Setup your MAIL Exchange server with zarafa on CentOS 6 Part 3

now the actual setup of zarafa server after all the work we have done in part1 and part2.

Start the mysql server using command

# service mysqld start

Let us create a database called “zarafadb” and database user “zarafauser” with password “centos”. Change these values with your own values.

Log in to mysql server using command:

# mysql -u root -p

Create database “zarafadb” and assign the full permission to the user “zarafauser” over zarafadb.

mysql> create database zarafadb;

mysql> GRANT ALL ON zarafadb.* TO zarafauser@localhost IDENTIFIED BY 'somepass';

mysql> flush privileges;

mysql> exit

Add the database details to the zarafa server configuration file.

Edit file /etc/zarafa/server.cfg,

# vi /etc/zarafa/server.cfg

Find the following lines and Change the zarafa database values.

[...]

# The user under which we connect with MySQL
mysql_user              = zarafauser

# The password for the user (leave empty for no password)
mysql_password          = somepass

# Override the default MySQL socket to access mysql locally
# Works only if the mysql_host value is empty or 'localhost'
mysql_socket            =

# Database to connect to
mysql_database          = zarafadb

[...]

Now start all zarafa services.

# service zarafa-server start
# service zarafa-dagent start
# service zarafa-gateway start
# service zarafa-spooler start
# chkconfig zarafa-server on
# chkconfig zarafa-dagent on
# chkconfig zarafa-gateway on
# chkconfig zarafa-spooler on

Wait, We didn’t finish yet, we have to create public store where all emails stored and mail users.

Create Public store and users

Create public store using command:

# zarafa-admin -s

Then create users. For example, here i am going to create two users called “navneet” and “mohit”.

# useradd navneet
# useradd mohit
# passwd priyanka
# passwd arun

Now let us assign mail id’s to them as shown below.

# zarafa-admin -c navneet-p centos -e navneet@rathi.com -f "navneet" 
# zarafa-admin -c mohit-p centos -e mohit@rathi.com-f "mohit"

Where,

-c – Create user

-p – password

-e – email

-f – full name

To create administrative user, you should use -a parameter with value “1”.

# zarafa-admin -c nrathi-p sompass-e nrathi@rathi.com -f "nrathi" -a 1

Where,

-a – administrative user

1 – describes administrative user, You can use 0(zero) for non-administrative users.

To delete users, use -d parameter.

Ex.

# zarafa-admin -d nrathi

Access Zarafa webmail

We have done with configuration, Let us log in to Zarafa webmail. Navigate to http://ip-address/webaccess orhttp://domainname/webaccess.

Enter the username and password to log in. and you are done

Setup your MAIL Exchange server with zarafa on CentOS 6 Part 2

Before starting with this post you need to follow the steps which we have followed in the part1

SO Guys lets start with the phase 3 

now starting with the phase 3 lets start with the configurations of postfix. 

Add hostname entries in /etc/hosts file as shown below:

# vi /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.101   mail.rathi.com      mail

 I disabled SELinux to reduce complexity in postfix configuration.

If you want to keep SELinux on, enter the following command in Terminal:

# togglesebool httpd_can_network_connect

Allow the Apache default port 80 and port 443 if you are using ssl and 3306 if your mysql is on another server  through your firewall/router:

# vi /etc/sysconfig/iptables

[...]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
[...]

fowling are optional as they will come in picture if you are using production or more complex setup of more than one server

[...]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443-j ACCEPT
[...]

and same true for 3306 as well.

Configuring Postfix

Edit /etc/postfix/main.cf,

# vi /etc/postfix/main.cf

find and edit the following lines:

## Line no 75 - Uncomment and set your mail server FQDN ##
myhostname = mail.rathi.com

## Line 83 - Uncomment and Set domain name ##
mydomain = rathi.com

## Line 99 - Uncomment ##
myorigin = $mydomain

## Line 116 - Set ipv4 ##
inet_interfaces = all

## Line 119 - Change to all ##
inet_protocols = all

## Line 164 - Comment ##

#mydestination = $myhostname, localhost.$mydomain, localhost,

## Line 165 - Uncomment ##\
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

## Line 419 - Uncomment ##
home_mailbox = Maildir/

Save and exit the file. Start/restart Postfix service now:

# service postfix restart
# chkconfig postfix on

Testing Postfix mail server

First, create a test user called “nrathi“.

