How To Install Ansible on CentOS 7 / RHEL 7 / Ubuntu 18.04 / 16.04 & Debian 9
Abstract: I have used passwordless communication between ansible controlling node and the managed nodes. Ansible server’s username = root Managed node’s usernam
Ansible is a free configuration management tool, and it supports managing the configurations of Unix-like and Microsoft Windows systems. Ansible manages nodes over SSH or PowerShell and python to be installed on them.
Ansible helps you to perform configuration, management, and deployment of software on 100s of nodes using SSH, the entire operation can be executed by one single command ansible
. But, in some cases, where you may require to execute multiple commands for deployment.
This guide will help you to install Ansible on CentOS 7 / Ubuntu 18.04 / Ubuntu 16.04 / Debian 9.
ArchitectureIf you take other configuration management tools like puppet, chef, and CFEngine, server software is installed on one machine, and client machines are managed through the agent. Wherein Ansible, the nodes are managed by controlling machine (Ansible server) over SSH, so there won’t be any agent running on node machines.
Ansible deploys modules to nodes over SSH, and these modules are temporarily stored in the nodes and communicate with the Ansible server through a JSON protocol. Modules are nothing but a script written in Python, Perl, Ruby, bash, etc.
System Requirements Controlling MachineYou can run Ansible on any machine which is having Python 2.6 or 2.7 installed (Windows isn’t supported for the control machine).
Supports Red Hat, Debian, CentOS, OS X, any of the BSDs.
Client NodesClient machines should at least have Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later)
If you have SELinux enabled on remote nodes, you will have to install libselinux-python
package on nodes before using any copy/file/template related functions in Ansible
To install Ansible, we will have to Enable EPEL repository on CentOS 7 / RHEL 7.
### CentOS 7 ### yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm ### RHEL 7 ### subscription-manager repos --enable rhel-7-server-ansible-2.6-rpms ### Ubuntu 18.04 / Ubuntu 16.04 ### sudo apt-get update sudo apt-get install software-properties-common sudo apt-add-repository ppa:ansible/ansible sudo apt-get update ### Debian 9 ### sudo apt-get install dirmngr sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main" | sudo tee -a /etc/apt/sources.list.d/ansible.list sudo apt-get update
Install Ansible.
### CentOS 7 / RHEL 7 & Fedora 28 ### yum install -y ansible ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo apt-get install -y ansible
Once Ansible is installed, verify the version of Ansible by executing below command.
ansible --version
Output:
ansible 2.6.3 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]Setup Managed Nodes
Client machines should at least have Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later).
### CentOS 7 / RHEL 7 & Fedora ### yum install -y python ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo apt-get install -y pythonSELinux (CentOS / RHEL / Fedora)
If you have SELinux enabled on managed nodes, you will have to install below package on nodes before using any copy/file/template related functions in Ansible.
yum install -y libselinux-pythonSSH Authentication
As said earlier, Ansible uses native OpenSSH for remote communication. Ansible supports both passwordless and password authentication to execute commands on managed nodes.
SSH key authentication (Passwordless Authentication)When it comes to ssh authentication, by default, it uses ssh keys (passwordless authentication) to authenticate with the remote machine.
READ: How To Setup SSH Passwordless Login on CentOS 7 / RHEL 7
Though the above link is for CentOS, the steps in it will work for Ubuntu / Debian as well.Once you set up the passwordless communication, verify it.
ssh [email protected] ssh [email protected]
You should now be able to login to the remote machine without the password.
Password AuthenticationPassword authentication can also be used where needed by supplying the option --ask-pass
. This option requires sshpass to the on controlling machine.
### CentOS 7 / RHEL 7 & Fedora ### yum install -y sshpass ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo apt-get update sudo apt-get install -y sshpassHere, for this demo, I have used passwordless communication between ansible controlling node and the managed nodes.
Ansible server’s username = root
Managed node’s username = raj Create Ansible Inventory
Edit (or create) /etc/ansible/hosts file. This file holds the inventory of remote hosts to which Ansible will connect through SSH for managing them.
### CentOS 7 / RHEL 7 & Fedora ### vi /etc/ansible/hosts ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo nano /etc/ansible/hosts
Put one or more remote systems and group it. Here, I have added both machines to the demo-servers group.
Groups are used to classifying systems for particular use. If you do not specify any group, they will act as ungrouped hosts.
[demo-servers] 192.168.1.20 192.168.1.30First Command
Now it is the time to check all our nodes by just doing a ping from controlling machine, to do that we will use the command ansible with options -m (load module) and all (all servers).
