How To Install Ansible on CentOS 7 / RHEL 7 / Ubuntu 18.04 / 16.04 & Debian 9

Ansible is a free configuration management tool, and it supports managing the configurations of Unix-like and Microsoft Windows systems. Ansible manages nodes over SSH or PowerShell and python to be installed on them.

Ansible helps you to perform configuration, management, and deployment of software on 100s of nodes using SSH, the entire operation can be executed by one single command ansible. But, in some cases, where you may require to execute multiple commands for deployment.

This guide will help you to install Ansible on CentOS 7 / Ubuntu 18.04 / Ubuntu 16.04 / Debian 9.

Architecture

If you take other configuration management tools like puppet, chef, and CFEngine, server software is installed on one machine, and client machines are managed through the agent. Wherein Ansible, the nodes are managed by controlling machine (Ansible server) over SSH, so there won’t be any agent running on node machines.

Ansible deploys modules to nodes over SSH, and these modules are temporarily stored in the nodes and communicate with the Ansible server through a JSON protocol. Modules are nothing but a script written in Python, Perl, Ruby, bash, etc.

System Requirements

Controlling Machine

You can run Ansible on any machine which is having Python 2.6 or 2.7 installed (Windows isn’t supported for the control machine).

Supports Red Hat, Debian, CentOS, OS X, any of the BSDs.

Client Nodes

Client machines should at least have Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later)

If you have SELinux enabled on remote nodes, you will have to install libselinux-python package on nodes before using any copy/file/template related functions in Ansible

Environment

Hostname IP Address OS Purpose
server.itzgeek.local 192.168.1.10 CentOS 7 / Ubuntu 18.04 / Debian 9 Controlling Machine
node1.itzgeek.local 192.168.1.20 CentOS 7 Managed Node 1
node2.itzgeek.local 192.168.1.30 Ubuntu 18.04 Managed Node 2

Install Ansible on CentOS 7 / RHEL 7 / Ubuntu 18.04 / 16.04 & Debian 9

Setup Controlling Machine

To install Ansible, we will have to Enable EPEL repository on CentOS 7 / RHEL 7.

### CentOS 7 ### yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm ### RHEL 7 ### subscription-manager repos --enable rhel-7-server-ansible-2.6-rpms ### Ubuntu 18.04 / Ubuntu 16.04 ### sudo apt-get update
sudo apt-get install software-properties-common sudo apt-add-repository ppa:ansible/ansible
sudo apt-get update ### Debian 9 ### sudo apt-get install dirmngr
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main" | sudo tee -a /etc/apt/sources.list.d/ansible.list
sudo apt-get update

Install Ansible.

### CentOS 7 / RHEL 7 & Fedora 28 ### yum install -y ansible ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo apt-get install -y ansible

Once Ansible is installed, verify the version of Ansible by executing below command.

ansible --version

Output:

ansible 2.6.3 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

Setup Managed Nodes

Client machines should at least have Python 2 (version 2.6 or later) or Python 3 (version 3.5 or later).

### CentOS 7 / RHEL 7 & Fedora ### yum install -y python

### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo apt-get install -y python

SELinux (CentOS / RHEL / Fedora)

If you have SELinux enabled on managed nodes, you will have to install below package on nodes before using any copy/file/template related functions in Ansible.

ADVERTISEMENT

yum install -y libselinux-python

SSH Authentication

As said earlier, Ansible uses native OpenSSH for remote communication. Ansible supports both passwordless and password authentication to execute commands on managed nodes.

SSH key authentication (Passwordless Authentication)

When it comes to ssh authentication, by default, it uses ssh keys (passwordless authentication) to authenticate with the remote machine.

READ: How To Setup SSH Passwordless Login on CentOS 7 / RHEL 7

Though the above link is for CentOS, the steps in it will work for Ubuntu / Debian as well.

Once you set up the passwordless communication, verify it.

ssh raj@192.168.1.20
ssh raj@192.168.1.30

You should now be able to login to the remote machine without the password.

Password Authentication

Password authentication can also be used where needed by supplying the option --ask-pass. This option requires sshpass to the on controlling machine.

### CentOS 7 / RHEL 7 & Fedora ### yum install -y sshpass ### Ubuntu 18.04 / 16.04 & Debian 9 ###  sudo apt-get update
sudo apt-get install -y sshpass

Here, for this demo, I have used passwordless communication between ansible controlling node and the managed nodes.
Ansible server’s username = root
Managed node’s username = raj

Create Ansible Inventory

Edit (or create) /etc/ansible/hosts file. This file holds the inventory of remote hosts to which Ansible will connect through SSH for managing them.

### CentOS 7 / RHEL 7 & Fedora ### vi /etc/ansible/hosts ### Ubuntu 18.04 / 16.04 & Debian 9 ### sudo nano /etc/ansible/hosts

Put one or more remote systems and group it. Here, I have added both machines to the demo-servers group.

