How to Install and Configure Ansible on Ubuntu?
By
Avi
Getting started with Ansible on Ubuntu for better environment provisioning and configuration management.
Configuration Management is a crucial stage in DevOps lifecycle. It helps in the automation and orchestration of the IT infrastructure.
There are several tools for configuration management, for example, Puppet, Ansible, Chef, and SaltStack. And, of course, Ansible is one of the most popular tools in DevOps. It can manage thousands of servers and your complete IT infrastructure with ease.
We will cover the following in this article.
- Ansible installation
- SSH key exchange
- Ansible client setup
- Ansible testing
Ansible Installation
To keep it simple, let’s try using Ansible on two servers. One will be ansible-server and another one ansible-client with the following IP.
- ansible-server – 10.0.0.1
- ansible-client – 10.0.0.25
Installation is straightforward…the following needs to be done on all the servers where you want to use Ansible. In this case, on above both servers.
- Run the below command to install the necessary software required for installing ansible.
root@ansible-server:~# apt install software-properties-common- Install the repository with ansible package.
root@ansible-server:~# apt-add-repository --yes --update ppa:ansible/ansible- Update the advanced packaging tool (apt)
root@ansible-server:~# apt update- And, finally – run the command below to install
root@ansible-server:~# apt install ansibleIt will take few seconds to install the necessary package.
How do you ensure its installed and its version?
Well, it is easy. You can use --version syntax with ansible to find out like below.
root@ansible-server:~# ansible --version
ansible 2.8.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15+ (default, Nov 27 2018, 23:36:35) [GCC 7.3.0]
root@ansible-server:~#As you can see, Ansible 2.8.1 is installed and it provides the necessary information such as configuration file location, python module.
Next, we need to do SSH key exchange so serve and a client can talk to each other.
SSH Key Exchange
Ansible connects to its client through SSH (Secure shell).
We will first generate a public key on the ansible-server, which needs to be copied to the ansible-client.
Ensure you are logged in as a root user.
- Generate the key using
ssh-keygencommand as shown below
root@ansible-server:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:cDapZBESo+8XcbXupbtILkFrklUSpwa70Y1c7yH5K1A root@ansible-server
The key's randomart image is:
+---[RSA 2048]----+
| =.+oo . |
| . B.B.= . |
| . o @oE + |
| . *oO * . |
| o++.S + . |
| .o +o . + |
| .o..o + |
| ..o o . |
| .o o. |
+----[SHA256]-----+
root@ansible-server:~#As you would have noticed, it has generated a public key in the .ssh folder. The complete path is /root/.ssh/id_rsa.pub
Note: ensure the private and public key files are not world readable. You can list the files to verify them.
- Go to the .ssh folder
cd /root/.ssh- List the files
root@ubuntu:~# ls -l
-rw------- 1 root root 1679 Jun 19 00:37 id_rsa
-rw------- 1 root root 404 Jun 19 00:37 id_rsa.pubIf you notice permission is wrong, then you may change it by using chmod command
Ex:
chmod 400 id_rsa
chmod 400 id_rsa.pubLet’s copy the public key to Ansible host which IP address is 192.168.56.101
root@ansible-server:~/.ssh# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.25
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.25 (10.0.0.25)' can't be established.
ECDSA key fingerprint is SHA256:eXduPrfV0mhxUcpsZWg+0oXDim7bHb90caA/Rt79cIs.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.25's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@10.0.0.25'"
and check to make sure that only the key(s) you wanted were added.
root@ansible-server:~/.ssh#You can see in the output above, 1 key has been added successfully. This indicates that the SSH key is exchanged.
Next, we will setup an Ansible client.
Ansible Client Setup
I assume you have already followed the Ansible installation steps on the client server as explained in previous steps.
Client or Host setup is nothing but making the Ansible server aware of the clients. And, to do so:
- Login to Ansible server
- Go to /etc/ansible
- Add the following in hosts file by using your favorite editor
[Client]
node1 ansible_ssh_host=10.0.0.25- Save the hosts file
Ansible Test
If you have followed all the steps correctly, you will get a SUCCESS message when you run the below command on the ansible-server.
root@ansible-server:~/.ssh# ansible -m ping Client
node1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
root@ansible-server:~/.ssh#Thea above pings to the client to test the connectivity and confirm if good or not.
Conclusion
I hope this gives you an idea to get it started with installation and playing around. Stay tuned for more Ansible tutorials or also check out this Udemy Mastering Ansible course.
-
AviAuthorAvi is a tech enthusiast with expertise in trending technologies such as DevOps, Cloud Computing, Big Data and many more. He is passionate about learning cutting-edge technologies and sharing his knowledge with others through… read more