# all servers - Works when both server's and client's user name are same (Passwordless) ansible all -m ping # all servers - "raj" is managed node's user (Passwordless) ansible all -u raj -m ping OR # Only demo-servers group - "raj" is managed node's user (Passwordless) ansible demo-servers -u raj -m ping OR # If you use password authendication ansible -m ping all -u raj --ask-pass
Output:
192.168.1.20 | SUCCESS => { "changed": false, "ping": "pong" } 192.168.1.30 | SUCCESS => { "changed": false, "ping": "pong" }
In the above example, we have used the ping module with ansible command to ping all or group of remote hosts.
The same way, we can use various modules with ansible command, you can find available modules here.
Here, for this demo, I have used passwordless communication between ansible controlling node and the managed nodes.Ansible server’s username = root
Managed node’s username = raj
So, all my ansible commands will have
-u raj
Remote Command Execution
This time, we will use the command module with ansible command to get remote machine information.
For example, we will execute hostname command with command module to get the hostname name of remote hosts at one go.
ansible -m command -a "hostname" -u raj demo-servers
Output:
192.168.1.30 | SUCCESS | rc=0 >> node2.itzgeek.local 192.168.1.20 | SUCCESS | rc=0 >> node1.itzgeek.local
We will get partition details with below command.
ansible -m command -a "df -hT" -u raj demo-servers
Output:
192.168.1.30 | SUCCESS | rc=0 >> Filesystem Type Size Used Avail Use% Mounted on udev devtmpfs 1.9G 0 1.9G 0% /dev tmpfs tmpfs 395M 1.5M 393M 1% /run /dev/sda4 ext4 94G 4.9G 84G 6% / tmpfs tmpfs 2.0G 0 2.0G 0% /dev/shm tmpfs tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup /dev/loop0 squashfs 87M 87M 0 100% /snap/core/4486 /dev/loop3 squashfs 3.4M 3.4M 0 100% /snap/gnome-system-monitor/36 /dev/loop1 squashfs 1.7M 1.7M 0 100% /snap/gnome-calculator/154 /dev/loop2 squashfs 141M 141M 0 100% /snap/gnome-3-26-1604/59 /dev/loop4 squashfs 21M 21M 0 100% /snap/gnome-logs/25 /dev/loop5 squashfs 88M 88M 0 100% /snap/core/5328 /dev/loop6 squashfs 13M 13M 0 100% /snap/gnome-characters/69 /dev/sda1 vfat 93M 4.6M 88M 5% /boot/efi tmpfs tmpfs 395M 28K 395M 1% /run/user/120 tmpfs tmpfs 395M 36K 395M 1% /run/user/1000 /dev/loop7 squashfs 15M 15M 0 100% /snap/gnome-logs/40 192.168.1.20 | SUCCESS | rc=0 >> Filesystem Type Size Used Avail Use% Mounted on /dev/mapper/centos-root xfs 50G 1.1G 49G 3% / devtmpfs devtmpfs 1.4G 0 1.4G 0% /dev tmpfs tmpfs 1.5G 0 1.5G 0% /dev/shm tmpfs tmpfs 1.5G 8.5M 1.4G 1% /run tmpfs tmpfs 1.5G 0 1.5G 0% /sys/fs/cgroup /dev/sda1 xfs 1014M 188M 827M 19% /boot /dev/mapper/centos-home xfs 46G 33M 46G 1% /home tmpfs tmpfs 287M 0 287M 0% /run/user/1000 tmpfs tmpfs 287M 0 287M 0% /run/user/0
To check the uptime and load details on both nodes.
ansible -m command -a "uptime" -u raj demo-servers
Output:
192.168.1.30 | SUCCESS | rc=0 >> 16:36:45 up 56 min, 3 users, load average: 0.00, 0.00, 0.00 192.168.1.20 | SUCCESS | rc=0 >> 16:36:45 up 1:09, 2 users, load average: 0.05, 0.04, 0.05
You can also check the content of the particular file.
ansible -m command -a "cat /etc/resolv.conf" -u raj demo-servers
Output:
192.168.1.30 | SUCCESS | rc=0 >> # This file is managed by man:systemd-resolved(8). Do not edit. # # This is a dynamic resolv.conf file for connecting local clients to the # internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains. # # Run "systemd-resolve --status" to see details about the uplink DNS servers # currently in use. # # Third party programs must not access this file directly, but only through the # symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way, # replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 127.0.0.53 192.168.1.20 | SUCCESS | rc=0 >> # Generated by NetworkManager search itzgeek.local nameserver 8.8.8.8 nameserver 192.168.1.1
You can also save the output to any file by redirecting like below.
ansible -m command -a "cat /etc/resolv.conf" -u raj demo-servers > /tmp/ouput_file cat /tmp/ouput_file
By this way, you can run many shell commands using ansible.
You now have successfully installed Ansible on CentOS 7 / Ubuntu 18.04 / Ubuntu 16.04 / Debian 9.
READ MORE: How To Create Ansible Playbooks for IT Automation
That’s All.