# useradd nrahi
# passwd nrathi

Access the server via Telnet and enter the commands manually shown in red colored text.

# telnet localhost smtp

Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.rathi.com ESMTP Postfix
ehlo localhost     ## type this command ##
250-mail.rathi.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:<nrathi>     ## Type this - mail sender address##
250 2.1.0 Ok
rcpt to:<nrathi>     ## Type this - mail receiver address ##
250 2.1.5 Ok
data     ## Type this to input email message ##
354 End data with <CR><LF>.<CR><LF>
welcome to rathi.com mail server     ## Enter the boddy of the email ##.
     ## type dot (.) to complete message ##
250 2.0.0 Ok: queued as B822221522
quit     ## type this to quit from mail ##
221 2.0.0 Bye
Connection closed by foreign host.

Now navigate to the user “nrathi“ mail directory and check for the new mail:

ls /home/nrathi/Maildir/new/

Sample output:

1390215275.Vfd00Ie04f8M357080.mail.rathi.com

A new mail is received to the user “nrathi“. To read the mail, enter the following command:

# cat /home/nrathi/Maildir/new/1390215275.Vfd00Ie04f8M357080.mail.rathi.com

Sample output:

Return-Path: <nrathi@rathi.com>
X-Original-To: nrathi
Delivered-To: nrathi@rathi.coml
Received: from localhost (localhost [IPv6:::1])
    by mail.rathi.com (Postfix) with ESMTP id B822221522
    for <nrathi>; Mon, 20 Jan 2015 16:23:54 +0530 (IST)
Message-Id: <20140120105404.B822221522@mail.rathi.com>
Date: Mon, 20 Jan 2015 16:23:54 +0530 (IST)
From: nrathi@rathi.com
To: undisclosed-recipients:;

welcome to rathi.com mail server

Add the following line at the end.

mailbox_command = /usr/bin/zarafa-dagent “$USER”

Save and close the file. Restart postfix service to take effect the saved changes.

# service postfix restart

The remaining things i will cover in the next part phase 4

Setup your MAIL Exchange server with zarafa on CentOS 6 Part 1

Hello Guys,

Welcome to the blog again I work with different issues so i come across the zarafa its an alternative to Microsoft exchange server and the best thing about it. that's free open source software.and as you know am big fan of open source software.

The Zarafa groupware provides email storage on the server side and offers its own Ajax-based mail client called WebAccess and a HTML5 based, WebApp.
Zarafa is designed to integrate with Microsoft Office Outlook and is intended as an alternative to the Microsoft Exchange Server. Connectivity with Microsoft Outlook is provided via a proprietary client-side plugin. The WebAccess and WebApp have the same “look-and-feel” as the Outlook desktop application. People used to working with Outlook should be able to use the WebAccess/WebApp without any problems.

Now, let talk about how to install and configure Zarafa Email Server on Centos 6.Install the Centos 6 minimal,we all know how we can do it.if you don't know no worry's.

just download the centos from the below URL and install it while installing it make sure you provide the correct domain name instate of localhost.localdomain and the again all options as per your requirement. like dist options and etc. etc. before stating it its for study perpose only not for production use as for production you need to have more restriction on mail server and need to configure more appropriately.you can say it that its for the proof of concept that yes this can be configured and this can be done.

so first thing first. 
    
lets download centos 6 minimal edition if you have already server setup the its ok.

Phase 1
download the ISO form the URL.

