Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / Linux / How to Install and Configure Ansible on Linux

March 11, 2024

How to Install and Configure Ansible on Linux

Ansible is a popular configuration management solution that allows you to manage multiple servers remotely. It’s a commonly used tool for software configuration and deployment automation. Unlike Chef or Puppet, Ansible doesn’t require agents to be installed on managed hosts, which is its main advantage. All you need to install on management hosts is Python and an SSH server. This article covers the principal steps for installing and configuring an Ansible server on Linux, as well as how to use Ansible to manage other Linux hosts.

Contents:
  • Installing Ansible on Linux
  • Getting Started with Ansible on Linux
  • Working with Ansible Playbooks

Installing Ansible on Linux

Ansible requires SSH and Python to be installed on the managed and managed hosts. Ansible itself only needs to be installed on the control (master) server. Since the OpenSSH server is usually installed by default on all Linux distros, all that remains is to install Python 3+ and Ansible itself.

Here are the commands for Ubuntu/Debian:

Install Python:

$ sudo apt install python3

Checking the version:

$ python3 --version

Python 3.8.10

Install Ansible:

$ sudo apt install ansible

Install ansible and python on linux

$ ansible --version

ansible 2.9.6
You can install Ansible and Python on rpm-based Linux distros (CentOS, Rocky Linux, RHEL, Oracle Linux) as follows:

$ dnf install epel-release
$ dnf makecache
$ dnf install python3
$ dnf install ansible

Getting Started with Ansible on Linux

The installation creates the directory /etc/ansible with the following configuration files:

  • /etc/ansible/hosts – this is where you can specify a list of hosts to be managed via Ansible;
  • /etc/ansible/ansible.cfg — Ansible configuration file.

You can create several different host groups in the /etc/ansible/hosts file. For example, for all your hosts with Nginx, with MariaDB databases, etc. For this example, we will only create one group named servers_all.

$ sudo nano /etc/ansible/hosts

[servers_all]
srvubunt1 ansible_host=192.168.14.144 ansible_user=sysops
srvubunt2 ansible_host=192.168.14.142 ansible_user=sysops
srv-db01 ansible_host=192.168.14.151 ansible_user=sysops

You can specify hosts by their DNS name or IP addresses. The ansible_user specifies the account that will be used for the SSH connection.

hosts file in linux

You can put the same parameters of a host group in a separate section with the :vars suffix, for example:

[servers]
srvubunt1 ansible_host=192.168.14.144
srvubunt2 ansible_host=192.168.14.142
[servers_all:vars]
ansible_port=22
ansible_user=sysops

To view the tree structure of the inventory file, run:

$ ansible-inventory --graph

ansible-inventory graph

By default, Ansible uses SSH to connect to remote hosts. If you want to automatically accept the SSH fingerprint and not enter yes when initially accessing a host, you need to add the following parameter to /etc/ansible/ansible.cfg:

"host_key_checking = false"

You can now use the built-in ping module to test the connection. The module checks:

  • host availability;
  • SSH credentials;
  • the ability to run Ansible modules on hosts using Python.

Now, let’s check the availability of all hosts in the inventory file:

$ ansible all -m ping --ask-pass

All of the hosts are available.

ansible ping hosts

In order for Ansible to be able to authenticate via SSH with a password, you need to install the sshpass package:

$ sudo apt install sshpass

Otherwise, you will get the following error when trying to use the --ask-pass parameter:

to use the 'ssh' connection type with passwords, you must install the sshpass program.

In the previous example, you must enter the user’s password each time you connect to remote hosts. To avoid prompting for a password when running Ansible commands and playbooks, you need to configure the SSH key-based authentication.

Generate RSA keys on the Ansible management host:

$ ssh-keygen -t rsa

Do not specify a password to protect the SSH key.

Now you need to copy the key file to each node using ssh-copy-id:

$ ssh-copy-id [email protected]

ssh-copy-id - copy keys to ansible hosts

Make sure that SSH key-based authentication is enabled on remote hosts:

# nano /etc/ssh/sshd_config

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

# service sshd restart

Now you can use Ansible to run remote commands without entering a password. Let’s check the uptime of all servers in the servers_all group:

$ ansible servers_all -a 'uptime'

run remote command on hosts with ansible

Let’s look at some examples of interactive command execution on hosts in the inventory file.

First, we’ll run an inventory procedure to check the state of the hosts. In this example, we only need information about the hosts’s RAM:

$ ansible -m setup -a 'filter=ansible_memtotal_mb' all

ansible m setup - gathers facts about remote hosts

Now we use the shell module to check the uptime of all the hosts:

$ ansible -m shell -a 'uptime' all

Working with Ansible Playbooks

You can either send commands to the managed hosts through the console (ad-hoc) or by using a special YAML playbook file. In the playbook, you can describe the desired state of the system. Ansible checks that the managed host configuration matches the description in the playbook.

Let’s have a look at an example of a simple playbook to install the Midnight Commander (mc) file manager on the hosts.

Create a directory for playbooks:

$ sudo mkdir -p /etc/ansible/playbooks

Create a YML file:

$ sudo nano /etc/ansible/playbooks/mc-deploy.yml

- hosts: servers_all
  become: yes
  become_method: sudo
  tasks:

    - name: update
      apt: update_cache=yes

    - name: Install mc
      apt: name=mc state=latest

If your managed hosts are running an rpm-based version of Linux, replace the last line with yum: name=mc state=latest .

Please note that YAML syntax uses a strict indentation system like in Python. So you need to use spaces, not tabs.

Now you can run the playbook against the hosts in a group:

$ ansible-playbook /etc/ansible/playbooks/mc-deploy.yml --ask-become-pass

In this case, to run apt, you will need to enter the password to elevate privileges via sudo.

If you want to disable the password when using sudo in Ubuntu, you have to run the following command on managed hosts::

$ echo "sysops ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/sysops

Once that’s done, you can run the playbook without the –ask-become-pass parameter.

ansible playbook run example

Next, you can check the return values of the playbook to see on which servers it ran successfully.

You can use Ansible Tower (a paid solution from RedHat) and Ansible AWX (free) if you need a graphical shell. You can use Ansible to manage not only Linux servers but also Windows hosts (requires configured WinRM). The specifics of Windows management with Ansible will be discussed in the next article

0 comment
0
Facebook Twitter Google + Pinterest
LinuxQuestions and Answers
previous post
Computer Doesn’t Turn Off After Shutting Down Windows 10/11
next post
Disable Welcome Message for Microsoft 365 Groups

Related Reading

Fixing ‘The Network Path Was Not Found’ 0x80070035...

August 31, 2023

How to Fix the ‘Too Many Open Files’...

March 13, 2024

How to Use Ansible to Manage Windows Machines

March 12, 2024

Recovering Files from BitLocker Encrypted Drive

March 13, 2024

Turn Linux Computer into Wi-Fi Access Point (Hotspot)

March 11, 2024

Using iPerf to Test Network Speed and Bandwidth

March 12, 2024

How to Increase Size of Disk Partition in...

March 11, 2024

Moving WSL to Another Drive in Windows

March 11, 2024

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025
  • AD Domain Join: Computer Account Re-use Blocked

    March 11, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • Fixing ‘The Network Path Was Not Found’ 0x80070035 Error Code on Windows
  • Recovering Files from BitLocker Encrypted Drive
  • Installing an Open Source KMS Server (Vlmcsd) on Linux
  • How to Access VMFS Datastore from Linux, Windows, or ESXi
  • Install Any OS from ISO Image over Network with iVentoy
  • Using iPerf to Test Network Speed and Bandwidth
  • Moving WSL to Another Drive in Windows
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top