Ansible is an open-source tool that allows you to provision, configure, manage, and deploy applications. It helps to run infrastructure as a code, basically an automation tool. Ansible runs on Linux, Unix-like, and Windows systems. It is a free tool written in Python.
Using Ansible, automation and controlling of a large of servers is simplified. This made the system admin or DevOps engineer manage all servers from a single control node.
Unlike Chef and Puppet, Ansible doesn't need any special software to be installed on the nodes. Ansible uses SSH to execute tasks and YAML file to define provision information.
This tutorial will show you how to install ansible on Ubuntu 20.04 and learn the basics.
Ansible Control Node and Hosts
Ansible control nodes is a computer that has ansible installed and controls one or more remote hosts. Control nodes communicate with hosts or nodes over SSH using command-line tools or configuration scripts (playbooks).
Hosts or Managed nodes are network devices or servers that ansible manages. Ansible simplifies the operation by using SSH, so hosts machines only require SSH service running and port open.
In the following section, we learn how to set up a control node and retrieve information from hosts.
Requirements
- One control node with ssh key pair
- One or more hosts - remote servers with ssh public key added
For the demonstration, we will use a Ubuntu 20.04 machine for both purposes.
Install Ansible on Ubuntu
Ansible components are installed on the control node. The following command to install Ansible on Ubuntu.
First, get an updated list of all the packages from their sources:
$ sudo apt update
Now to install ansible, type:
$ sudo apt install ansible
Setup control node and hosts
It's recommended creating a non-root user with sudo privileges on the Ansible control node. Then set up an SSH key pair for that user.
Create a new non-root user:
$ sudo adduser controller
Then, you have to assign sudo permission to controller user:
$ sudo usermod -aG sudo controller
Now, you can login to the controller user session and generate a SSH key:
$ su - controller $ ssh-keygen
Output:
Generating public/private rsa key pair. Enter file in which to save the key (/home/controller/.ssh/id_rsa): Created directory '/home/controller/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/controller/.ssh/id_rsa Your public key has been saved in /home/controller/.ssh/id_rsa.pub The key fingerprint is: SHA256:R033P2ygbVuZv5jJdRbIZtaPG8Af7ZFL2pE9vbzQgP0 controller@linoxide The key's randomart image is: +---[RSA 3072]----+ | . . | | o . . | | . .. .| | . .* =.O| | S .oo@.^=| | . =o%+@| | ++E*| | . *++| | =.o | +----[SHA256]-----+
We have to enable password-less SSH from Ansible Control Node to each host. Basically, we have to copy the control node's public key to the authorized_keys file on each host.
In this tutorial, we will use two ansible hosts: host1@ip_address_1 and host2@ip_address_2.
On Ansible control node, run the following command to copy the public key to host servers:
$ ssh-copy-id host1@ip_address_1 $ ssh-copy-id host2@ip_address_2
Setting up the Inventory File
Ansible uses the inventory file to store information about the remote servers (hosts) managed by Ansible Control Node. Hosts can be organized into groups or subgroups.
The default ansible inventory file is located at /etc/ansible/hosts, but you can create the inventory file in any location and you have to indicate the path to your inventory file using the -i parameter when running Ansible commands.
Now, you can open the inventory file with your favorite editor and modify it as follows:
$ sudo vim /etc/ansible/hosts
Noted that replace the below IPs with the IP addresses of your Ansible hosts.
[servers] server1 ansible_host=178.0.113.111 server2 ansible_host=178.0.113.112
Verify the inventory by the following command:
$ ansible-inventory --list -y
Output:
all:
children:
servers:
hosts:
server1:
ansible_host: 178.0.113.111
server2:
ansible_host: 178.0.113.112
ungrouped: {}
Testing the connection
It's time to check whether the Ansible can connect to the remote servers. You can use the -u argument to specify the remote user on the servers. For example:
$ ansible all -m ping -u root
The command use ansible ping module to check the connectivity from Ansible Control Node to remote servers.
server1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
server2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
When you receive a pong reply from the remote servers, you're able to run ansible commands and playbooks on that servers.
Running an Ad-hoc command on remote ansible hosts, for example:
$ ansible all -a "df -h" -u root
Output:
server1 | CHANGED | rc=0 >> Filesystem Size Used Avail Use% Mounted on udev 3.7G 0 3.7G 0% /dev tmpfs 746M 2.3M 744M 1% /run /dev/sda1 20G 4.7G 15G 25% / tmpfs 3.7G 0 3.7G 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 3.7G 0 3.7G 0% /sys/fs/cgroup /dev/loop1 130M 130M 0 100% /snap/google-cloud-sdk/161 /dev/loop0 32M 32M 0 100% /snap/snapd/10238 /dev/sda15 105M 3.6M 101M 4% /boot/efi tmpfs 746M 0 746M 0% /run/user/1001 server2 | CHANGED | rc=0 >> Filesystem Size Used Avail Use% Mounted on udev 3.7G 0 3.7G 0% /dev tmpfs 746M 1.7M 745M 1% /run /dev/sda1 20G 4.2G 16G 22% / tmpfs 3.7G 0 3.7G 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 3.7G 0 3.7G 0% /sys/fs/cgroup /dev/loop0 56M 56M 0 100% /snap/core18/1932 /dev/loop1 32M 32M 0 100% /snap/snapd/10492 /dev/sda15 105M 3.6M 101M 4% /boot/efi tmpfs 746M 0 746M 0% /run/user/1001
Conclusion
Ansible is now owned by Redhat and bringing lots of improvements to the code. Ansible Tower is the enterprise version of Ansible where you can manage servers from a modern web-based UI.
In this tutorial, you've learned how to install ansible on Ubuntu and basic setup through examples. Thanks for reading and please leave your suggestion in the below comment section.