Then install the cent os on the virtual or on physical server. the first thing after that is login on server with the credentials which you have provided during the installation. after that start your network interfaces with commands

# ifup ethX 
where X is your interface nunber form 0 to anything 

after that update your centos for latest new softwares and  security patches and new stable version of kernel available at that time.
and we are done with phase1 

Phase 2
Download the MySQL,Apache,php,
By default centos 6  dont support mysl 5.6. and to reduce your admin jobs of maintenance.the idea is to install the mysl using yum from the mysql repo.
 so download the RPM of mysql repo and install in one line as

# rpm -ivh http://repo.mysql.com/mysql-community-release-el6-5.noarch.rpm

This command will downloas and install the mysql 5.6 repo in your cent os.

Then install Installation of EPEL-- Extra Packages for enterprise Linux.

# rpm -ivh  http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

after this

# yum update  -y && yum remove sendmail -y &&yum install mysql mysql-server php httpd zarafa*  postfix -y

After using this command we have done our most of the work of installation and of downloading.
This  is the end of phase 2 as just the configuration part is left behind

In the part 2 we will look the configuration of posfix and zarafa exchange server

Redis Master slave Replication

              

            Hello and welcome.from the past few days my Brother  given me a book and i start reading and started implementing the same on my local environment.The book was about the Radis and how Radis makes a difference, whats are its pros and cons. etc etc and how we can start using it.

 well then lets start with the Topic of interest installing a redis is not a much deal we all know Redhat/Centos and Debians like Ubuntu both supports redis so we can install then using the default installer like 
 
STEP 1 Installation 
 
In Redhat / Centos we need to add EPEL and Remi and then simply update the yum data and then "yum install redis"
 after that 

#service redis start
chkconfig --level 35 redis on
service redis start
 
In Ubuntu just fire "apt-get install redis-server"
  
Note: I am using Centos 6.6 

STEP 2 SETTING UP REPLICATION

Assume we have two IP Address 
192.168.1.101 ----> Masters_ip
192.168.1.102 ----> Slave_ip

Setup on Master

Open the terminal as a root or use sudo -i to gain the access of root

Note:Location of these conf file depends distribution and on type of installation from source or from standard package used 

#vim /etc/redis.conf

By default the redis bind to loopback ip-address we need to change it make it more appropriate.
so change 

bind 127.0.0.1 

to

bind 192.168.1.100

For security prospective need to add security as its start listning on network now. 
so change like from this
#requirepass foobared 

to  

requirepass myn@m31sN@vn33tR@t1v3 #some thing like this more    
                                  #complex 

and then save the file and restart the redis server with command

# service redis restart

On Slave Machine 

open the redis conf file using vim /etc/redis.conf

change 

bind 127.0.0.1 

to

bind 192.168.1.101

also set a password by default on new version of redis the redis in read only mode and it will be on network now so change the authentication setting for it provide it with some complex password 
so change the 


#requirepass foobared 

to  

requirepass myn@m31sN@vn33tR@t1v3 #some thing like this more    
                                  #complex 

Setting up Replication Actually

The below steps will outline setting up replication from the Slave. Replication only needs to be defined on Slave systems, the Master server does not require any special configuration.
Specifying the Master

In the slave configuration file specify the master server to replicate from. Redis has the ability to replicate from a slave, to set this up you would simply specify the first slaves details in place of the master.
  
change the below like from

# slaveof <masterip> <masterport>

to

slaveof 192.168.1.101 6379 # or some thing like that as per                                 #your need 

If you set a password earlier for the master server you will need to specify that password via the masterauth setting.

change

# masterauth <master-password>

to

masterauth  myn@m31sN@vn33tR@t1v3

Start the Service 

Step 3 Testing of your Replication.

To test the replication we will first login to the master server and set a key-value.
Set the key-value on the Redis Master

To login to the Redis server we will use the redis-cli client. The -h flag specifies the host to connect to, by default the redis-cli will connect to the localhost IP.

#redis-cli -h 192.168.1.100


Once logged in use the AUTH command with the password specified earlier.
 
#redis 192.168.1.100:6379> AUTH <password>
 OK

After authenticating we can now set a key-value pair using the SET command or thing you like you can put it in.I have taken key value pair to test it.

 #redis 192.168.1.100:6379> SET replicated:Navneet Rathi
 OK 

 Get the key-value on the Redis Slave

Now that data has been saved to the master we will login to the Redis Slave server using the same redis-cli command and use the GET command to retrieve the replicated data.

