Installing Ansible on macOS: Controlling Remote macOS and Raspberry Pi
Setting Up Your Home Ansible Lab
In this tutorial we will be using one of the macOS machine as the control node, we need to install Homebrew.
Here is my list of servers for setting up Ansible nodes and creating an inventory file
192.168.1.33 Mac - Control Node
192.168.1.35 Mac
192.168.1.40 Raspberry PiStep 1 : Install Ansible on macOS Control Node
brew install ansible
ansible --versionTo securely connect to your remote devices, we need to generate SSH key and copy the public key to the remote machines.
Generate SSH Key
ssh-keygen -t rsa -b 4096 -C "USE_YOUR_EMAIL"Press Enter to accept the default file location (/User/balu/.ssh/id_rsa) and enter a passphrase if desired, I ignore passphrase in my case.
# OUTPUT :
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/balu/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/balu/.ssh/id_rsa
Your public key has been saved in /Users/balu/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:HN/i49uLziWrf2azsVxOVXh9aDI9SHWmbLpz+9b6H3g USE_YOUR_EMAIL_COMES_HERE
The key's randomart image is:
+---[RSA 4096]----+
| ... o|
| . + *.|
| . + X =|
| . o . * oo|
| S o o .|
| . . ... |
| + =.+E.|
| o O=O..+|
| .+O=*++==|
+----[SHA256]-----+Step 2: Connect to Mac Machine
Copy public key to the remote machines:
Copy to Mac
Copying SSH keys is not a straightforward task, as it requires access to the remote machine. The remote machine must be configured to allow SSH access. Let’s address and resolve any errors step by step.
ssh-copy-id jinna.balu@192.168.1.35ERROR #1: Connection refused
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/balu/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: ERROR: ssh: connect to host 192.168.1.35 port 22: Connection refusedError Connection refused indicates that the SSH service on 192.168.1.35 is either not running or not accepting connections on port 22.
To resolve the ssh connection issues we need to enabled the following in the remote or target mac machine 192.168.1.35. Get into the target machine and do the following.
$ brew install openssh # Install SSH and verify ssh -V
$ ssh -V
OpenSSH_9.6p1, LibreSSL 3.3.6
$ sudo systemsetup -setremotelogin onERROR #2: Full Disk Access privileges
jinna.balu@MacBook-Pro % sudo systemsetup -setremotelogin on
Password: setremotelogin: Turning Remote Login on or off requires Full Disk Access privileges.Enable the Full Disk Access privileges in the System Setting -> Privacy & Security -> Full Disk Access -> Enable the Terminal Radio Button. Restrat the terminal.
This gives full access to the disk to the terminal, now you can continue to run the ssh-copy-id jinna.balu@192.168.1.35
ssh-copy-id jinna.balu@192.168.1.35
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/balu/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.35 (192.168.1.35)' can't be established.
ED25519 key fingerprint is SHA256:NglFJ7+OZ1SqwmVTRo11wByXX+n5RDlqoXvON713Qko.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
(jinna.balu@192.168.1.35) Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'jinna.balu@192.168.1.35'"
and check to make sure that only the key(s) you wanted were added.Now you will be able to access the other mac machine from the Control Node.
Step 3: Connect to Raspberry Pi
The Raspberry Pi installation is set up so that I have SSH access using user credentials.
$ ssh-copy-id balu@192.168.1.40
# OUTPUT:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/balu/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
balu@192.168.1.40's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'balu@192.168.1.40'"
and check to make sure that only the key(s) you wanted were added. Step 4: Ansible in action
Now that SSH access is set up on all machines, we can proceed with using Ansible to manage and configure them
Create the inventory file local-inventory.ini
[control]
192.168.1.33 ansible_user=balu
[workers]
192.168.1.35 ansible_user=jinna.balu
192.168.1.40 ansible_user=balu
[all:vars]
ansible_ssh_private_key_file=~/.ssh/id_rsaCreate a playbook to ping to the servers ping.yml
---
- hosts: all
tasks:
- name: Test connectivity with ping
ping:Run the playbook
ansible-playbook -i ./local-inventory.ini ping.ymlOUTPUT
ansible-playbook -i ./local-inventory.ini ping.yml
PLAY [all] **************************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************************
[WARNING]: Platform darwin on host 192.168.1.35 is using the discovered Python interpreter at /usr/bin/python3, but future installation of another Python interpreter
could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [192.168.1.35]
[WARNING]: Platform linux on host 192.168.1.40 is using the discovered Python interpreter at /usr/bin/python3.11, but future installation of another Python interpreter
could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [192.168.1.40]
TASK [Test connectivity with ping] **************************************************************************************************************************************
ok: [192.168.1.40]
ok: [192.168.1.35]
PLAY RECAP **************************************************************************************************************************************************************
192.168.1.35 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.1.40 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Conclusion
Why Use Ansible for Local Nodes?
I am planning to create documentation on setting up a Kubernetes cluster and managing it with Ansible playbooks. This guide will address scenarios such as self-hosted servers, private rackspace, self-managed data centers, and simple home lab setups, demonstrating how to efficiently manage and maintain multiple machines with minimal effort.
- Using Ansible for local nodes simplifies Kubernetes setup and management by automating configuration and ensuring consistency across your cluster. It leverages Infrastructure as Code (IaC) to reduce manual errors and improve scalability.
- Start by setting up Ansible control and target nodes, then create and execute playbooks to automate Kubernetes deployment and management. This approach streamlines operations and enhances efficiency.
