ansible ping with diferent port with code examples

As a system administrator, your job is to automate repetitive tasks so that you can maintain a large infrastructure with ease and efficiency. Automation plays a vital role in any large organization, and Ansible has become a popular automation tool because of its simplicity and flexibility. One of the core functionalities of Ansible is the ability to ‘ping’ remote machines to see if they are accessible and running.

By default, Ansible uses SSH protocol to connect to machines. However, sometimes SSH may not be running on the default port, 22. In this scenario, Ansible provides the ability to set a custom port to establish a connection with remote hosts.

In this article, we will explore how to use the ‘ansible ping’ command with a different port number.

Requirements

Before we dive into the Ansible ‘ping’ command with a different port, let us first make sure that the following requirements are met:

  • Ansible must be installed on the local machine from which you will run the command.
  • We must have at least two remote machines, and the SSH port on one of them should be set to something other than the default port (22).
  • We should have access to the remote machines through SSH.

Checking If Ansible and SSH Are Installed and Running Properly

First, let us make sure that both Ansible and SSH are installed and running properly on the local machine and the remote machine. We can check if they are running or not by running the following command:

sudo systemctl status sshd.service
sudo systemctl status ansible.service

If both services are running successfully, you should see the following output:

● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-07-15 08:59:27 IST; 3s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 6335 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
 Main PID: 6336 (sshd)
   CGroup: /system.slice/sshd.service
           └─6336 /usr/sbin/sshd -D

● ansible.service - The Ansible Automation Agent
   Loaded: loaded (/usr/lib/systemd/system/ansible.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-07-15 09:23:53 IST; 2s ago
 Main PID: 11750 (ansible)
    Tasks: 9 (limit: 6244)
   CGroup: /system.slice/ansible.service
           ├─11750 /usr/bin/python3 /usr/bin/ansible --version
           ├─11751 /usr/bin/python3 /usr/bin/ansible --version
           ├─11752 /usr/bin/python3 /usr/bin/ansible --version
           ├─11753 /usr/bin/python3 /usr/bin/ansible --version
           ├─11754 /usr/bin/python3 /usr/bin/ansible --version
           ├─11755 /usr/bin/python3 /usr/bin/ansible --version
           ├─11756 /usr/bin/python3 /usr/bin/ansible --version
           ├─11757 /usr/bin/python3 /usr/bin/ansible --version
           └─11758 /usr/bin/python3 /usr/bin/ansible --version

If you see the output above, then both SSH and Ansible are running perfectly fine.

Setting up a Custom SSH port

The default SSH port is 22. However, for security purposes, we can modify this port to a different number to avoid potential hacking attempts. In this example, let us use port 2022.

On the remote machine that will be accessed using a custom port, we can modify the SSH configuration file to use port 2022 instead of port 22. To do this, we need to modify the SSH configuration file. This file is located at ‘/etc/ssh/sshd_config’. Open this file, and uncomment the line starting with ‘#Port 22’ and change the port number to 2022. Save the file and restart the SSH service using the following command:

sudo systemctl restart sshd.service

If the SSH service is not restarted, changes made to the configuration file will not take effect.

Verifying If the Custom SSH Port Is Functional

Now that we have set up the custom SSH port, we need to make sure that it is functional.

From the local machine, run the following command:

ssh user@remote-machine -p 2022

This should connect you to the remote machine on the custom port 2022. If the connection is successful, you will see a prompt asking for your password. If the connection fails, then check your network connection, port number, and SSH configuration file.

Now that we know how to verify if the custom SSH port is functional and how to modify SSH to listen on a different port, let’s dive into how to ping the remote machine using the custom port with Ansible.

Pinging Remote Machine Using a Custom SSH Port with Ansible

The Ansible ‘ping’ module is used to test the connectivity between the Ansible server and the remote machines. By default, Ansible uses the SSH protocol to connect to remote machines during ‘ping’ module execution.

To ping a remote machine using a different port with Ansible, we need to modify the Ansible ‘ping’ command to include the ‘-e’ flag. The ‘-e’ flag is short for ‘extra-vars’ and is used to specify run variables.

The run variables for the ‘ping’ module will be the IP address of the remote machine, the username with which we log in, and the port number on which SSH is listening.

The syntax for pinging a remote machine using a custom SSH port is as follows:

ansible all -m ping -e 'ansible_port=custom-ssh-port ansible_user=username ansible_host=ip-address'

The above command is replacing the default values for ‘ansible_port,’ ‘ansible_user,’ and ‘ansible_host’ to that of custom SSH configuration.

For example, to ping a remote machine with IP address 192.168.1.100, username ‘testuser’ and SSH custom port number 2022, the command would be:

ansible all -m ping -e 'ansible_port=2022 ansible_user=testuser ansible_host=192.168.1.100'

This will output the following if the ping is successful:

192.168.1.100 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "ping": "pong"
}

The "ping": "pong" output shows that the remote machine is accessible, and Ansible was able to connect to it using the custom SSH port.

Conclusion

In this article, we explored how to use the ‘ansible ping’ command with a different port number. We started with checking if the required services (SSH and Ansible) are running, then we set up a custom SSH port, tested it, and finally showed how to use Ansible to ping remote machines on the custom port.

