Learn to Install and Configure Ansible

Remote server management is made easier using Ansible, an open-source application development, configuration management, and IT automation tool. Ansible may only be used with Python versions 2.7 or 3.5 or above. It is compatible with Microsoft Windows and many Unix-like systems. Large-scale virtual networks, requiring the execution of several tasks sequentially and the creation of a chain of events that must occur on multiple servers or devices, can be handled using Ansible.

As an illustration, suppose you have a load balancer grouped behind a web server. One by one, Ansible will upgrade the web servers. In the process, it may disable the active web server in your Nagios monitoring system and remove it from the load balancer.

# Steps to Install Ansible

1) Updating of Control Node

Before installing any new software it is a good idea to make sure that your existing operating system software is up to date. You can update it using the following command :

yum update

2) Installing the EPEL Repository (link to EPEL repository)

To install Ansible, first we will need to install the CentOS 7 EPEL repository using the following command :

yum install epel-release

3) Installing Ansible

Now, we will have to install the Ansible package from the EPEL repository by typing the following command :

yum install ansible

4) a. Creating a user for Ansible

As per the security guidelines, it is a good idea to avoid logging into your Linux servers as root. Thus, we will create a non-root user on our control node and our managed nodes that will be responsible to run our Ansible playbooks. This non-root user defines the admin Ansible will utilize to log into our managed nodes. Here we are going to use “admin” for the user but you can substitute it with any other username. To go with this example, you will have to use the same username on both the Control node and your managed Nodes.

Now, log on to the control node to add a user and set a password by using

useradd admin
passwd admin

4) b. Configuring the Control Node User for Passwordless Super User Access

On the managed node, we need to confirm that our Ansible user can utilize the sudo command without a password. Type the following command to open the sudoers file for editing:

visudo

Now type “i” to enter the input mode and add the following command to the end of the file. Type ‘[ESC]:wq’ to save your changes.

admin ALL=(ALL) NOPASSWD: ALL

5) Configuring our Admin User to SSH Access

To ensure that our user admin user can access the managed node over SSH without a password, we will set up an SSH key pair to allow this. Log onto the control node as the admin user and run the following command that will generate an SSH key pair.

Note: Click on Enter at all the prompts to accept the defaults.

ssh-keygen

Now, we will be able to copy the public key to our managed node by using the following command :

ssh-copy-id node.kb.hostvento.com

6) Creating an Ansible Inventory

From the inventory list, Ansible can identify your managed nodes. To add our managed node to the inventory, we will need to login to our Control node as an admin user. After that, we will add a new inventory file. Ensure that you are logged onto the Control node as the admin user.

vim /home/admin/inventory

Type “i” to enter the insert mode and then add the managed node hostname to the inventory file.

node.kb.hostvento.com

Now, type ‘[ESC]:wq’ to save the file.

7) Creating an Ansible Playbook

To test the configuration, we will create a simple playbook to install the Nginx on our managed node. For that, first we will have to create and open a new file. File names are not as important as far as the Ansible is concerned. Ensure that you are logged onto the Control node as the admin user.

vim /home/admin/install-nginx.yml

Ansible playbooks are written in YAML language, which is intended to be human-readable. Add the following command to your playbook. Then type ‘[ESC]:wq’ to save and exit.

--- # install nginx

- hosts: node.kb.hostvento.com
become: yes
tasks:
name: install epel
yum:
name: epel-release
state: installed
name: install nginx
yum:
name: nginx
state: installed

Ansible playbooks execute ‘plays’. A playlist is a list of tasks that get performed on the nodes. In the above example, the keyword ‘hosts’ is used to specify a list of just a single node. You are allowed to specify a list of hosts, using comma-separated values. To install any software with Ansible, we will require root access to utilize yum. Keyword “become” is used to instruct Ansible that the root user is required to execute the task.

To initiate the list of tasks to be completed, keyword ‘tasks’ is used. A unique name is provided to every task using the ‘name’ keyword. After this, the yum module provided by Ansible is used to install the first epel repository and then use the second entry to install nginx.

8) Running the Playbook

Running a playbook is very easy. We will use the “ansible-playbook” command and then specify the inventory file with the “-i” option followed by the path to the playbook. Ensure that you are logged on to the control node as the admin user.

ansible-playbook -i /home/admin/inventory /home/admin/install-nginx.yml

These are only the fundamentals of Ansible. Using group names, you can organize the servers in your inventory into groups. You will be able to run playbooks exclusively on your database servers or web servers thanks to this grouping. You can also use the ad hoc commands.

# Advantages of Ansible are :

• Ansible is easy to learn and allows you to start with automation work more quickly.

• Ansible doesn’t need an agent.

# Drawbacks of Ansible are :

In case the SSH connection is interrupted partway through a playbook run, that node could end up in a partially configured state.