How to prepare FreeBSD server to be managed by Ansible tool

last updated in Categories , ,

I know Ansible manages Linux server using SSH by default. I thought FreeBSD servers are running in the cloud are no exception. However, I ran into problems. I am unable to manage freshly created FreeBSD server using Ansible DevOps/IT automation tool. How can I manage my FreeBSD server using Ansible?

Introduction – Ansible is easy to use IT automation and DevOps tool. One can use it for automation tasks. You can easily configure and manage FreeBSD server using Ansible. Ansible works from a control workstation powered by macOS, Linux or *BSD family of operating systems. A control workstation sends commands to multiple local/remote servers in parallel over the ssh based session. All you need is ssh and python installed on a control workstation and remote servers.

Sample setup to manage FreeBSD server(s) using Ansible

Sample setup - Prepare FreeBSD server to be managed by Ansible
Where,

  1. A control machine located at 192.168.1.107. It must have ssh client, Python and Ansible software installed. A control machine can be powered by macOS, Linux distro or BSD operating system such as FreeBSD.
  2. A control machine (Ansbile software) will send commands to multiple target machines in parallel. 192.168.2.100, 192.168.2.101, 192.168.2.102 and so on all are servers powered by different operating systems.

User management setup on a remote FreeBSD box for Ansible

Let us see all steps.

You must have OpenSSH server enabled on FreeBSD box

Verify it with the following command:
% service -e | grep sshd
If OpenSSH server not enabled on FreeBSD box, type the following command to activate at boot time and start it:
# echo 'sshd_enable="YES"' >> /etc/rc.conf
# service sshd start

You must have sudo installed on FreeBSD server

Run the following command:
% type sudo
If the sudo command not found, install it using the following pkg command:
# pkg install sudo
Allow members of group wheel to execute any command:
# echo '%wheel ALL=(ALL) ALL' >/usr/local/etc/sudoers.d/allow-wheel-user-login

Make sure regular user is part of the wheel group

Use the id command to find user’s group membership:
% id vivek
uid=1001(vivek) gid=1001(vivek) groups=1001(vivek)

As you can see vivek user is not part of the wheel group. Add user vivek to the wheel group using pw command
# pw usermod -n vivek -G wheel
# id vivek
uid=1001(vivek) gid=1001(vivek) groups=1001(vivek),0(wheel)

Install Python 2.x or Python 3.x

The final requirement is to install Python on FreeBSD box.
# pkg install python36
OR
# pkg install python27
Please note down the path for Python:
% type python2.7
python2.7 is /usr/local/bin/python2.7
% type python3.6
python3.6 is /usr/local/bin/python3.6

How to prepare FreeBSD server to be managed by Ansible tool

First create an inventory file as follows on a control machine:
$ vi hosts
Add hostnames/IP address of all remote FreeBSD/Linux servers:
[myhosts]
192.168.2.100
192.168.2.101
192.168.2.102

OR
[myhosts]
freebsd11-nixcraft
freebsd-jail-1

Test FreeBSD Ansible setup

Let us run the uptime command and hostname command on above two hosts i.e. myhosts group as user vivek:
$ ansible -u vivek -i hosts -m raw -a 'uptime' myhosts
$ ansible -u vivek -i hosts -m raw -a 'hostname' myhosts

Testing Ansbile with FreeBSD boxes
So you prepare FreeBSD server to be managed by Ansible. Now what? You can do other stuff like install packages, update packages, upgrade FreeBSD and much more be using Ansible playbook.

Writing your first Ansible playbook to manage FreeBSD server

First, update your hosts file to indicate user name and method to become sudo on the remote server. Here is my updated hosts file displayed with the cat command:
$ cat hosts
Sample outputs:

# Setup the user name
# Enable sudo usage 
# Setup ansible of the binary's location, through the ansible_python_interpreter inventory variable
[all:vars]
ansible_user='vivek'
ansible_become=yes
ansible_become_method=sudo
ansible_python_interpreter='/usr/bin/env python3.6'
 
[myhosts]
freebsd11-box
freebsd-jail-1

A playbook is nothing but scripts/command that executed on the remote box. Create a playbook named freebsd-pkg.yml as follows using a text editor such as ee command or vim command
$ vim freebsd-pkg.yml

# Install common packages on all FreeBSD server such as
# bash, vnstat, htop and more
- hosts: myhosts
  tasks:
      - name: Add packages on FreeBSD 
        pkgng:
            name: rsync,bash,most,bash-completion,vnstat,htop,wget,curl

Run it as follows from a control machine:
$ ansible-playbook --ask-become-pass -i hosts freebsd-pkg.yml

Running Ansible Playbook to manage FreeBSD servers
Running Ansible Playbook to manage FreeBSD servers

Conclusion

And there you have it, and Ansible used to manage FreeBSD boxes without using clients on server. Ansible is pretty easy to setup and use. Ansible works very fast for repeated tasks such as adding users in bulk, installing software, configuring *BSD/Linux/Unix boxes. YAML takes a little time to master but easy to learn. See Ansible documentation for more info here and here.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.