Getting Started with Ansible: Installation and Comprehensive Configuration Guide

Ansible is an open-source automation tool that is used for configuration management and application deployment. It simplifies the process of handling and automating various tasks on servers that will be managed in an agent-less manner using SSH.

Ansible has two key components: the “control machine” and the “nodes.”

1. Control Machine: This represents the system on which Ansible is installed and where Ansible commands are run.
2. Nodes: These refer to the remote servers or devices that we aim to manage using Ansible.

Ansible uses the inventory.yaml file to define hosts and groups of hosts upon which tasks in a playbook run.

In this blog, I will guide you through the essential steps required both before and after installing Ansible. To achieve this, I will delve into the following key aspects:

1. Prerequisite: SSH.

2. Ansible Installation.

3. Ansible Configuration: inventory file and playbooks.

The YAML file used in this demo can be found within this GitHub repo: LINA-del

1. Prerequisite

Before Ansible installation, it is important to ensure that you can establish SSH connectivity to all hosts, either through passwords or, as recommended by Ansible, via the use of public and private keys. In the next section, I will show how you can configure SSH keys in Ubuntu.

SSH key configuration

I must first verify that the ‘OpenSSH-server’ is already installed and that the SSH service is enabled. I can accomplish this by executing the following commands:

When attempting the initial connection to the host (before configuring SSH keys), I will be prompted to decide whether I want to add the host’s fingerprint to our ‘known_hosts’ file or not. Subsequently, it will request us a password for authentication.

However, once the SSH keys are configured, it won’t prompt for a password, and this is precisely what I’ll be accomplishing in the upcoming steps:

a. Generating Keys on the Ansible server

ssh-keygen

• RSA is the default algorithm that will be used
• Keys are generated by using SHA26
• id_rsa : Private Key
• id_rsa.pub : Public key
• Passphrase(not mandatory): a secret that the user must type to use the private key.

b. Copy the public key to the Host

The Openssh package offers the ssh-copy-id utility for copying a user’s public SSH key to a remote server or host. I will use this command to copy the Ansible public key to the VM3 host:

ssh-copy-id toto@vm3

Then, I will connect to the Host and check if the public key was copied:

As we can see in the screenshot below taken from the host, the public key was added in the “authorized_keys” file:

2. Ansible Installation

Before Installing Ansible, I must ensure that Python is already installed:

Then, I will install Ansible and check its version :

sudo apt install ansible
ansible -- version

3. Ansible Configuration

I will create an inventory.yaml file where I will put all the hosts

vim inventory.yaml

vm3: Is the name of the host.

192.168.33.134: Is the ip address of vm3.

toto: Is the the name of vm3 user.

id_rsa: Is the ssh private key of the Ansible server.

Next, I will execute a ping command to assess the connectivity between the Ansible server and the host, using the information provided in the inventory.yaml file:

• all: will ping all hosts that are in the inventory.yaml file.

*If you would like to ping a particular host, you can simply replace “all” with the name of the specific host*

we can use an alternative command instead of the ping command, but it is essential to specify the complete path to the desired command:

Playbooks

Playbooks are at the core of Ansible’s automation capabilities. They allow you to define a series of tasks that Ansible will execute on remote hosts in a specific order. This automation simplifies complex and repetitive tasks.

I will generate a playbook to install Nginx and guarantee the service’s functionality.

become: ‘yes’ => Indicates that the play needs to be executed with root privileges.

state: present => Install Ngnix if it is not already installed.

state: started => Start and run the Nginx service if it is not already started and running.

Subsequently, I executed the following command to run the playbook:

ansible-playbook -i inventory.yaml ngnix_playbook.yaml --extra-vars "ansible_sudo_pass=host_sudo_password"

*Instead of ‘host_sudo_password’ put the sudo password of the target host.

Ansible Server:

Host:

In conclusion, we have covered a wide range of informative material and practical recommendations, all of which are intended to help you better understand Ansible installation and configuration. I truly hope that this post has served as a source of inspiration and knowledge.

If you have any questions, please don’t hesitate to let me know.

You can refer to this Blog , to learn more about how to effectively manage users and groups using Ansible.