# redis-cli -h 192.168.1.101
redis 192.168.1.101:6379> AUTH <password>
 OK

Once logged in use the GET command to retrieve the value from the replicated:test key

 redis 192.168.1.101:6379> GET replicated:Navneet
 "Rathi"


and we are done.
We can also set the moniting for it we will check that out in nex blog till then enjoy... 


 

Tips for Monitoring Linux server Best and Simples Tips

Well welcome back guys to my blog on Tips for Linux server monitoring the activities on Linux server.

The following tips will allow you to monitor the activity on Linux server.Its start with the few assumptions like  

1.  you are using CentOS server 
2. You are also having minimal installation of Centos  

I am assuming minimal install as i can provide you the details
like installation of mail agent etc .

so lets start with it.

First of all you need to have internet connectivity on server if so then by default postfix is installed on you server so you can go for it else if you don't have internet connectivity and you have mail server configured on some other server This can be the code when you are running payment-gateway on server and PCI slandered won't allow you to so so then 

Install mailx as a client to send a mail so that you can use a command mail to send a mail

 #yum install mailx 

Install ssmtp on your Centos server and open the /etc/ssmtp/ssmtp.conf
  
# vim /etc/ssmtp/ssmtp.conf file

the added the following line to the file make sure you change the email address and password as per your mail server configuration. 

for simplicity and to cover more point i am taking gmail as my mailing server not the default postfix.
 

AuthUser=vijay9867206455@gmail.com
AuthPass=xxxxxxxx
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt

I have added the last line as while using the gmail you will get a typical error that can not connect to smtp.gmail.com  and to avoid the error I have added the below line for the TLS certificate.

then close the file and execute the following commands 

 # service sendmail stop && service postfix stop

 # chkconfig sendmail off

 # mv /usr/sbin/sendmail /usr/sbin/sendmail.old 

 # ln -s /usr/sbin/ssmtp /usr/sbin/sendmail

so good so then strat the postfix service and we will try to send a sample mail by using following command.

   #echo "This is a test" | mail -s "Test" vijay9867206455@gmail.com

and we will receive a mail for it.

Then open /etc/aliases

vim /etc/aliases

and find the like look like this

# Person who should get root's mail
#root: marc

and change this to look like this

# Person who should get root's mail
root: vijay99867206455@gmail.com
  
as written in file dont forget to fire newaliases command

#newaliases
 
 the simply login as user other than root and try to use sudo with wrong password and you will see you start getting alart for then too for any security breach or any unwanted activity you start getting alert.Its a very small tip but will help you alot for handing large servers for more convinces if you server's ip is 192.168.1.100 then change the host name to 192-168-1-10 or some thing like this so you will get the more clue if you are handling large number of servers

Thanks guys letme know if you have any issue you can mail me on my mail id  

Working with NTP (Network Time Protocol) Part 2

Working with NTP (Network Time Protocol) Part2

to set the timezone after the installation in Linux we need to install the tzdata package in Linux 

use the following command to install the tzdata 

# yum install tzdata

# tzselect

and select the proper time zone .

change time zone for specific user in linux
Open the .profile file from the home directory of user in my case assume i have a use called nrathi
so open a file .profile using command 
 # vim /home/nrathi/.profile
it will look like this  
 
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
 
add the following line to it will change the time zone for the specific user as the user local time zone is near to India.
 
# User specific environment and start-up programs
PATH=$PATH:$HOME/bin
export PATHt
timezone='GMT+5.30'; export timezone

and some the file and we are done to test log-out and log-in as nrathi  and test it


 

Working with NTP (Network Time Protocol) Part 1

Installing and Configuring with the NTP

Hello Guys today i will tell you about the NTP protocol and how to play with NTP protocol and some fine tuning with it.so lets start.

