Ad-hoc Commands against Remote Hosts
Connect to remote Linux and Windows hosts using Ad-hoc commands.
We'll cover the following
Running ad-hoc commands on the localhost and containers is straightforward. It gets a little more involved, however, when you target remote hosts.
Ansible relies on an inventory to match a pattern against. The pattern localhost creates an implicit inventory when you do not mention an inventory.
When you target remote hosts, you need to specify an inventory source. You pass an inventory to the ansible command with the -i option. One method for defining an inventory is to create a host_list.
You can create a host_list bypassing DNS names or IP addresses to the -i option. A comma separates each DNS name or IP address. By default, Ansible attempts to parse the input of the -i option as an inventory file. To bypass that, place a comma , at the end of the host_list.
ansible all -i webserver1,webserver2,webserver3,
Without the special keyword of localhost, a host pattern is required. The pattern all is a default group in Ansible that refers to all the hosts in an inventory or host_list.
Destroyed Infrastructure
In case you deleted the Ansible development environment, make sure to re-deploy the infrastructure for AWS and Azure by following these links.
Running ad-hoc against a Linux host
Run the Ansible command to ping the remote Linux host.
# Replace the <Public Ip Address> with the actual# Linux Instance or VM IP Addressansible all -i <Public Ip Address>, -m ping
Replace <Public Ip Address> with the IP address of the Linux instance or virtual machine.
After running the command you will be prompted to confirm the connection because of host key checking.
The authenticity of host '<Public IP Address>' can't be established.ECDSA key fingerprint is SHA256:g8b7ejFQ2eaQSJ7bNl4KDdKx66TbLP5IC7dhXpLwjig.ECDSA key fingerprint is MD5:38:f0:6e:03:6e:f8:c7:12:ec:3e:ac:b3:41:63:d1:56.Are you sure you want to continue connecting (yes/no)?
Accepting this per remote machine isn’t ideal. One solution is to disable host key checking.
You can disable host key checking by setting the variable ansible_ssh_common_args to -o StrictHostKeyChecking=no and re-run the Ansible command.
# Replace the <Public Ip Address> with the actual# Linux instance or VM IP Addressansible all -i <Public Ip Address>, -m ping -e "ansible_ssh_common_args='-o StrictHostKeyChecking=no'"
Permission Denied
Failed to connect to the host via ssh: Permission denied.
The ping command fails because no credentials have been provided. You pass credentials to the ansible command by using two more variables, ansible_user and ansible_password.
# Replace the <Public Ip Address> with the actual# Linux instance or VM IP Address and# <Password> with your actual passwordansible all -i <Public Ip Address>, -m ping -e "ansible_user=ansible ansible_password=<Password> ansible_ssh_common_args='-o StrictHostKeyChecking=no'"
Replace <Password> with your password and re-run the command. The command should return the SUCCESS status as below:
<Public IP Address> | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"},"changed": false,"ping": "pong"}
Running ad-hoc against a Windows host
Running commands against a Windows system requires that additional variables be defined. Ansible was first built to configure Linux operating systems, and many of the default variables and configurations favor that operating system.
The variables needed to connect are dependent on your authentication options. However, for this scenario, the following variables are required:
ansible_useransible_passwordansible_connection- Defines the protocol to connect to the remote host.
ansible_winrm_server_cert_validation- Ignores certificate warnings.
Use the -e option to define the variables connected to a remote Windows host.
# Replace <Password> with your Actual Password# Replace <Public IP Address> with Windows Host IP Addressansible all -i <Public IP Address>, -m win_ping -e "ansible_user=ansible ansible_password=<Password> ansible_winrm_server_cert_validation=ignore ansible_connection=winrm"
Replace <Public IP Address> with the Windows host’s IP address and replace <Password> with the password of the Ansible user.
Run the Ansible command to run a win_ping task. It should return a SUCCESS status.
<Public IP Address> | SUCCESS => {"changed": false,"ping": "pong"}
Windows Ansible Modules
All of the Windows-specific Ansible modules are prefixed withwin. You can see a full list of Windows Ansible modules here.
Practice connecting to the development environment in the terminal using the commands and modules learned in this lesson. We have provided a summarized view of the commands below:
# Replace the <Public Ip Address> with the actual# Linux Instance or VM IP Addressansible all -i <Public Ip Address>, -m ping# Disable Host Key Checking# Replace the <Public Ip Address> with the actual# Linux instance or VM IP Addressansible all -i <Public Ip Address>, -m ping -e "ansible_ssh_common_args='-o StrictHostKeyChecking=no'"# Replace the <Public Ip Address> with the actual# Linux instance or VM IP Address and# <Password> with your actual passwordansible all -i <Public Ip Address>, -m ping -e "ansible_user=ansible ansible_password=<Password> ansible_ssh_common_args='-o StrictHostKeyChecking=no'"# Replace <Password> with your Actual Password# Replace <Public IP Address> with Windows Host IP Addressansible all -i <Public IP Address>, -m win_ping -e "ansible_user=ansible ansible_password=<Password> ansible_winrm_server_cert_validation=ignore ansible_connection=winrm"
The ad-hoc Ansible command is becoming somewhat ridiculous. Having to specify the variables every time makes the command way too long. It isn’t feasible to type it out every time.
In this lesson, you connected to your Ansible development environment and explored the different variables and modules required for that purpose.
Get hands-on with 1300+ tech skills courses.