/x86_64/group_gz | 88 kB 00:00:00

(2/3): ol7_developer_epel/x86_64/updateinfo | 523 kB 00:00:00

(3/3): ol7_developer_epel/x86_64/primary_db | 14 MB 00:00:00

Resolving Dependencies

There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "yum-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).

--> Running transaction check

---> Package ansible.noarch 0:2.9.25-1.el7 will be installed

--> Processing Dependency: python-httplib2 for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: python-paramiko for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: python2-jmespath for package: ansible-2.9.25-1.el7.noarch

--> Processing Dependency: sshpass for package: ansible-2.9.25-1.el7.noarch

--> Running transaction check

---> Package python-paramiko.noarch 0:2.1.1-9.el7 will be installed

---> Package python2-httplib2.noarch 0:0.18.1-3.el7 will be installed

---> Package python2-jmespath.noarch 0:0.9.4-2.el7 will be installed

---> Package sshpass.x86_64 0:1.06-1.el7 will be installed

--> Finished Dependency Resolution

--> Finding unneeded leftover dependencies

Found and removing 0 unneeded dependencies

Dependencies Resolved

============================================================================================================================================================

Package Arch Version Repository Size

============================================================================================================================================================

Installing:

ansible noarch 2.9.25-1.el7 ol7_developer_epel 17 M

Installing for dependencies:

python-paramiko noarch 2.1.1-9.el7 ol7_latest 268 k

python2-httplib2 noarch 0.18.1-3.el7 ol7_developer_epel 124 k

python2-jmespath noarch 0.9.4-2.el7 ol7_developer_epel 41 k

sshpass x86_64 1.06-1.el7 ol7_developer_epel 21 k

Transaction Summary

============================================================================================================================================================

Install 1 Package (+4 Dependent packages)

Total download size: 17 M

Installed size: 105 M

Is this ok [y/d/N]: y

Downloading packages:

(1/5): python-paramiko-2.1.1-9.el7.noarch.rpm | 268 kB 00:00:00

(2/5): python2-httplib2-0.18.1-3.el7.noarch.rpm | 124 kB 00:00:00

(3/5): python2-jmespath-0.9.4-2.el7.noarch.rpm | 41 kB 00:00:00

(4/5): sshpass-1.06-1.el7.x86_64.rpm | 21 kB 00:00:00

(5/5): ansible-2.9.25-1.el7.noarch.rpm | 17 MB 00:00:00

------------------------------------------------------------------------------------------------------------------------------------------------------------

Total 34 MB/s | 17 MB 00:00:00

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Warning: RPMDB altered outside of yum.

** Found 11 pre-existing rpmdb problem(s), 'yum check' output follows:

oracle-cloud-agent-1.8.2-3843.el7.x86_64 is a duplicate with oracle-cloud-agent-1.7.0-3586.el7.x86_64

oracle-cloud-agent-1.9.0-4425.el7.x86_64 is a duplicate with oracle-cloud-agent-1.8.2-3843.el7.x86_64

oracle-cloud-agent-1.10.0-4792.el7.x86_64 is a duplicate with oracle-cloud-agent-1.9.0-4425.el7.x86_64

oracle-cloud-agent-1.11.1-5104.el7.x86_64 is a duplicate with oracle-cloud-agent-1.10.0-4792.el7.x86_64

oracle-cloud-agent-1.11.4-5207.el7.x86_64 is a duplicate with oracle-cloud-agent-1.11.1-5104.el7.x86_64

oracle-cloud-agent-1.12.0-5313.el7.x86_64 is a duplicate with oracle-cloud-agent-1.11.4-5207.el7.x86_64

oracle-cloud-agent-1.13.0-5437.el7.x86_64 is a duplicate with oracle-cloud-agent-1.12.0-5313.el7.x86_64

oracle-cloud-agent-1.14.0-5731.el7.x86_64 is a duplicate with oracle-cloud-agent-1.13.0-5437.el7.x86_64

oracle-cloud-agent-1.14.2-5846.el7.x86_64 is a duplicate with oracle-cloud-agent-1.14.0-5731.el7.x86_64

oracle-cloud-agent-1.15.0-5915.el7.x86_64 is a duplicate with oracle-cloud-agent-1.14.2-5846.el7.x86_64

oracle-cloud-agent-1.16.0-6051.el7.x86_64 is a duplicate with oracle-cloud-agent-1.15.0-5915.el7.x86_64

Installing : python2-jmespath-0.9.4-2.el7.noarch 1/5

Installing : python-paramiko-2.1.1-9.el7.noarch 2/5

Installing : python2-httplib2-0.18.1-3.el7.noarch 3/5

Installing : sshpass-1.06-1.el7.x86_64 4/5

Installing : ansible-2.9.25-1.el7.noarch 5/5

Verifying : sshpass-1.06-1.el7.x86_64 1/5

Verifying : ansible-2.9.25-1.el7.noarch 2/5

Verifying : python2-httplib2-0.18.1-3.el7.noarch 3/5

Verifying : python-paramiko-2.1.1-9.el7.noarch 4/5

Verifying : python2-jmespath-0.9.4-2.el7.noarch 5/5

Installed:

ansible.noarch 0:2.9.25-1.el7

Dependency Installed:

python-paramiko.noarch 0:2.1.1-9.el7 python2-httplib2.noarch 0:0.18.1-3.el7 python2-jmespath.noarch 0:0.9.4-2.el7 sshpass.x86_64 0:1.06-1.el7

Complete!

Now Check the installed Ansible version.

# ansible --version

ansible 2.9.25

config file = /etc/ansible/ansible.cfg

configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']

ansible python module location = /usr/lib/python2.7/site-packages/ansible

executable location = /bin/ansible

python version = 2.7.5 (default, Mar 12 2021, 14:55:44) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)]

Gouranga's Tech Blog

Pages

Oct 31, 2021

Deploy shell script using Ansible

Ansible ERROR! Using a SSH password instead of a key is not possible

Oct 25, 2021

storeUserConfig - create User Config and Key files in weblogic

Install Ansible - troubleshoot Error: Nothing to do

Translate >>

Pages