To install the NTP on centos

To begin, log in as root

# yum –y install ntpd 

The default installation of NTP will use a public server that has access to the atomic clock, but in order to optimize the service we will need to make a few simple changes in order to streamline and optimize what time servers are used. To do this, we shall open the main configuration file with your favorite text editor like so:

# vi /etc/ntp.conf 

  

Scroll down and look for the following lines:

 
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).

server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org

Replace the values shown with a list of preferred time servers like so:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).

server 0.uk.pool.ntp.org
server 1.uk.pool.ntp.org
server 2.uk.pool.ntp.org
server 3.uk.pool.ntp.org

Now find the following lines:
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodifynotrap
 

 Before starting our time service, we should add and confirm a network range in order that we can determine who can and who cannot receive time service-based requests.

To do this, uncomment the preceding line and replace the values to reflect your

network environment like so:
# Hosts on local network are less restricted.
Restrict XXX.XXX.XXX.XXX mask YYY.YYY.YYY.YYY nomodifynotrap
 

When complete, save and close the file before synchronizing your server by using the following command:

ntpdate NTP_SERVER_ADDRESS_HERE
For example, you can use ntpdate pool.ntp.org.
 

The initial synchronization request requires priming, so you may want to run and repeat this command several times before ensuring that the service will start during the boot process, by using the following command:

# chkconfig ntpd on
 

When finished, you can start the NTP service like so:
 

# service ntpd start
 

You should reboot to ensure that the relevant changes take effect:
 

# reboot
 

Well done, you have now installed and configured the NTP service. The overall process of time synchronization will take some time to complete, but you will be able to use the standard NTP query program (ntpq) in order to review a list of known peers as and a summary of their current state. To do this, return to your
console and type:

# ntpq–p

 

All daemons are prone to the environmental conditions found on your network, and the NTP service is not an exception. Periodic packet breaks can be disruptive, but even if you have not
experienced this yet, it may be advantageous to explore a solution that will make your NTP service far more persistent when probing the third-party servers. Known as the iburst option, this feature is designed to tell the NTP service to issue a burst
of eight packets to the remote server instead of one in order to offer an improved approach to the time synchronization process. Implementing this method is very simple and to begin,
simply return to your console and open the main configuration file in your favorite text editor
like so:

# vi /etc/ntp.conf

Scroll down the file and locate your time servers. Now simply append your time servers with a whitespace followed by the term iburst. For example, your new configuration file will look
like this:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).
server 0.uk.pool.ntp.org iburst
server 1.uk.pool.ntp.org iburst
server 2.uk.pool.ntp.org iburst
server 3.uk.pool.ntp.org iburst

to sync the clock with the hardware clock we need to sync it by using the following command 

 

# hwclock–systohc

and need to reboot using reboot command  

# hwclock–show

 

 

Compiling Apache from source

Compiling Apache from source 

Hello Friends welcome back again on my blog today I will explain how to compile  the Apache web server from source as its recommended to compile the software from source .

 1. Download the latest and greatest version of apache from the site:
     
     wget http://mirror.sdunix.com/apache//httpd/httpd-2.4.10.tar.gz

2. then extract the source using

 #  tar -xzvf httpd-2.4.10.tar.gz

3. Install the  pre-requisites using the yum utility

# yum install gcc* openssl openssl-devel

4. then changing the directory to the Apache source directory

# cd  httpd-2.4.10

5. configure the Apache source with default modules and Apache configuration directory
 #./configure --prefix=/usr/local/httpd

6.While configuring, we get below error

Error:
checking for APR… configure: WARNING: APR version 1.4.0 or later is required, found 1.3.9

configure: WARNING: skipped APR at apr-1-config, version not acceptable

Solution: 
We need to install apr and apr-util packages to resolve this issue.
Download apr and apr-util packages from

# wget http://mirror.olnevhost.net/pub/apache//apr/apr-1.5.1.tar.gz

# tar xvzf apr-1.5.1.tar.gz

# cd apr-1.5.1

# ./configure –prefix=/usr/local/src/httpd-2.4.10/srclib/apr

# make && make install

For apr-util package

# wget http://mirror.olnevhost.net/pub/apache//apr/apr-util-1.5.4.tar.gz

# tar -xzvf  apr-util-1.5.4.tar.gz

#./configure –prefix=/usr/local/src/httpd-2.4.10/srclib/apr-util

# make && make install

Now configure the Apache

./configure --prefix=/usr/local/httpd --enable-mods-shared=all --with-apr=/usr/local/src/httpd-2.4.10/srclib/apr/bin/apr-1-config --with-apr-util=/usr/local/src/httpd-2.4.10/srclib/apr-util/bin/apu-1-config

We will face an Error...

