In this guide, we are about to see how to install and configure the Ansible IT Automation Tool.
Find below URL for more reference related to “Ansible”.
- Install and configure Ansible Automation IT Tool
- Install Ansible using Python installation manager pip
- How to create a host’s Inventory using Ansible
- Managing Groups and User creation using Ansible
- Creating a Logical volume based file system using Ansible
- Ansible tasks for Sysadmins with examples
Ansible IT automation tool can be used for configuration management and much more IT needs. It works using SSH and the main feature of ansible is it’s free from an agent (Agentless).
In this setup we are about to use 1 Ansible server and 3 clients, They are configured with static IP and hostnames will be resolved from DNS server.
# ping ansiclient1.oel7.local -c 2
# ping ansiclient2.oel7.local -c 2
# ping ansiclient3.oel7.local -c 2
[root@ansible ~]# ping ansiclient1.oel7.local -c 2
PING ansiclient1.oel7.local (192.168.107.226) 56(84) bytes of data.
64 bytes from ansiclient1.oel7.local (192.168.107.226): icmp_seq=1 ttl=64 time=0.297 ms
64 bytes from ansiclient1.oel7.local (192.168.107.226): icmp_seq=2 ttl=64 time=0.583 ms
--- ansiclient1.oel7.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
rtt min/avg/max/mdev = 0.297/0.440/0.583/0.143 ms
[root@ansible ~]
[root@ansible ~]# ping ansiclient2.oel7.local -c 2
PING ansiclient2.oel7.local (192.168.107.227) 56(84) bytes of data.
64 bytes from ansiclient2.oel7.local (192.168.107.227): icmp_seq=1 ttl=64 time=1.23 ms
64 bytes from ansiclient2.oel7.local (192.168.107.227): icmp_seq=2 ttl=64 time=0.760 ms
--- ansiclient2.oel7.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.760/0.998/1.237/0.240 ms
[root@ansible ~]
[root@ansible ~]# ping ansiclient3.oel7.local -c 2
PING ansiclient3.oel7.local (192.168.107.228) 56(84) bytes of data.
64 bytes from ansiclient3.oel7.local (192.168.107.228): icmp_seq=1 ttl=64 time=1.18 ms
64 bytes from ansiclient3.oel7.local (192.168.107.228): icmp_seq=2 ttl=64 time=0.621 ms
--- ansiclient3.oel7.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
rtt min/avg/max/mdev = 0.621/0.901/1.181/0.280 ms
[root@ansible ~]
Install with EPEL repository.
If we need to install from Ansible repo we can find the one from below URL. There will be two packages in each version make sure to pick the noarch package instead of source.rpm.
We need dependencies to start with the ansible installation.
# wget https://releases.ansible.com/ansible/rpm/release/epel-6-x86_64/ansible-2.4.3.0-1.el6.ans.noarch.rpm
# yum install PyYAML, python-crypto, python-jinja2, python-paramiko, python-setuptools, python-six, sshpass
# rpm -ivh ansible-2.4.3.0-1.el6.ans.noarch.rpm
Ansible Repo for RHEL & Variant 6 based.
Ansible Repo for RHEL & Variant 7 based.
Ansible Repo for Fedora 27
To find all the repository we can find from below URL.
But when we install from EPEL repo using below steps dependencies will be available from the same repository.
EPEL RHEL 6 based
# wget http://mirrors.piconets.webwerks.in/fedora-mirror/epel/6/x86_64/epel-release-6-8.noarch.rpm
Install epel repo package once downloaded.
# rpm -ivh epel-release-6-8.noarch.rpm
[root@ansible ~]# rpm -ivh epel-release-6-8.noarch.rpm
warning: epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY Preparing... ########################################### [100%]
1:epel-release
########################################### [100%]
[root@ansible ~]
EPEL RHEL 7 based
# wget https://ftp.yz.yamagata-u.ac.jp/pub/linux/fedora-projects/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
# rpm -ivh epel-release-7-11.noarch.rpm
To install from an RHEL extra channel repository we can refer to KB article from Red Hat.
To install Ansible on Ubuntu servers click here for repo.
Ansible provides PPA repo for all the Ubuntu versions from above URL.
# sudo apt-get update
# sudo apt-get install software-properties-common
# sudo apt-add-repository ppa:ansible/ansible
# sudo apt-get update
# sudo apt-get install ansible
Once we install with the EPEL repo by following the search for the ansible package using “yum”.
# yum search ansible
[root@ansible ~]# yum search ansible
ansible-doc.noarch : Documentation for Ansible
ansible-inventory-grapher.noarch : Creates graphs representing ansible inventory
ansible-lint.noarch : Best practices checker for Ansible
python2-ansible-tower-cli.noarch : A CLI tool for Ansible Tower
ansible.noarch : SSH-based configuration management, deployment, and task execution system Name and summary matches only, use "search all" for everything.
