How to Install and Configure Ansible on Rocky Linux 8

by

In this blog we will learn how to Install and Configure Ansible on Rocky Linux 8. Let us first understand in details about ansible and how it works.

Introduction

Administrators and operations teams may now easily administer a large number of servers thanks to configuration management solutions. They let you automate the control of numerous systems from a single, central place. While Chef and Puppet are two of the numerous well-known configuration management solutions for Linux systems that are available, these are frequently more complex than what many people want or need. Ansible is a fantastic substitute for these choices due to its significantly lower initial cost.

How Ansible Works ?

Ansible operates by installing and configuring its components on a computer, then using that computer to configure client machines. It can issue commands, copy files, and retrieve data from remote workstations via standard SSH protocols. This means that no additional software needs to be installed on the client PCs when using an Ansible system. Ansible makes server administration easier in a number of ways. Any server, at any stage of its life cycle, that has an SSH port exposed can be included in the Ansible setup.

Ansible adopts a modular strategy that enables the usage of the primary system’s functionality to address particular scenarios. Any language can be used to write modules, and they can communicate using standard JSON. Because YAML is an expressive data serialization format and shares many characteristics with popular markup languages, it is commonly used for writing configuration files. Ansible’s configuration scripts, known as Playbooks, or its command line tools can be used to communicate with clients.

Pre-requisite

  • One Ansible Control Node: This is the server that will use to establish an SSH connection with and manage the Ansible client hosts. Though this guide assumes your control node is a Rocky Linux 8 system, your Ansible control node can be your local computer or a server dedicated to running Ansible. Verify if the control node possesses:
    • A non-root user with sudo privileges
    • An SSH keypair associated with this user
  • One or more client nodes for Ansible: Any computer that your Ansible control node is set up to automate is called an Ansible host. This tutorial assumes that your remote Rocky Linux 8 machines are your Ansible hosts. Verify that every Ansible host has:
    • The Ansible control node’s SSH public key added to the authorized_keys of a system user.

If you need to install the Linux follow How to Install Rocky Linux 8

Ansible Installation

Lets start to install the required packages for Ansible on the Control Node. For this we will need to install EPEL repository 

sudo dnf install epel-release

Now we can install Ansible 

sudo dnf install ansible

Client Node Configuration

Ansible maintains track of every client node via a hosts file. Before you may interact with the rest of your machines, you must first configure this file.
As in the following, open the file with root access. Remember that vi is the text editor that comes pre-installed on Rocky Linux 8:

sudo vi /etc/ansible/hosts

As you can see, there are a lot of example setups commented out of this code. If you wish to use Ansible’s setup to construct more complicated situations in the future, keep these examples in the file.

There are several methods to configure the hosts file, which gives it some flexibility. The structure of the syntax you will employ is as follows:

[group_name]

alias ansible_ssh_host=your_server_ip

An organizational tag called group_name allows you to refer to any server listed under it with just one word. The name used to refer to that server is the alias.

Consider the following scenario: you wish to use Ansible to control three servers. Since Ansible uses SSH to interface with client computers, you can access any server you wish to control from the Ansible server. Your hosts’ SSH keys should be configured and available for use by running the following if you selected the One or more Ansible Hosts option in the prerequisites.

ssh root@your_server_ip

There won’t be a password prompt. SSH keys keep things more organized, even if Ansible can handle password-based SSH authentication just well.

We will use the IP addresses of the following servers as examples:

  • 192.168.255.126
  • 192.168.255.127
  • 192.168.255.128

Verify that the IP addresses are changed to match yours. Next, configure this such that you can call each server host1, host2, and host3, or you may call them all servers. You must add the following block to your hosts file in order to configure this. To accomplish this, press i to begin typing, and then press ESC after you’re finished.

[servers]

host1 ansible_ssh_host=192.168.255.126

host2 ansible_ssh_host=192.168.255.127

host3 ansible_ssh_host=192.168.255.128

After inserting the block, save the file and close it. To accomplish this, type :wq and press ENTER.

A host may belong to more than one group, and groups have the ability to set up settings for each member. By default, Ansible will use your current username to attempt connections to remote hosts.
So let’s explicitly instruct Ansible to utilize the admin user to connect to servers in the servers group.
To start, make a group_vars directory in the Ansible configuration structure:

sudo mkdir /etc/ansible/group_vars

You can make YAML-formatted files in this folder for every group you wish to configure.

Open the /etc/ansible/group_vars/servers file to edit the configuration:

sudo vi /etc/ansible/group_vars/servers

Add the following code to the file. YAML files start with ---, so don’t forget that part:

---

ansible_ssh_user: admin

Once you’re finished, save and exit the file. Now Ansible will always use the admin user for the servers group.

Using Ansible Commands

You can test out a few commands now that your hosts are configured and you have sufficient configuration information to connect to them.

Ping each server you configured first. Ansible is told to utilize the ping module by the -m ping part of the command. You can use these general commands on your remote hosts. The ping module functions similarly to the standard Linux ping program, but it also verifies Ansible connectivity:

ansible -m ping all

Output : 

host3 | SUCCESS => {

    "ansible_facts": {

        "discovered_interpreter_python": "/usr/bin/python3"

    },

    "changed": false,

    "ping": "pong"

}

host1 | SUCCESS => {

    "ansible_facts": {

        "discovered_interpreter_python": "/usr/bin/python3"

    },

    "changed": false,

    "ping": "pong"

}

host2 | SUCCESS => {

    "ansible_facts": {

        "discovered_interpreter_python": "/usr/bin/python3"

    },

    "changed": false,

    "ping": "pong"

Ansible’s basic test to verify that it is connected to all of its hosts is seen in this output.

There are more commands to target distinct sets of servers in addition to the all command. Moreover, you can designate a group:

ansible -m ping servers

Conclusion

Now your Ansible server is set up to talk to the servers you want to be able to control. By using the ansible command to do simple activities remotely, you can confirm that Ansible is able to communicate with any host. After setting up a solid basis for interacting with your servers using Ansible, the next thing you need to do is learn how to use Playbooks to handle the labor-intensive tasks for you. You can also refer Ansible Official documentation

Leave a comment