But, while configuring this we may get below error

Error:

checking for pcre-config… false
configure: error: pcre-config for libpcre not found. PCRE is required and available from http://pcre.org/

Solution:

pcre package needs to be installed to resolve this issue.

Download pcre:

# wget http://sourceforge.net/projects/pcre/files/latest/download?source=files

pcre-8.33.tar.bz2 will be saved

To extract:

# tar jxf pcre-8.33.tar.bz2

# cd pcre-8.33


Now configure pcre with:

Now configure pcre with:

# ./configure –prefix=/usr/local/pcre

# make

# make install

Now configure it again

# ./configure –prefix=/usr/local/http –enable-mods-shared=all –with-apr=/usr/local/src/httpd-2.4.10/srclib/apr –with-apr-util=/usr/local/src/httpd-2.4.10/srclib/apr-util –with-pcre=/usr/local/pcre/

# make

# make install


This is how apache can be installed with source.

Now start and stop services by

/usr/local/apache/bin/apachectl start/stop

Check the apache homepage with http://serverIP/ or http://localhost/

It displays the file which is set for default document root.

First Step towards infrastructure Automation (Ansible is Simple IT Automation)

Hello Guys..

Welcome back..now being an Administrator it can be for any os .We all know As the time passes the infrastructure of the company is always going to increase.Its easy for an Admin to manage 10/20/30 but what if you have to manage 500 server simultaneously..

Eg. we have 500 server installed in company and imagine a new admin come and join you and now its your baby to create login on all 500 servers for him isn't its a time consuming and boring task rather I will say its irritating task for a admin to do this.
      but just imagine the same request come to you and you need to just put useradd command with some tool and it will be replicate across all servers isn't it will be cool..

Now there are many IT automation tool available in market.so we need to choose tool as per our requirement.I have choose Ansible as

1. Its Free.
2. Its works on ssh connection only so it will be secure
3. No separate client configuration required
4. It uses push model so changes will be reflect fast as compare to pull model
5. the syntax its uses its YAML its like XML a simple plain English
6. Its interactive 
7. its light weighted  

SO here are few steps which we need to follow to make this happen.

step 1:
To install ansible on redhat or fedora or cent OS either download from git or rpm or install using yum utility.before that we need to install python of the machine using

#yum update && yum -y install python && yum install ansible

or on deb you can do the same by adding ppa to the source of apt for that we need to install python-software-properties.

#sudo apt-get update && sudo apt-get upgrade

#sudo apt-get install python-software-properties -y

#sudo add-apt-repository ppa:rquillo/ansible

#sudo apt-get update

#sudo apt-get install ansible

We can also install using the pip command for that we need to install `python-pip` on server.

After that

pip install ansible

For more info refer. http://docs.ansible.com/intro_installation.html

Step 2:

Create and setup ssh key:

If you do not already have an SSH key pair that you would like to use for Ansible administration.As the user you will be controlling Ansible with, create an RSA key-pair by typing:

# ssh-keygen -t rsa
Note: done put any value just use default values for it

# cat $home/.ssh/id_rsa.pubssh-rsa
o/p:
 AAAAB3NzaC1yc2EAAAADAQABAAABAQCjdZoR5lBLaILqn7foYO9N6zlB33K5gUcdCL8LHW4SGS6XZ8f26Ve2oAPHzxVyzLoTar5hlH3sJ/7X0VpfzJBV7fJxUS9/8lZn86sC1g4tZpD3kza6GqMUcBwOcoIfn1EbSVtEqKD+HmHhBgRdNp90//y5n9ULh3Y2IC2UDj+QBoIaKu+LWwJe4N2NgBw/f95Y6a/XGYvtiRiAtZSWPXMTlsFnT/gf7X3+U4nx8Sxzn6rgkOE+QJkKysrrb0o47sguLDcOLGS2h6d2Qo7xvx1ct8v+cRECVfm7XZZIhLP1wbqSh2i7XgOwZELgNqSZ7h+Op+QaF5o/SsB3hHhGzw8j root@nrathi-Lenovo-B460