[root@ansible ~]
Install the ansible package using “yum”. Yum will manage to pull all the required dependencies from the repository.
# yum install ansible.noarch
[root@ansible ~]# yum install ansible.noarch This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ansible.noarch 0:2.4.2.0-1.el6 will be installed
--> Processing Dependency: PyYAML for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-crypto for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-crypto2.6 for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-httplib2 for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-jinja2-26 for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-keyczar for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-paramiko for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-setuptools for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-simplejson for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: python-six for package: ansible-2.4.2.0-1.el6.noarch
--> Processing Dependency: sshpass for package: ansible-2.4.2.0-1.el6.noarch
--> Running transaction check
Installed:
ansible.noarch 0:2.4.2.0-1.el6
Dependency Installed:
PyYAML.x86_64 0:3.10-3.1.el6
libyaml.x86_64 0:0.1.3-4.el6_6
python-babel.noarch 0:0.9.4-5.1.el6
python-crypto.x86_64 0:2.0.1-22.el6
python-crypto2.6.x86_64 0:2.6.1-2.el6
python-httplib2.noarch 0:0.7.7-1.el6
python-jinja2-26.noarch 0:2.6-3.el6
python-keyczar.noarch 0:0.71c-1.el6
python-markupsafe.x86_64 0:0.9.2-4.el6
python-paramiko.noarch 0:1.7.5-2.1.el6
python-pyasn1.noarch 0:0.0.12a-1.el6
python-setuptools.noarch 0:0.6.10-3.el6
python-simplejson.x86_64 0:2.0.9-3.1.el6
python-six.noarch 0:1.9.0-2.el6
sshpass.x86_64 0:1.06-1.el6
Complete!
[root@ansible ~]
Here we are not going to use any customized ansible configuration.
Ansible configuration can be located under /etc/ansible/.
# more /etc/ansible/ansible.cfg
Default host file will be under /etc/ansible/
# more /etc/ansible/hosts
Define below servers as a group of hosts under /etc/ansible/hosts in the name of oel7_clients.
[oel7_clients]
ansiclient1.oel7.local
ansiclient2.oel7.local
ansiclient3.oel7.local
Add ansible user across all the servers and create the password.
# groupadd -g 1500 ansible
# useradd -u 1500 -g 1500 -c "Ansible configuration Management" -s /bin/bash ansible
Create the password for ansible user.
# passwd ansible
Changing password for user ansible.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Configure Ansible user SUDO entry with no-password option.
# visudo
ansible ALL=(ALL) NOPASSWD: ALL
Save and exit from visudo.
Switch to ansible user and create SSH key.
# su - ansible
$ ssh-keygen
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansible/.ssh/id_rsa):
Created directory '/home/ansible/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ansible/.ssh/id_rsa.
Your public key has been saved in /home/ansible/.ssh/id_rsa.pub.
The key fingerprint is: 63:56:ef:8e:f2:da:17:86:03:15:01:bc:f3:d5:0e:51 ansible@ansible.oel7.local
The key's randomart image is:
+--[ RSA 2048]----+
| ...oo .E | | . . . | | o. o | | +. .o . | | S+ o.o | | o .+.o . | | o.. | | .. o. | | .++.. |
+-----------------+
[ansible@ansible ~]
Copy the created SSH key across all the ansible clients from “Ansible server”.
$ ssh-copy-id ansiclient1.oel7.local
$ ssh-copy-id ansiclient2.oel7.local
$ ssh-copy-id ansiclient3.oel7.local
Log in and check all the clients to make sure it works without a password. Repeat the check for all client servers.
[ansible@ansible ~]$ ssh ansiclient1.oel7.local
[ansible@ansiclient1 ~]$ exit
logout Connection to ansiclient1.oel7.local closed.
[ansible@ansible ~]
Let us quickly run a ping test using ansible module. Here we are trying to ping the group “oel7_clients” of hosts.
$ ansible oel7_clients -m ping
Output will be exactly as shown below with ping pong response.
ansible@ansible ~]$ ansible oel7_clients -m ping
ansiclient3.oel7.local | SUCCESS => {
"changed": false,
"ping": "pong" }
ansiclient2.oel7.local | SUCCESS => {
"changed": false,
"ping": "pong" }
ansiclient1.oel7.local | SUCCESS => {
"changed": false,
"ping": "pong" }
That’s it we have successfully installed and run Ansible.
Conclusion:
To start with Ansible journey we are done with installation part, by following let us see how to work with Ansible in upcoming articles. Till then subscribe to our newsletter and feed to keep you update.