Groups are used to classifying systems for particular use. If you do not specify any group, they will act as ungrouped hosts.

[demo-servers]
192.168.1.20
192.168.1.30

First Command

Now it is the time to check all our nodes by just doing a ping from controlling machine, to do that we will use the command ansible with options -m (load module) and all (all servers).

# all servers - Works when both server's and client's user name are same (Passwordless) ansible all -m ping # all servers - "raj" is managed node's user (Passwordless) ansible all -u raj -m ping OR # Only demo-servers group - "raj" is managed node's user (Passwordless) ansible demo-servers -u raj -m ping OR

# If you use password authendication ansible -m ping all -u raj --ask-pass

Output:

192.168.1.20 | SUCCESS => { "changed": false, "ping": "pong"
}
192.168.1.30 | SUCCESS => { "changed": false, "ping": "pong"
}

In the above example, we have used the ping module with ansible command to ping all or group of remote hosts.

The same way, we can use various modules with ansible command, you can find available modules here.

Here, for this demo, I have used passwordless communication between ansible controlling node and the managed nodes.
Ansible server’s username = root
Managed node’s username = raj
So, all my ansible commands will have -u raj

Remote Command Execution

This time, we will use the command module with ansible command to get remote machine information.

For example, we will execute hostname command with command module to get the hostname name of remote hosts at one go.

ADVERTISEMENT

ansible -m command -a "hostname" -u raj demo-servers

Output:

192.168.1.30 | SUCCESS | rc=0 >>
node2.itzgeek.local 192.168.1.20 | SUCCESS | rc=0 >>
node1.itzgeek.local

We will get partition details with below command.

ansible -m command -a "df -hT" -u raj demo-servers

Output:

192.168.1.30 | SUCCESS | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
udev devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs tmpfs 395M 1.5M 393M 1% /run
/dev/sda4 ext4 94G 4.9G 84G 6% /
tmpfs tmpfs 2.0G 0 2.0G 0% /dev/shm
tmpfs tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup
/dev/loop0 squashfs 87M 87M 0 100% /snap/core/4486
/dev/loop3 squashfs 3.4M 3.4M 0 100% /snap/gnome-system-monitor/36
/dev/loop1 squashfs 1.7M 1.7M 0 100% /snap/gnome-calculator/154
/dev/loop2 squashfs 141M 141M 0 100% /snap/gnome-3-26-1604/59
/dev/loop4 squashfs 21M 21M 0 100% /snap/gnome-logs/25
/dev/loop5 squashfs 88M 88M 0 100% /snap/core/5328
/dev/loop6 squashfs 13M 13M 0 100% /snap/gnome-characters/69
/dev/sda1 vfat 93M 4.6M 88M 5% /boot/efi
tmpfs tmpfs 395M 28K 395M 1% /run/user/120
tmpfs tmpfs 395M 36K 395M 1% /run/user/1000
/dev/loop7 squashfs 15M 15M 0 100% /snap/gnome-logs/40 192.168.1.20 | SUCCESS | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-root xfs 50G 1.1G 49G 3% /
devtmpfs devtmpfs 1.4G 0 1.4G 0% /dev
tmpfs tmpfs 1.5G 0 1.5G 0% /dev/shm
tmpfs tmpfs 1.5G 8.5M 1.4G 1% /run
tmpfs tmpfs 1.5G 0 1.5G 0% /sys/fs/cgroup
/dev/sda1 xfs 1014M 188M 827M 19% /boot
/dev/mapper/centos-home xfs 46G 33M 46G 1% /home
tmpfs tmpfs 287M 0 287M 0% /run/user/1000
tmpfs tmpfs 287M 0 287M 0% /run/user/0

To check the uptime and load details on both nodes.

 ansible -m command -a "uptime" -u raj demo-servers

Output:

192.168.1.30 | SUCCESS | rc=0 >> 16:36:45 up 56 min, 3 users, load average: 0.00, 0.00, 0.00 192.168.1.20 | SUCCESS | rc=0 >> 16:36:45 up 1:09, 2 users, load average: 0.05, 0.04, 0.05

You can also check the content of the particular file.

ansible -m command -a "cat /etc/resolv.conf" -u raj demo-servers

Output:

192.168.1.30 | SUCCESS | rc=0 >>
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "systemd-resolve --status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf. nameserver 127.0.0.53 192.168.1.20 | SUCCESS | rc=0 >>
# Generated by NetworkManager
search itzgeek.local
nameserver 8.8.8.8
nameserver 192.168.1.1

You can also save the output to any file by redirecting like below.

ansible -m command -a "cat /etc/resolv.conf" -u raj demo-servers > /tmp/ouput_file cat /tmp/ouput_file

By this way, you can run many shell commands using ansible.

You now have successfully installed Ansible on CentOS 7 / Ubuntu 18.04 / Ubuntu 16.04 / Debian 9.

READ MORE: How To Create Ansible Playbooks for IT Automation

That’s All.

Posted by Linux Admin