Ansible installation and configuration on CentOS 7

In this tutorial, we will see ansible installation and configuration on CentOS 7. We will also see how to manage node through ansible? So let’s start ansible installation and configuration on CentOS 7 and manage node from ansible tools. First off all we should know what is ansible?

What is ansible?

Ansible is a free and open source configuration and automation tool for Unix operating system. It’s written in python. It can manage many ansible clients through SSH from ansible server and there is no need to install any software or tools on ansible clients. Only ansible clients should be accessible through SSH password less from ansible server, then we can manage ansible clients.

If we want to install or upgrade any package on our 50 servers, in this case we can write a simple scripts and run it from ansible server then our all 50 servers packages will be up-graded.

In this tutorial, I am going to use two CentOS 7 servers first is a ansible server where we will install ansible tool and second is ansible client where we do not need to be install ansible tool. Only we need to configure SSH without password.

My server details are these:-

  1. Ansible Server= Hostname:-urclouds and IP:-192.168.43.15
  2. Ansible Client= Hostname:-clients and IP:- 192.168.43.131

We will follow these steps in this tutorial:-

  1. Ansible package installation using yum in ansible server.
  2. Password less SSH configuration between ansible server and ansible client.
  3. Ansible server configuration to manage ansible client.
  4. Manage ansible client from ansible server.

Ansible package installation using yum in ansible server.

We need to install ansible package in our ansible server. We can use yum tool to install ansible package. Ansible package is not a part of default yum repository. We need to be install epel release. Then we can install ansible package using yum.

Epel release installation on CentOS 7 ansible server using yum tool

[[email protected] ~]# yum install epel-release -y
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.vhost.vn
* extras: repos.del.extreme-ix.org
* updates: repos.del.extreme-ix.org
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

========================================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================================
Installing:
epel-release noarch 7-11 extras 15 k

Transaction Summary
========================================================================================================================================================================
Install 1 Package

Total download size: 15 k
Installed size: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1

Installed:
epel-release.noarch 0:7-11

Complete!
[[email protected] ~]#

Ansible package installation on CentOS 7 ansible server using yum tool

[[email protected] ~]# yum -y install ansible
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.vhost.vn
* epel: mirror01.idc.hinet.net
* extras: repos.del.extreme-ix.org
* updates: repos.del.extreme-ix.org
Resolving Dependencies
--> Running transaction check
---> Package ansible.noarch 0:2.7.5-1.el7 will be installed
--> Processing Dependency: python-keyczar for package: ansible-2.7.5-1.el7.noarch
--> Processing Dependency: sshpass for package: ansible-2.7.5-1.el7.noarch
--> Running transaction check
---> Package python-keyczar.noarch 0:0.71c-2.el7 will be installed
---> Package sshpass.x86_64 0:1.06-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

========================================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================================
Installing:
ansible noarch 2.7.5-1.el7 epel 11 M
Installing for dependencies:
python-keyczar noarch 0.71c-2.el7 epel 218 k
sshpass x86_64 1.06-2.el7 extras 21 k

Transaction Summary
========================================================================================================================================================================
Install 1 Package (+2 Dependent packages)

Total download size: 12 M
Installed size: 60 M
Downloading packages:
(1/3): sshpass-1.06-2.el7.x86_64.rpm | 21 kB 00:00:03
(2/3): python-keyczar-0.71c-2.el7.noarch.rpm | 218 kB 00:00:04
(3/3): ansible-2.7.5-1.el7.noarch.rpm | 11 MB 00:00:39
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 297 kB/s | 12 MB 00:00:39
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : sshpass-1.06-2.el7.x86_64 1/3
Installing : python-keyczar-0.71c-2.el7.noarch 2/3
Installing : ansible-2.7.5-1.el7.noarch 3/3
Verifying : python-keyczar-0.71c-2.el7.noarch 1/3
Verifying : sshpass-1.06-2.el7.x86_64 2/3
Verifying : ansible-2.7.5-1.el7.noarch 3/3

Installed:
ansible.noarch 0:2.7.5-1.el7

Dependency Installed:
python-keyczar.noarch 0:0.71c-2.el7 sshpass.x86_64 0:1.06-2.el7

Complete!
[[email protected] ~]#

After successfully installation we can check our ansible version using ansible version command like below:-

[[email protected] ~]# ansible --version
ansible 2.7.5
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Nov 20 2015, 02:00:19) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
[[email protected] ~]#

Password less SSH configuration between ansible server and ansible client.

We need to generate ssh keys on ansible server and copy this key to public key on ansible client.

