Manage Agents with Ansible

Ansible is an easy-to-use configuration management tool. Designed for multi-tier application deployment, this configuration management and provisioning tool uses SSH to connect to the servers and run the configured tasks.

Prerequisites

• An Ansible server, where Ansible is installed on one of the servers.
• SSH installed on all the target resources and the resources must communicate with the Ansible server.
• Public keys of all the target resources are shared with the Ansible server. To share the the public keys, log into the target resources on the Ansible server.
• The OpsRamp URL is allowed on the Ansible server to download all the latest version of the agent package.
• The resource user must have sudo permissions.

Install agent

Prerequisite

1. Before you install an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

Example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

2. By default the ansible.cfg file may contains privilege_escalation section with defaults but there he has to check below configuration is present or not If it not present, comment everything and add the new options as below. otherwise, then they can just ignore doing this. become=True become_method=sudo

In defaults section, they should add the parameter opsrampagenthost_key_checking=False. If it is already present then they can ignore this.

Step 1: Download Ansible

1. Go to Setup > Downloads > Agent.
2. Select a client from the drop-down list and select the connection type direct or proxy.
3. Click Download on the Ansible Agent Deployment tile.
4. Copy the downloaded file to /etc/ansible/roles/ or /etc/ansible/ and extract it.
5. Navigate to the opsrampagent folder to run playbooks.

Step 2: Install agent using Ansible

If a resource already has an agent, you can reinstall an agent or skip such resources. By default, the playbook tries to deploy agents on all the available servers in the inventory file without reinstalling the existing agents. If you do not specify the hostlist category, by default playbook tries to install agents on all the available resources list in the inventory file. This playbook deploys agents on the target resources.

Install a root agent without uninstalling the existing agent

You have multiple resources. Some of the resources already have agent installed and you want to skip agent installation. Some resources need agent installation.

Solution:

You can install the latest version of the agent on those resources that do not have an agent installed and skip installation on those resources that already have an agent installed. Run the following commands accordingly:

ansible-playbook agent-install-uninstall.yml -e  "hostlist=<devicelist>"  -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -f 10

Install a non-root agent without uninstalling the existing agent

Default OpsRamp user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -f 10

Specific/custom user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "isnonroot=yes" -e "agentuser=dsr" -f 10

Reinstall a root agent

You have multiple resources. Some of the resources already have agent installed and you want to reinstall the agent. Some resources need agent installation.

Solution:

You can install the latest version of the agent on resources that do not have an agent installed and reinstall the agent on resources that already have an agent installed. The existing agent is uninstalled and the latest version of the agent is installed. Run one of the following commands, depending on root or non-root user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>"  -e "reinstall=yes" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents"  -e "reinstall=yes" -f 10

Reinstall a non-root agent with default OpsRamp user

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -f 10

Reinstall a non-root agent with specific/custom OpsRamp user

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" "isnonroot=<yes/y>" -e "agentuser=<username>" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsrampAgents" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f 10

Uninstall agent

Prerequisite

Before you uninstall an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks>

example:

ansible-playbook agent-install-uninstall.yml -e "hostlist=OpsRampAgents" -e "executionType=uninstall" -f 10

Migrate agent

You can migrate agents on target resources from proxy to direct and vice versa.

Prerequisite

Before you start migrating an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category]  
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

Migrate proxy agents to direct agents

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct"

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=direct"

Migrate direct agents to proxy agents

Migrated direct agent to proxy agent with or without authentication:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=<http/https>" -f <number of forks>
 

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "proxyProto=http" -f 10
 

Migrated direct agent to proxy agent with or with authentication:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks>
 

example:

ansible-playbook agentmigration.yml -e "hostlist=OpsRampAgents" -e "migrationType=proxy" -e "proxyServer=10.32.32.32" -e "proxyPort=3128" -e "proxyProto=http" -e "proxyUser=user name" -e 'proxyPassword=password' -f 10
 

To migrate agents from direct to proxy, proxy to proxy, or from one proxy to another, enter valid migrationType and proxyServer values. If migrationType is not valid, the playbook exits without taking an action on target resources. By default, Ansible recipe considers http as proxyProto if protocol is not configured.

Update agent

You can update agents on all target resources.

Prerequisite

Before you start updating an agent with Ansible, add the device details in /etc/ansible/hosts in the following format:

[Category] 
<device IP> ansible_user=<user> ansible_password=<userpassword> ansible_become_user=root ansible_become=yes ansible_become_pass=<userpassword>

example:

[OpsRampAgents]
10.10.10.10 ansible_user=vadmin ansible_password=password123 ansible_become_user=root ansible_become=yes ansible_become_pass=password123

Procedure

Run the following command to update agents on target resources:

ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks>

example:

ansible-playbook agentupdate.yml -e "hostlist=OpsRampAgents" -f 10

Ansible Vault/Encryption process

If you want to use encrypted inventory files for different procedures, include the flag --ask-vault in the respective command. The command directs you to the credentials.

For more information about how to secure an inventory file using encryption, refer to the Ansible documenttion on Encrypting content with Ansible Vault.

Example commands with encrypted inventory file

If you want to use encrypted inventory files for different procedures, include the --ask-vault flag in the command. The command prompts credentials.

Install a root agent without uninstalling the existing agents

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault

Install a non-root agent without uninstalling the existing agents

Default OpsRamp user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -f <number of forks> --ask-vault

Specific/custom user:

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault

Reinstall a root agent

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>"  -e "reinstall=yes" -f <number of forks> --ask-vault

Reinstall a non-root agent

Default user:

     ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -f <number of forks> --ask-vault

Specific/custom user:

      ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "reinstall=yes" -e "isnonroot=yes" -e "agentuser=dsr" -f <number of forks> --ask-vault

Uninstall commands

ansible-playbook agent-install-uninstall.yml -e "hostlist=<devicelist>" -e "executionType=uninstall" -f <number of forks> --ask-vault

Migration commands

Proxy to Direct:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=direct" --ask-vault

Direct to Proxy:

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=http/https>" -e "proxyUser=<user name>" -e 'proxyPassword=<user password>' -f <number of forks> --ask-vault

ansible-playbook agentmigration.yml -e "hostlist=<devicelist>" -e "migrationType=proxy" -e "proxyServer=<proxyIP/ProxyServer>" -e "proxyPort=<port number>" -e "proxyProto=<http/https>" -f <number of forks> --ask-vault

Update commands

ansible-playbook agentupdate.yml -e "hostlist=<devicelist>" -f <number of forks> --ask-vault

References

Ansible Documentation