Using a custom SSH port for remote machines increases security by making it difficult for attackers to exploit the default port. The Ansible automation tool is essential to system administrators, and being able to ping remote hosts using a custom port makes it even more flexible and powerful.

here are some additional points related to our previous topic – 'ansible ping with different port with code examples':

  1. Best Practices for Setting Custom SSH Ports:

It's always a good practice to set a custom SSH port for accessing remote machines, but setting it to any random value may lead to issues if certain ports are already reserved by other applications. Therefore, it's recommended to set custom SSH ports within the range of 1024-65535, as they are not reserved by any default applications.

Additionally, if you are using firewall services like iptables or UFW, make sure to add the custom SSH port to the firewall rules, so that incoming traffic to that port is allowed.

  1. Importance of Ansible 'ping' module:

The Ansible 'ping' module is a crucial tool for system administrators to check if remote machines are reachable and responding. This module sends a simple ICMP packet to the remote host and expects a 'pong' reply in response.

Using the 'ping' module with a custom SSH port is an efficient way to check if the remote machine is reachable and responsive on the non-default SSH port. It also saves time and effort, as you don't need to log in to each machine manually to run the 'ping' command.

  1. Troubleshooting Tips for Ansible 'ping' module:

If you encounter any issues while using the Ansible 'ping' module with a custom SSH port, here are some troubleshooting tips:

  • Verify if the SSH service is running on the custom port and that the firewall rules are set up correctly to allow incoming traffic on that port.
  • Ensure that the correct SSH user name and IP address of the remote machine are specified in the 'ping' module command.
  • Verify if the host is reachable from the Ansible server by running the 'ping' command on the command line interface.
  • Check if the remote machine has the necessary SSH keys to authenticate the incoming connection.
  1. Uses of Ansible beyond 'ping':

While the Ansible 'ping' module is the simplest way to check the connectivity of remote machines, Ansible provides many other modules that can be used to automate more complex tasks. Ansible modules can be used to set up a new user account, install packages, configure network interfaces, perform backups, and much more.

In addition to the built-in modules, you can also create custom modules that fit your specific needs. Ansible's flexibility and simplicity make it an attractive tool for automation tasks of any size and complexity.

In conclusion, using the 'ansible ping' command with a different port number is a simple yet powerful technique in the automation arsenal of system administrators. Additionally, it highlights the importance of setting custom SSH ports to enhance the security of remote machines. Lastly, it's worth remembering that the Ansible 'ping' module is just the tip of the iceberg when it comes to using Ansible for automating tasks on remote machines.

Popular questions

  1. What is the purpose of using a custom SSH port with Ansible?

Ans: Using a custom SSH port with Ansible enhances the security of remote machines, as it makes it difficult for attackers to exploit the default SSH port. Additionally, it provides system administrators with the flexibility to choose a port number that's not assigned to any default services.

  1. How can you test if the custom SSH port is functional before running the Ansible 'ping' command?

Ans: To test if the custom SSH port is functional, run the SSH command with the '-p' flag followed by the custom port number and the IP address of the remote machine. For example: ssh user@remote-machine -p 2022. If the connection is successful, you will see a prompt asking for your password, otherwise, check network connectivity and the SSH configuration file on the remote machine.

  1. What is the syntax for running the 'ansible ping' command with a custom SSH port?

Ans: The syntax for running the 'ansible ping' command with a custom SSH port is as follows:

ansible all -m ping -e 'ansible_port=custom-ssh-port ansible_user=username ansible_host=ip-address'

Replace 'custom-ssh-port,' 'username,' and 'ip-address' with the correct values for your remote machine.

  1. What are some best practices for setting custom SSH ports?

Ans: Some best practices for setting custom SSH ports include:

  • Choose a port number within the range of 1024 to 65535 that's not already reserved by any default services.
  • Add the custom SSH port number to the firewall rules.
  • Use SSH key authentication whenever possible.
  • Document the custom SSH port number and password (if applicable).
  1. What are some troubleshooting tips if you encounter issues while using the 'ansible ping' command with a custom SSH port?

Ans: Some troubleshooting tips if you encounter issues while using the 'ansible ping' command with a custom SSH port include:

  • Verify if the SSH service is running on the custom port and that the firewall rules are set up correctly to allow incoming traffic on that port.
  • Ensure that the correct SSH user name and IP address of the remote machine are specified in the 'ping' module command.
  • Verify if the host is reachable from the Ansible server by running the 'ping' command on the command line interface.
  • Check if the remote machine has the necessary SSH keys to authenticate the incoming connection.

Tag

Portability

My passion for coding started with my very first program in Java. The feeling of manipulating code to produce a desired output ignited a deep love for using software to solve practical problems. For me, software engineering is like solving a puzzle, and I am fully engaged in the process. As a Senior Software Engineer at PayPal, I am dedicated to soaking up as much knowledge and experience as possible in order to perfect my craft. I am constantly seeking to improve my skills and to stay up-to-date with the latest trends and technologies in the field. I have experience working with a diverse range of programming languages, including Ruby on Rails, Java, Python, Spark, Scala, Javascript, and Typescript. Despite my broad experience, I know there is always more to learn, more problems to solve, and more to build. I am eagerly looking forward to the next challenge and am committed to using my skills to create impactful solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Begin typing your search term above and press enter to search. Press ESC to cancel.

Back To Top