I agree with @satch_boogie comment above - use ansible
when you need SUDO
and use pssh
when you don't - its cleaner to SUDO
in ansible
IMO although initial setup is more involved.
Short answer: Example updating and upgrading package with apt
:
ansible myservers -a "sudo apt -y update" --become -K
ansible myservers -a "sudo apt -y upgrade" --become -K
Long answer and setup: For my situation, I was using MacOS locally to manage my remote Linux machines. I did the following which may vary slightly if your using Linux:
- make sure you have the same user created locally and on all target machines:
sudo adduser username
- add the user to the SUDO group on each target machine:
usermod -aG sudo username
- (maybe optional) Setup passwordless ssh though I'm unclear if this is needed but my environment was already setup with this. Try steps below first as it might not be necessary for passwordless ssh.
- Install ansible on your local machine:
brew install ansible
(or linuxsudo apt install ansible
) - create the default hosts file for ansible on your local machine:
sudo mkdir /etc/ansible && sudo touch /etc/ansible/hosts
- edit the file
sudo nano /etc/ansible/hosts
- Add the target machines under a group (ip or machine name):
[myservers] blah1.local blah2.local blah3.local
- (Optional) I had a second user in the SUDO group on all target machines so I had to temporarily remove themthis user from the SUDO group to avoid a prompt (like when using
sudo systemctl
it asks to pick a SUDO user):ansible myservers -a "sudo deluser otheruser sudo" --become -K
- Now run the actual SUDO command you want. Example:
ansible myservers -a "sudo apt -y update" --become -K
- (Optional) re-add the otheruser back to the SUDO group:
ansible myservers -a "sudo adduser otheruser sudo" --become -K
Now every time I need to run a SUDO command across machines, I simply repeat steps 8-10.