Getting Started with Ansible

Red Hat Ansible Red Hat Ansible

I’ve finally made time to go through a couple more Ansible books and online courses. Have been using Ansible for more than a year but this time I’ll make it into a number of Unix Tutorial projects to automate as much of my home office setup and online/cloud infrastructure for my consultancy Tech Stack Solutions as possible.

Installing Ansible in Ubuntu 19.04

Following the official documentation from docs.ansible.com, these are the commands to install Ansible on most Ubuntu systems:

$ sudo apt update
$ sudo apt install software-properties-common
$ sudo apt-add-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansible

Creating Ansible inventory (hosts) file

I have created the following basic file for now. This is a newer format of the hosts inventory file, YAML – much more structured and easy to read:

all:
  hosts:
	becky:
	  ansible_port: 202
	  ansible_host: 192.168.1.66

As you remember, becky is one of my Raspberry Pi systems. 192.168.1.66 is the primary IP it has on my local network, and 202 is the SSH port – even though it’s an internal system not accessible from Internet, I still don’t like using default SSH port 22.

Pick or Create a Directory for Ansible

I simply created /home/greys/proj/ansible folder, there will be opportunities to refactor it later.

$ mkdir /home/greys/proj/ansible
$ cd /home/greys/proje/ansible

Let’s try listing hosts that Ansible knows about:

[email protected]:~/proj/ansible $ ansible --list-hosts all
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match
'all'

hosts (0):

Nothing! You want to know why? Because we need to tell Ansible about the inventory file we just created (by default it only knows about system-wide /etc/ansible/hosts file, but I intentionally don’t use it).

We need to create a basic Ansible config file which will specify the new location of my inventory file.

Creating Ansible config file

What I actually did this time is copied global ansible config from /etc/ansible/ansible.cfg to my project directory, and then changed the inventory setting in it with vim editor:

[email protected]:~/proj/ansible $ cp /etc/ansible/ansible.cfg .
[email protected]:~/proj/ansible $ vim ansible.cfg

I changed the following in it:

inventory = /home/greys/proj/ansible/hosts
#inventory= /etc/ansible/hosts

If you want to start fresh, you can skip the copying command and simply create new ansible.cfg in your directory, with just the following:

[defaults]
inventory = /home/greys/proj/ansible/hosts

Anyway, with this config file created and hosts file location updated, we can re-try the same host listing command. And this time it works!

[email protected]:~/proj/ansible $ ansible --list-hosts all
hosts (1):
becky

Confirming Ansible connectivity to your servers

Just like ping command tests basic connectivity in common network troubleshooting, Ansible has ping command to confirm that it has sufficient access to each host for further management. Ansible ping is essentially an SSH attempt:

[email protected]:~/proj/ansible $ ansible all -m ping
becky | UNREACHABLE! => {
"changed": false, 
"msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey,password).", 
"unreachable": true
}

This is expected on my Ubuntu XPS 13 laptop, because I haven’t setup passwordless SSH access from it to my other servers yet.

This means I need to deploy my XPS 13 public SSH key onto becky host using my SSH password, and then try again:

[email protected]:~/proj/ansible $ ssh-copy-id -i /home/greys/.ssh/id_rsa 192.168.1.66 -p 202
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/greys/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh -p ‘202’ ‘192.168.1.66’” and check to make sure that only the key(s) you wanted were added.

All done, now let’s re-run Ansible ping:

[email protected]:~/proj/ansible $ ansible all -m ping
[WARNING]: Platform linux on host becky is using the discovered Python interpreter at /usr/bin/python, but future
installation of another Python interpreter could change this. See
https://docs.ansible.com/ansible/2.8/reference_appendices/interpreter_discovery.html for more information.

becky | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
}, 
"changed": false, 
"ping": "pong"
}

Great success!

See Also




Keep Learning with Me

Follow me on Facebook and Twitter or jump into Telegram chat!:
Recommended Software
I use Brave browser, it's awesome: Brave Browser I'm also a fan of SetApp for macOS: SetApp for macOS
IT Consultancy
I'm a principal consultant with Tech Stack Solutions. I help with cloud architectrure, AWS deployments and automated management of Unix/Linux infrastructure. Get in touch!

Recent Tweets