[[email protected] ~]# ssh-keygen -t rsa -b 4096 -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:rqAwbwQ8/41eVpPkDcaVAS7i4D2V0fQ49amw2WKbYIA [email protected]
The key's randomart image is:
+---[RSA 4096]----+
| .oo.+o |
| . =.=.. . |
|. E o + X . o |
|.o. + + = X . |
| .o. + oSX + |
| .. o.+ = |
|o. o oo.o |
| +.. +oo |
| .o ... |
+----[SHA256]-----+
[[email protected] ~]#

We can use ssh-copy-id command to copy public key from ansible server to ansible clients.

 Need to be copy SSH public key on ansible server and ansible client.

[[email protected] ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[[email protected] ~]#
[[email protected] ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.43.131 (192.168.43.131)' can't be established.
ECDSA key fingerprint is SHA256:OuHrnRxp5329eCF1tkIif5Z+1tOWOF8eYZ5Le5MNwUQ.
ECDSA key fingerprint is MD5:78:1c:a5:72:bb:25:fa:c7:67:39:fc:91:b9:fb:b6:20.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[[email protected] ~]#
===============================
[[email protected] ~]# ssh [email protected]
Last login: Thu Jan 17 17:00:57 2019 from bezafari-c1
[[email protected] ~]# exit
logout
Connection to 192.168.43.131 closed.
[[email protected] ~]#

We need to be check our ansible server and ansible clients is working password less or not? We can check as like below:-

[[email protected] ~]# ssh [email protected]
Last login: Thu Jan 17 17:00:57 2019 from bezafari-c1
[[email protected] ~]# exit
logout
Connection to 192.168.43.131 closed.
[[email protected] ~]#

Ansible server configuration to manage ansible client.

You can make inventory of our ansible server and ansible client using ansible server host file. Host file can be find in this path on ansible server /etc/ansible/host. We need to entry of our ansible server IP and all ansible client IP in host file like below:-

[[email protected] ~]# vi /etc/ansible/hosts
[test-servers]
192.168.43.15
192.168.43.131

Save and exit this file. We have successfully configured our ansible server. Now we can manage our ansible clients through our ansible server like below.

Manage ansible client from ansible server.

Now we can run this Commands from Ansible Server to check ansible server working properly or not?

Check the connectivity of ‘test-servers’ or ansible clients using ping

[[email protected] ~]# ansible -m ping 'test-servers'
192.168.43.15 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.43.131 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[[email protected] ~]#

We can check the uptime of our ansible client from ansible server. Like below:-

[[email protected] ~]# ansible -m command -a "uptime" 'test-servers'
192.168.43.131 | CHANGED | rc=0 >>
17:17:35 up 20 min, 3 users, load average: 0.09, 0.16, 0.29

192.168.43.15 | CHANGED | rc=0 >>
17:17:35 up 22 min, 4 users, load average: 0.18, 0.29, 0.55

[[email protected] ~]#

Redirecting the output of command to a file. Like below:-

[[email protected] ~]# ansible -m command -a "df -Th" 'test-servers' > /tmp/command-output.txt
[[email protected] ~]# cat /tmp/command-output.txt
192.168.43.15 | CHANGED | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-root xfs 13G 5.0G 8.0G 39% /
devtmpfs devtmpfs 482M 0 482M 0% /dev
tmpfs tmpfs 497M 212K 497M 1% /dev/shm
tmpfs tmpfs 497M 7.1M 490M 2% /run
tmpfs tmpfs 497M 0 497M 0% /sys/fs/cgroup
/dev/sda1 xfs 497M 158M 340M 32% /boot
tmpfs tmpfs 100M 16K 100M 1% /run/user/0
192.168.43.131 | CHANGED | rc=0 >>
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-root xfs 13G 3.9G 9.1G 30% /
devtmpfs devtmpfs 906M 0 906M 0% /dev
tmpfs tmpfs 921M 84K 920M 1% /dev/shm
tmpfs tmpfs 921M 8.7M 912M 1% /run
tmpfs tmpfs 921M 0 921M 0% /sys/fs/cgroup
/dev/sda1 xfs 497M 157M 341M 32% /boot
tmpfs tmpfs 185M 20K 184M 1% /run/user/42
tmpfs tmpfs 185M 0 185M 0% /run/user/0
[[email protected] ~]#

That’s all we have successfully install and configured ansible server and ansible client.

4 thoughts on “Ansible installation and configuration on CentOS 7

  1. You cover better info than I have seen anywhere else. Please could you share your sourceexperience with us?

  2. Hi there, I want to subscribe for this website to take most up-to-date updates,
    thus where can i do it please assist.

  3. Great write-up, I am regular visitor of one this site, maintain up the nice operate, and It’s going to be a regular visitor for a lengthy time.

Leave a Reply

Your email address will not be published. Required fields are marked *