Introduction to Ansible
What is Ansible?
📑 Table of Contents
- Introduction to Ansible
- Lab Environment Setup
- Configuring Host Name Resolution
- Creating the Ansible User
- Configuring Sudo Privileges
- Setting Up SSH Key-Based Authentication
- Copying SSH Keys to Client Nodes
- Enabling the Ansible Repository
- Installing Ansible
- Verifying the Ansible Installation
- Conclusion
- Next Steps
Ansible is an open-source software platform that enables configuration management, application deployment, and software provisioning across multiple systems. It runs on Unix-based operating systems and can configure both Unix and Windows systems. Ansible’s agentless architecture and simple YAML-based playbooks make it one of the most popular automation tools in the industry.
In this comprehensive guide, we will walk through the complete process of installing Ansible on Red Hat Enterprise Linux (RHEL) 7 or CentOS 7. This software can be installed directly from the Red Hat repository if you have an active Red Hat subscription by enabling the appropriate Ansible repository.
Lab Environment Setup
Building the Test Environment
For this tutorial, we have built three nodes running Red Hat 7.5. One node serves as the control node (where Ansible is installed), and the other two nodes act as managed clients.
ansiblecontrolnode - 192.168.122.11 ansiblenode1 - 192.168.122.12 ansiblenode2 - 192.168.122.13
Configuring Host Name Resolution
Updating the /etc/hosts file
Since we don’t have a DNS server configured in our lab environment, we need to update the server information in the /etc/hosts file for name resolution on all three nodes.
192.168.122.11 ansiblecontrolnode.thelinuxclub.com ansiblecontrolnode 192.168.122.12 ansiblenode1.thelinuxclub.com ansiblenode1 192.168.122.13 ansiblenode2.thelinuxclub.com ansiblenode2
Add these entries to /etc/hosts on all three servers to ensure proper hostname resolution.
Creating the Ansible User
Setting up a dedicated Ansible user account
It’s best practice to create a common user account on the control node and across all client nodes to run ad hoc commands and playbooks. While you can use any username, we recommend using ‘ansible’ for easy administration and clarity.
[root@ansiblecontrolnode ~]# useradd ansible [root@ansiblecontrolnode ~]# passwd ansible Changing password for user ansible. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully.
Important: Repeat this process on all client nodes (ansiblenode1 and ansiblenode2) to create the ansible user with the same password.
Configuring Sudo Privileges
Granting passwordless sudo access
The ansible user needs passwordless sudo privileges to execute administrative tasks. Update the /etc/sudoers file on all nodes (control node and client nodes) as shown below:
[root@ansiblenode1 ~]# cat /etc/sudoers | grep NOPASSWD # %wheel ALL=(ALL) NOPASSWD: ALL ansible ALL=(ALL) NOPASSWD: ALL [root@ansiblenode1 ~]#
To edit the sudoers file safely, use the visudo command and add the following line:
ansible ALL=(ALL) NOPASSWD: ALL
Note: Apply this configuration on all three nodes for consistent sudo access.
Setting Up SSH Key-Based Authentication
Generating SSH keys on the control node
Password-less SSH authentication is essential for Ansible to communicate with managed nodes efficiently. Generate an SSH key pair as the ansible user on the control node:
[ansible@ansiblecontrolnode ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/ansible/.ssh/id_rsa): Created directory '/home/ansible/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ansible/.ssh/id_rsa. Your public key has been saved in /home/ansible/.ssh/id_rsa.pub. The key fingerprint is: SHA256:MAax1H81aEGQEedZ+NeafA5yoVIFw41MEx+aVIOClO8 ansible@ansiblecontrolnode.thelinuxclub.com The key's randomart image is: +---[RSA 2048]----+ | +o .=O+BOB+ | | . o. +o=+B*oo | | . +. oo+oo.. | | . o. o o o .| | So . + + | | E o * .| | . o + | | .| | | +----[SHA256]-----+
Note: Press Enter for all prompts to accept default values and use no passphrase for automation purposes.
Copying SSH Keys to Client Nodes
Distributing the public key for passwordless authentication
Now copy the SSH public key from the control node to all client nodes using the ssh-copy-id command:
[ansible@ansiblecontrolnode ~]$ ssh-copy-id ansiblenode1 /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub" /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys ansible@ansiblenode1's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'ansiblenode1'" and check to make sure that only the key(s) you wanted were added. [ansible@ansiblecontrolnode ~]$ ssh-copy-id ansiblenode2 /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub" /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys ansible@ansiblenode2's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'ansiblenode2'" and check to make sure that only the key(s) you wanted were added. [ansible@ansiblecontrolnode ~]$
After this step, you should be able to SSH from the control node to any client node without entering a password.
