Installing Ansible in RHEL 7 / CentOS 7

by admin February 29, 2020 at 1:48 pm

What is Ansible ?

Ansible is an open source software which we can use for configuration management, application deployment & software provisionig across multiples systems. its run on a unix operating system but can do the configuration on both Unix and windows operating systems.

In this article, we will see how to install the ansible. This software can be installed directly from Red Hat repository if you have a subscription with Red hat by enabling the ansible repo.

Built 3 nodes with Red hat 7.5 OS. One node is control node and other 2 nodes are clients.

ansiblecontrolnode - 192.168.122.11
ansiblenode1 - 192.168.122.12
ansiblenode2 - 192.168.122.13

As don’t have DNS server so updated the servers information in /etc/hosts file for name resolution in all the 3 nodes.

192.168.122.11 ansiblecontrolnode.thelinuxclub.com ansiblecontrolnode
192.168.122.12 ansiblenode1.thelinuxclub.com ansiblenode1
192.168.122.13 ansiblenode2.thelinuxclub.com ansiblenode2

Create a common user in control node and across all the clients to run adhoc commands / playbooks using that user. User can be anything but recommended to have user ‘ansible’ for easy administration.

[root@ansiblecontrolnode ~]# useradd ansible
[root@ansiblecontrolnode ~]# passwd ansible
Changing password for user ansible.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.

Update the /etc/sudoers file as below.

[root@ansiblenode1 ~]# cat /etc/sudoers | grep NOPASSWD
# %wheel	ALL=(ALL)	NOPASSWD: ALL
ansible		ALL=(ALL)	NOPASSWD: ALL
[root@ansiblenode1 ~]# 

Generate the private key as a ansible in control node and copy this key to all the client nodes for password less authentication.

[ansible@ansiblecontrolnode ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansible/.ssh/id_rsa): 
Created directory '/home/ansible/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/ansible/.ssh/id_rsa.
Your public key has been saved in /home/ansible/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:MAax1H81aEGQEedZ+NeafA5yoVIFw41MEx+aVIOClO8 ansible@ansiblecontrolnode.thelinuxclub.com
The key's randomart image is:
+---[RSA 2048]----+
|    +o .=O+BOB+  |
|   . o. +o=+B*oo |
|    . +. oo+oo.. |
|     . o. o o o .|
|        So . + + |
|          E o * .|
|           . o + |
|                .|
|                 |
+----[SHA256]-----+

Copy the private keys to all the client nodes.

[ansible@ansiblecontrolnode ~]$ ssh-copy-id ansiblenode1
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ansible@ansiblenode1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ansiblenode1'"
and check to make sure that only the key(s) you wanted were added.


[ansible@ansiblecontrolnode ~]$ ssh-copy-id ansiblenode2
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ansible@ansiblenode2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ansiblenode2'"
and check to make sure that only the key(s) you wanted were added.

[ansible@ansiblecontrolnode ~]$ 

Enable the ansible repo. You must need to register the server to Red Hat portal before enabling ansible repo.

[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos | grep -i "Repo ID" | grep -i ansible
Repo ID:   rhel-7-server-ansible-2.9-debug-rpms
Repo ID:   rhel-7-server-ansible-2-source-rpms
Repo ID:   rhel-7-server-ansible-2.9-rpms
Repo ID:   rhel-7-server-ansible-2-rpms
Repo ID:   rhel-7-server-ansible-2.8-rpms
Repo ID:   rhel-7-server-ansible-2.6-source-rpms
Repo ID:   rhel-7-server-ansible-2.7-source-rpms
Repo ID:   rhel-7-server-ansible-2.7-rpms
Repo ID:   rhel-7-server-ansible-2.4-rpms
Repo ID:   rhel-7-server-ansible-2.6-rpms
Repo ID:   rhel-7-server-ansible-2.8-debug-rpms
Repo ID:   rhel-7-server-ansible-2.5-rpms
Repo ID:   rhel-7-server-ansible-2-debug-rpms
Repo ID:   rhel-7-server-ansible-2.7-debug-rpms
Repo ID:   rhel-7-server-ansible-2.5-source-rpms
Repo ID:   rhel-7-server-ansible-2.4-source-rpms
Repo ID:   rhel-7-server-ansible-2.4-debug-rpms
Repo ID:   rhel-7-server-ansible-2.5-debug-rpms
Repo ID:   rhel-7-server-ansible-2.6-debug-rpms
Repo ID:   rhel-7-server-ansible-2.9-source-rpms
Repo ID:   rhel-7-server-ansible-2.8-source-rpms
[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos --enable=rhel-7-server-ansible-2.9-rpms
Repository 'rhel-7-server-ansible-2.9-rpms' is enabled for this system.
[root@ansiblecontrolnode yum.repos.d]# 
[root@ansiblecontrolnode yum.repos.d]# subscription-manager repos --list-enabled
+----------------------------------------------------------+
    Available Repositories in /etc/yum.repos.d/redhat.repo
+----------------------------------------------------------+
Repo ID:   rhel-7-server-ansible-2.9-rpms
Repo Name: Red Hat Ansible Engine 2.9 RPMs for Red Hat Enterprise Linux 7 Server
Repo URL:  https://cdn.redhat.com/content/dist/rhel/server/7/7Server/$basearch/ansible/2.8/os
Enabled:   1

Repo ID:   rhel-7-server-rpms
Repo Name: Red Hat Enterprise Linux 7 Server (RPMs)
Repo URL:  https://cdn.redhat.com/content/dist/rhel/server/7/$releasever/$basearch/os
Enabled:   1

Install the ansible package using yum utility

[root@rhel7 yum.repos.d]# yum install ansible -y

Verify ansible is working properly by running adhoc command using ping module.

[ansible@ansiblecontrolnode ~]$ ansible all -m ping
ansiblenode1 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
ansiblecontrolnode | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
ansiblenode2 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[ansible@ansiblecontrolnode ~]$ 

Leave a Reply