Kiến Thức Linux Linux Nâng Cao

How To Install and Test Ansible on Linux

Ansible is a widely used configuration management tool written in Python language that helps to configure single or multiple machines at the same time. Ansible can be used to perform below tasks

  • Configuration from scratch of single or multiple nodes
  • Deployments
  • Configuration changes
  • Patching
  • Service management
  • and many more

Ansible is widely used because of its simplicity. Ansible code is written in YAML language also, it doesn’t need an agent to be installed on a remote machine. Ansible uses port 22 (SSH) to connect to a remote machine and make the necessary changes. 

Any machine, which can connect to the remote machine on 22 port can become a controlling node. A controlling node is where you can install Ansible and a managed node is getting managed by controlling nodes.

Let’s have a look at the installation of Ansible on the controller node.

Install Ansible on CentOS 7:

As Python is the only pre-requisite to install Ansible, let’s install Python by executing the below command.

$sudo yum install python3 -y

To install Ansible on CentOS 7, first ensure that the CentOS 7 EPEL repository is installed. Execute below command to install epel repository. 

$sudo yum install epel-release

Update the system package index by executing the below update command.

$sudo yum update -y

Once the repository is installed, install Ansible with yum package manager. Execute below mentioned command to install Ansible.

$sudo yum install ansible -y

Verify if Ansible is installed properly and it’s version.

$ansible -v

Install Ansible on CentOS 8:

Let’s look at the installation steps for CentOS 8. Let’s install python on CentOS 8.

$sudo dnf install python3

Once, python is installed, let’s install EPEL repo by executing the below command.

$sudo dnf install epel-release -y

Update the system package index by executing the below update command.

$sudo dnf update -y

We are now ready to install Ansible. Execute the below command to install Ansible.

$sudo dnf install ansible -y

Verify if Ansible is installed properly and it’s version.

$ansible -v

Install Ansible on Ubuntu:

Python is a default package nowadays in most of the Linux distributions. If you don’t have python installed, execute the below command to install the python package. 

$sudo apt-get install python3

To install Ansible in Ubuntu, let’s first install the repository by executing the below command.

$sudo apt-add-repository ppa:ansible/ansible

Update the system package index by executing the below update command.

$sudo apt-get update -y

Now, install Ansible.

$sudo apt-get install -y ansible

Verify if Ansible is installed properly and it’s version.

$ansible -v

Install Ansible with Python PIP on CentOS, Debian and Ubuntu:

Irrespective of what operating system you are using, you can install Ansible with the python package installer. Let’s execute the below command to install python3-pip.

For CentOS 7 and below:

$sudo yum install python3 python3-pip -y

For CentOS 8:

$sudo dnf install python3 python3-pip -y

For Ubuntu and Debian:

$sudo apt-get install python3 python3-pip

As we have python and pip installed, let’s execute the below command on any operating system to install Ansible.

$sudo pip3 install ansible

Verify if Ansible is installed properly and it’s version. 

$ansible -v

Configuring Ansible Controller Hosts:

We need to set up the “hosts” file first before we can begin to communicate with our other nodes. This file will have all IP or hostnames of the managed nodes.

Note: It’s not always necessary to use a hosts file to connect to managed nodes. But then every time, we need to use managed node server IP or hostname while executing every command.

Create the file (if it is not there already) with root privileges by executing the below command:

$sudo touch /etc/ansible/hosts

Before writing to the file, let’s have a look and understand sample hosts file:

[group_name]
alias ansible_ssh_host=your_node_server_ip

A hosts file should follow the above syntax. Let’s have a look at each parameter.

[group_name]: This parameter will create a group. All the managed node IP addresses or hostnames under the group_name parameter will fall in the same group. For example, if we have multiple web servers in our infrastructure, we can add all IP addresses or the hostnames of the managed node here.

alias: This parameter is used to give the managed node server an alias to identify the managed node server. For example, if we have multiple web servers in our infrastructure, we can give host1, host2, host3 as an alias. The main advantage of giving alias is when we will execute the Ansible command to change the configuration of a single server, we can use an alias to identify and perform the required task on the server.

ansible_ssh_host=your_node_server_ip: This parameter will point the alias to a managed node IP address or hostname.

We will be using the CentOS 8 as a controlled node with Ansible. As mentioned above, Ansible uses 22 port of the remote host to connect.

We will assume that our CentOS managed node server’s IP addresses are 192.168.0.2, 192.168.0.3 and 192.168.0.4.

To allow the Ansible controller node to communicate with managed nodes, we must confirm that managed nodes are accessible on port 22 which is a SSH port. Execute the below command to confirm the connectivity one by one on all three managed nodes from the controller.

$ssh root@192.168.0.2
$ssh root@192.168.0.3
$ssh root@192.168.0.4

You will be prompted for the password of the root user of all the nodes. Ansible works very smoothly if you have password-less authentication configured between the Ansible controller and managed nodes. With different parameters in Ansible command, password authentication can work too.

As we have configured ssh connectivity between Ansible controller and managed nodes, let’s configure the hosts file to connect to all managed nodes. As mentioned before, we can add multiple node server aliases in a single group. In this case, let’s add all three nodes and assign an alias as host1, host2, and host3 respectively. Our hosts file should look like below after adding all the managed node details. Execute below command to edit the hosts file which we created before.

Open the file with root privileges by executing the below command:

$sudo vi /etc/ansible/hosts

Let’s add below mentioned configuration in hosts file.

[node_servers]
host1 ansible_ssh_host=192.168.0.2
host2 ansible_ssh_host=192.168.0.3
host3 ansible_ssh_host=192.168.0.4

Here, we have added all the managed node IPs and aliases in a group called node_servers.

Let’s try to connect to managed nodes from the Ansible controller now.

$ansible -m ping node_servers

The above command is using a module ping to connect to the “node_servers” group which we defined in hosts file above.

You might encounter errors for different reasons.

  1. Ansible will, by default, try to connect to the managed node using your current username if you didn’t provide one. If that user doesn’t exist on the node server, you will receive the below error.
  2. If ssh port 22 is not open for connection on managed nodes. (As mentioned before, Ansible connects on ssh port)
  3. If the IP in the hosts file is not correct.

If any of the above conditions fail, you will encounter the below error. 

 

host1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh.",
    "unreachable": true
}
host2 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh.",
    "unreachable": true
}
host3 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh.",
    "unreachable": true
}

 

Let’s specifically tell Ansible that it should connect to managed nodes in the “node_servers” group with the james user. Create group_vars directory as mentioned below.

$sudo mkdir /etc/ansible/group_vars

The files in this directory are specifically used to configure variables that we can use in our Ansible playbooks.

Let’s create a variable file for our set up by executing below command:

$sudo vim /etc/ansible/group_vars/node_servers.yml

Add below code to the file:

---
ansible_ssh_user: james

YML file always starts with “—” in the first line. Let’s save and close this file when you are finished. Now Ansible will always use the james user for the node_servers group, regardless of the current user that you are using to run a command.

 

Check the managed node’s connection:

Now that we have our hosts set up and enough configuration details to allow us to successfully connect to our managed nodes, we can try out the same command we ran before.

$ansible -m ping servers 

Ansible will return output like this:

host1 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
host2 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

host3 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

This is a basic test to make sure that Ansible has a connection to its managed nodes.

Conclusion:

It’s not necessary to use CentOS operating system for managed nodes. You can use the same test configuration that we have used above for CentOS, RedHat, Ubuntu, and any other Linux distributions.

Tags

Add Comment

Click here to post a comment