Enabling the Ansible Repository
Subscribing to Red Hat and enabling Ansible repositories
Before installing Ansible, you must register your server with the Red Hat portal. Once registered, you can view available Ansible repositories:
[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos | grep -i "Repo ID" | grep -i ansible Repo ID: rhel-7-server-ansible-2.9-debug-rpms Repo ID: rhel-7-server-ansible-2-source-rpms Repo ID: rhel-7-server-ansible-2.9-rpms Repo ID: rhel-7-server-ansible-2-rpms Repo ID: rhel-7-server-ansible-2.8-rpms Repo ID: rhel-7-server-ansible-2.6-source-rpms Repo ID: rhel-7-server-ansible-2.7-source-rpms Repo ID: rhel-7-server-ansible-2.7-rpms Repo ID: rhel-7-server-ansible-2.4-rpms Repo ID: rhel-7-server-ansible-2.6-rpms Repo ID: rhel-7-server-ansible-2.8-debug-rpms Repo ID: rhel-7-server-ansible-2.5-rpms Repo ID: rhel-7-server-ansible-2-debug-rpms Repo ID: rhel-7-server-ansible-2.7-debug-rpms Repo ID: rhel-7-server-ansible-2.5-source-rpms Repo ID: rhel-7-server-ansible-2.4-source-rpms Repo ID: rhel-7-server-ansible-2.4-debug-rpms Repo ID: rhel-7-server-ansible-2.5-debug-rpms Repo ID: rhel-7-server-ansible-2.6-debug-rpms Repo ID: rhel-7-server-ansible-2.9-source-rpms Repo ID: rhel-7-server-ansible-2.8-source-rpms
Enable the Ansible 2.9 repository (or the latest version available):
[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos --enable=rhel-7-server-ansible-2.9-rpms Repository 'rhel-7-server-ansible-2.9-rpms' is enabled for this system. [root@ansiblecontrolnode yum.repos.d]#
Verify the repository is enabled:
[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos --list-enabled
+----------------------------------------------------------+
Available Repositories in /etc/yum.repos.d/redhat.repo
+----------------------------------------------------------+
Repo ID: rhel-7-server-ansible-2.9-rpms
Repo Name: Red Hat Ansible Engine 2.9 RPMs for Red Hat Enterprise Linux 7 Server
Repo URL: https://cdn.redhat.com/content/dist/rhel/server/7/7Server/$basearch/ansible/2.9/os
Enabled: 1
Repo ID: rhel-7-server-rpms
Repo Name: Red Hat Enterprise Linux 7 Server (RPMs)
Repo URL: https://cdn.redhat.com/content/dist/rhel/server/7/$releasever/$basearch/os
Enabled: 1
Installing Ansible
Using YUM to install the Ansible package
Now that the repository is enabled, install Ansible using the yum package manager:
[root@ansiblecontrolnode ~]# yum install ansible -y
This command will download and install Ansible along with all required dependencies. The installation process may take a few minutes depending on your internet connection speed.
Verifying the Ansible Installation
Testing Ansible connectivity with the ping module
After installation, verify that Ansible is working correctly by running an ad hoc command using the ping module. This module tests connectivity to all managed nodes:
[ansible@ansiblecontrolnode ~]$ ansible all -m ping
ansiblenode1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
ansiblecontrolnode | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
ansiblenode2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
[ansible@ansiblecontrolnode ~]$
If you see “SUCCESS” messages with “ping”: “pong” responses from all nodes, your Ansible installation is complete and functioning properly!
Conclusion
Congratulations! You have successfully installed and configured Ansible on RHEL 7 / CentOS 7. Your Ansible control node can now communicate with managed nodes using SSH key-based authentication, and you’re ready to start automating your infrastructure.
Next Steps
Now that Ansible is installed, you can:
- Create inventory files to organize your managed nodes
- Write playbooks to automate complex tasks
- Explore Ansible modules for various system administration tasks
- Configure Ansible roles for reusable automation components
- Integrate Ansible with your CI/CD pipeline
For more Ansible tutorials and tips, continue exploring our Linux Club articles!
Was this article helpful?
