Hi I have written a playbook for Ansible to install a few application. I am having trouble as I have to run every thing as root which is not a good idea.
So I have created a sudo user and have created a private key for authentication.
Could some one help me in defining the hosts file for this scenario.
My current hosts file is like this:
[webserver]
web-01 ansible_ssh_host=192.168.0.11 ansible_ssh_user=root
Thanks,
Providing the sudo Password If the remote user needs to provide a password in order to run sudo commands, you can include the option --ask-become-pass to your Ansible command. This will prompt you to provide the remote user sudo password: ansible all -m ping --ask-become-pass.
To specify a password for sudo, run ansible-playbook with --ask-become-pass ( -K for short). If you run a playbook utilizing become and the playbook seems to hang, most likely it is stuck at the privilege escalation prompt. Stop it with CTRL-c , then execute the playbook with -K and the appropriate password.
Your new hosts file will be look like this:
[webserver]
web-01 ansible_ssh_host=192.168.0.11 ansible_ssh_user=USERNAME ansible_ssh_private_key_file=/secure/mykey
But please also make sudo: True in your playbook like this:
  ---
   - hosts: webserver
     sudo: True 
     remote_user: USERNAME
     gather_facts: True
     # Run these tasks  
     tasks:
       - name: Run this task.....
One Important thing that your sudo user should be password less, to achieve that you should edit your sudoer file. If you are using the CentOS, then please edit the /etc/sudoers file and add the following line
USERNAME ALL=(ALL) NOPASSWD: ALL
please add this line after the last line which says
#includedir /etc/sudoers.d
If you are using the Ubuntu, then use the visudo command, find and edit the below line:
# Members of the admin group may gain root privileges
%sudo   ALL=(ALL:ALL) NOPASSWD: ALL
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With