you will get output some thing like this.We need to copy this o/p to every host which we want to manage using ansible.
As I have only one machine so i am using localhost you can use ip instead of localhost
Create .ssh directory in root's home directory using ansible.

#ansible -m shell -a 'mkdir $HOME/.ssh' localhost -k

note -k is used to specify the ssh password.

# ansible -m shell -a 'chmod -r 700' localhost -k

#ansible -m shell -a 'mkdir $HOME/.ssh' localhost -k

#ansible -m shell -a ' echo "AAAAB3NzaC1yc2EAAAADAQABAAABAQCjdZoR5lBLaILqn7foYO9N6zlB33K5gUcdCL8LHW4SGS6XZ8f26Ve2oAPHzxVyzLoTar5hlH3sJ/7X0VpfzJBV7fJxUS9/8lZn86sC1g4tZpD3kza6GqMUcBwOcoIfn1EbSVtEqKD+HmHhBgRdNp90//y5n9ULh3Y2IC2UDj+QBoIaKu+LWwJe4N2NgBw/f95Y6a/XGYvtiRiAtZSWPXMTlsFnT/gf7X3+U4nx8Sxzn6rgkOE+QJkKysrrb0o47sguLDcOLGS2h6d2Qo7xvx1ct8v+cRECVfm7XZZIhLP1wbqSh2i7XgOwZELgNqSZ7h+Op+QaF5o/SsB3hHhGzw8j root@nrathi-Lenovo-B460" >> .ssh/authorized_keys' localhost -k

ansible -m shell -a 'chmod 600 $HOME/.ssh/authorized_keys' localhost -k

and we are done we have successfully done the setting up the password less ssh across the host in my case they were users of same host.We can foll this or we can add this key in the key start of server which installing it.so that our over head is bit reduce of doing all
we can do the same by traditional way of making password less ssh too.

ref: http://www.namhuy.net/2433/ssh-login-without-password.html

Step 3:
Started with Basic Ansible cofig

On my Ansible computer, I'm using a user called nrathi. Ansible will try to connect to each host with ssh nrathi@<server_ip>.
 This will not work if the nrathi user is not on the remote system.

We can create a file that tells all of the servers in the "newhost" group to connect using the root user.

To do this,
 we will create a directory in the Ansible configuration structure called group_vars. Within this folder, we can create YAML-formatted files for each group we want to configure:

sudo mkdir /etc/ansible/group_vars
sudo vim /etc/ansible/group_vars/newhost

Note: Name of file and host grup name should be same

We can put our configuration in here. YAML files start with "---".

---
ansible_ssh_user: root

save this file and we are done

Note:

If you want to specify configuration details for every server, regardless of group association, you can put those details in a file at /etc/ansible/group_vars/all. Individual hosts can be configured by creating files under a directory at /etc/ansible/host_vars.

Ping all of the servers you configured by typing:

#ansible -m ping all

ping command does not take any argument but as we seen above.we can also try out them to create new user ssh config.checking free memory by free -m

ansible -m shell -a 'free -m' host1

Question
How can we specify multiple hosts in single command or calling specific set of servers ?

The "all" means all hosts. We could just as easily specify a group:

ansible -m ping newhost

We could also specify an individual host:

ansible -m ping host1

We can specify multiple hosts by separating them with colons:

ansible -m ping host1:host2

Note:
Groups can be combined

A:B designates the union of groups A and B
A:&B designates the intersection of groups A and B
A:!B designates the difference, all from A without those in B

#ansible -m ping web

#ansible -m ping web:db

#ansible -m ping web:&db

#ansible -m ping web:!db

Isn't this is cools guys..........