In this tutorial, we'll explain how install Ansible and automate tasks on Almalinux 9.
Ansible is a powerful open-source automation tool that simplifies the management and deployment of applications and systems. With its agentless architecture and human-readable YAML syntax, Ansible makes IT automation accessible and efficient. This guide will introduce you to the basics of Ansible and help you create your first playbook.
What is Ansible?
Ansible is an automation tool used for configuration management, application deployment, and task automation. It operates over SSH, which means you don’t need to install any agents on the remote systems. It uses YAML (Yet Another Markup Language) for its configuration files, making them easy to read and write.
Key Concepts
- Inventory: A list of managed nodes (servers) where tasks will be executed.
- Playbook: A YAML file that defines a set of tasks to be executed on the managed nodes.
- Role: A way to organize playbooks and reuse common tasks and configurations.
- Task: An action to be performed on the managed nodes.
Prerequisites
- A AlmaLinux 9 installed dedicated server or KVM VPS
- Python3 installed
- Basic Linux commands knowledgea
Install Ansible and Automate Tasks on AlmaLinux
Step 1: Install Ansible
You need Python installed on your server. Install Ansible using pip:
dnf update -y
pip install ansible
Step 2: Set Up SSH Access
We need to setup a SSH access between the remote servers to ensure you can SSH into your managed nodes without a password prompt. This can be achieved by setting up SSH keys.
Generate SSH Keys (if not already done)
On your system, generate an SSH key pair (if you don’t have one already):
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
This will create a pair of files:
- ~/.ssh/id_rsa (private key)
- ~/.ssh/id_rsa.pub (public key)
Copy the Public Key to Remote Servers
You need to copy the public key to the remote servers to enable passwordless SSH access. Use the ssh-copy-id command:
ssh-copy-id username@remote_server_ip
Replace username with the remote user’s name and remote_server_ip with the IP address of your remote server. Repeat this step for each remote server.
Test SSH access to ensure you can connect without a password:
ssh username@remote_server_ip
If you can connect without being prompted for a password, SSH access is correctly set up. Now exit the current connection and back to main server.
Step 3: Configure Ansible
Your inventory file should list the remote servers you want to manage. Create or edit the inventory.ini file:
vi inventory.ini
Add Following content. Replace the IP addresses with your server's IP addresses.
[webservers]
192.168.1.10
192.168.1.11
[dbservers]
192.168.1.20
Configure Ansible’s SSH Connection Settings
By default, Ansible uses SSH to connect to remote servers. If you need to customize SSH settings, you can do so in the Ansible configuration file (ansible.cfg). Create or edit ansible.cfg in the same directory as your playbook:
vi ansible.cfg
Add folllowing content:
[defaults]
inventory = inventory.ini
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
This configuration ensures that Ansible uses SSH options that can improve connection efficiency.
Step 4: Test the Connection
Ping the Remote Servers
Use the ansible command to check if Ansible can communicate with the remote servers:
ansible all -m ping -i inventory.ini
- all: Targets all hosts defined in the inventory.
- -m ping: Uses the ping module to test connectivity.
You should see output indicating whether each server is reachable. For example:
192.168.1.10 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
192.168.1.11 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
192.168.1.20 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
If you see errors, check your SSH configuration and ensure that the public keys are correctly installed on the remote servers.
Step 5: Write Your First Playbook
A playbook is a YAML file that describes the tasks to be executed. Create a file named playbook.yml:
---
- name: Configure web servers
hosts: webservers
become: yes
tasks:
- name: Install nginx
apt:
name: nginx
state: present
- name: Start nginx service
service:
name: nginx
state: started
- name: Configure database servers
hosts: dbservers
become: yes
tasks:
- name: Install MySQL server
apt:
name: mysql-server
state: present
- name: Start MySQL service
service:
name: mysql
state: started
In this playbook:
- name: Describes the purpose of the playbook or task.
- hosts: Specifies the group of hosts where the tasks will be executed.
- become: Indicates that the tasks should be executed with elevated privileges (sudo).
- tasks: Contains a list of actions to be performed.
Step 6: Run the Playbook
Execute the playbook using the ansible-playbook command:
ansible-playbook -i inventory.ini playbook.yml
- -i inventory.ini: Specifies the inventory file.
- playbook.yml: Specifies the playbook to be executed.
Step 7: Verify the Changes
After running the playbook, check the managed nodes to ensure that the tasks were executed successfully. For example, you can SSH into the web servers and verify that nginx is installed and running.
Summary
You’ve learned the basics of Ansible, including how to set up an inventory file, write a playbook, and execute it. Ansible is a versatile tool that can automate a wide range of IT tasks, making your infrastructure management more efficient and reliable.
As you become more familiar with Ansible, you can explore advanced features such as roles, playbook variables, and templating to further enhance your automation capabilities. Happy automating!
