VNC Configuration using Ansible in CentOS 7

-


1. Install epel repo on CentOS 7 system:

  # yum install epel-release -y

2. Install ansible using yum:

  # yum install ansible -y

3. Go to '/etc/ansible/roles/' directory and run the below command to create the skeleton directory structure:

  # ansible-galaxy init vnc7 --offline
  # tree vnc7
        vnc7
    ├── defaults
    │   └── main.yml
    ├── files
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   └── main.yml
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
        └── main.yml

4. Create the service file to allow 'root' user to access the vncserver using port 5901.
   In "/etc/ansible/roles/vnc7/files/" directory create a file with "vncserver@:1.service" name and add the below content:

  [Unit]
  Description=Remote desktop service (VNC)
  After=syslog.target network.target

   [Service]
  Type=forking
  # Clean any existing files in /tmp/.X11-unix environment
  ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
  ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i -geometry 1024x768 -depth 16"
  PIDFile=/root/.vnc/%H%i.pid
  ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

   [Install]
  WantedBy=multi-user.target

5. Modify 'main.yaml' file in "/etc/ansible/roles/vnc7/tasks/" directory with following content:

  ---
  - name: "Installing the vnc package"
    yum: pkg={{ item }} state=installed
    with_items:
    - tigervnc
    - tigervnc-server

   - name: "Copying the vnc configuration file"
    copy: src=/etc/ansible/roles/vnc7/files/vncserver@:1.service dest=/etc/systemd/system/vncserver@:1.service owner=root group=root mode=0644

   - name: "Create the remote /root/.vnc directory"
    file:
      path: /root/.vnc
      mode: 0755
      state: directory

   - name: "Generate vnc password for root user remotely"
    shell: |
        echo RedHat123 | vncpasswd -f > /root/.vnc/passwd

   - name: "Change the permission to 600 for /root/.vnc/passwd file"
    file:
      path: /root/.vnc/passwd
      mode: 0600

   - name: "Start & enable the vncserver"
    systemd:
      state: started
      daemon_reload: yes
      name: vncserver@:1
      enabled: True

6. Make a file with 'site.yaml' name and mention which folder to search inside roles directory to retrieve the configuration and validate the syntax:

  ---
  - hosts: host1.example.com
    roles:
      - vnc7

 # ansible-playbook site.yaml  --syntax-check

    playbook: site.yaml


7. Configure passwordless ssh to client system from ansible server:

  # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ce:7d:fd:65:4e:61:4e:a9:09:61:90:d2:75:1b:d1:1d root@server.example.com
The key's randomart image is:
+--[ RSA 2048]----+
|        ..o. +oEo|
|       . o. . o..|
|        .  o .   |
|          . .   .|
|        S  .   = |
|       o .  ..* .|
|        o . .o..+|
|           .   =.|
|                o|
+-----------------+

8. Copy the public key to both the client system by using below command:

  # ssh-copy-id -i /root/.ssh/id_rsa.pub root@hots1.example.com


9. Run the playbook with all required changes:

  [root@server ~]# ansible-playbook site.yaml

   PLAY [host1.example.com] *********************************************************************************

   TASK [Gathering Facts] *********************************************************************************
  ok: [host1.example.com]

   TASK [vnc7 : Installing the vnc package] *********************************************************************************
  changed: [host1.example.com] => (item=[u'tigervnc', u'tigervnc-server'])

   TASK [vnc7 : Copying the vnc configuration file] *********************************************************************************
  changed: [host1.example.com]

   TASK [vnc7 : Create the remote /root/.vnc directory] *********************************************************************************
  changed: [host1.example.com]

   TASK [vnc7 : Generate vnc password for root user remotely] *********************************************************************************
  changed: [host1.example.com]

   TASK [vnc7 : Change the permission to 600 for /root/.vnc/passwd file] *********************************************************************************
  changed: [host1.example.com]

   TASK [vnc7 : Start & enable the vncserver] *********************************************************************************
  changed: [host1.example.com]

   PLAY RECAP *********************************************************************************
  host1.example.com             : ok=7    changed=6    unreachable=0    failed=0


  !!   VNC server configuration is complete and "host1.example.com" can be accessible using 'root/RedHat123' credentials over port 5901   !!

Comments

Post a Comment

Popular posts from this blog

How to build Ubuntu Server 20.04 LTS OVA with vAPP Properties ?

-
Image
This document will explain how to build an Ubuntu Server 20.04 LTS ova with vAPP properties enabled. Requirement: VM Deployment access required in vCenter environment. We have used the vCenter Server 6.7 and ESXi 6.5 while documented the below steps 1. Install a ubuntu server 20.04 lts vm with minimal cpu, ram and HDD(as needed). Make your own partition. 2. Use apt-get to upgrade all the packages along with the additional packages that required to install in the vm:      $ sudo apt-get update && apt-get upgrade -y 3. Make sure that 'open-vm-tools' and 'ifupdown' package is installed in the vm:       $ sudo apt-get install open-vm-tools  -y       $ sudo apt-get install ifupdown  -y 4. Take the console of the vm and stop, disable and mask the Network Manager service:       $ systemctl  stop  NetworkManager.service       $ systemctl  disable NetworkManager.service       $ systemctl  mask NetworkManager.service        5. Delete the Network Manager config file:      
Read more

LVM Configuration using Ansible in CentOS 7

-
1. Install epel repo on CentOS 7 system:   # yum install epel-release -y 2. Install ansible using yum:   # yum install ansible -y   3. Open '/etc/ansible/hosts' file and make a group called 'dbhosts' to add two hosts in it:   # vi  /etc/ansible/hosts   [dbhosts]    host1.example.com    host2.example.com  4. Configure passwordless ssh to both host1 & host2 from ansible server:   # ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: ce:7d:fd:65:4e:61:4e:a9:09:61:90:d2:75:1b:d1:1d root@server.example.com The key's randomart image is: +--[ RSA 2048]----+ |        ..o. +oEo| |       . o. . o..| |        .  o .   | |          . .   .| |        S  .   = | |       o .
Read more