Ansible is an open source, powerful automation software for configuring, managing and deploying software applications on the nodes without any downtime just by using SSH. Today, most of the IT Automation tools runs as a agent in remote host, but ansible just need a SSH connection and Python (2.4 or later) to be installed on the remote nodes to perform it’s action.
How Ansible Works?
There are many similar automation tools available like Puppet, Capistrano, Chef, Salt, Space Walk etc, but Ansible categorize into two types of server: controlling machines and nodes.
The controlling machine, where Ansible is installed and Nodes are managed by this controlling machine over SSH. The location of nodes are specified by controlling machine through its inventory.
The controlling machine (Ansible) deploys modules to nodes using SSH protocol and these modules are stored temporarily on remote nodes and communicate with the Ansible machine through a JSON connection over the standard output.
Ansible is agent-less, that means no need of any agent installation on remote nodes, so it means there are no any background daemons or programs are executing for Ansible, when it’s not managing any nodes.
Ansible can handle 100’s of nodes from a single system over SSH connection and the entire operation can be handled and executed by one single command ‘ansible’. But, in some cases, where you required to execute multiple commands for a deployment, here we can build playbooks.
Playbooks are bunch of commands which can perform multiple tasks and each playbooks are in YAML file format.
What’s the Use of Ansible
Ansible can be used in IT infrastructure to manage and deploy software applications to remote nodes. For example, let’s say you need to deploy a single software or multiple software to 100’s of nodes by a single command, here ansible comes into picture, with the help of Ansible you can deploy as many as applications to many nodes with one single command, but you must have a little programming knowledge for understanding the ansible scripts.
We’ve compiled a series on Ansible, title ‘Preparation for the Deployment of your IT Infrastructure with Ansible IT Automation Tool‘, through parts 1-4 and covers the following topics.
In this article, we will show you how to install ‘Ansible’ on RHEL/CentOS 7/6, Fedora 21-19, Ubuntu 14.10-13.04 and Debian 7/6 systems and also we will go through some basics on how how to manage a server by installing packages, applying updates and much more from basic to pro.
Prerequisites
- Operating System: RHEL/CentOS/Fedora and Ubuntu/Debian/Linux Mint
- Jinja2: A modern, fast and easy to use stand-alone template engine for Python.
- PyYAML: A YAML parser and emitter for the Python programming language.
- parmiko: A native Python SSHv2 channel library.
- httplib2: A comprehensive HTTP client library.
- sshpass: A non-interactive ssh password authentication.
My Environment Setup
Controlling Machine – Ansible
Operating System : Linux Mint 17.1 Rebecca IP Address : 192.168.0.254 Host-name : tecmint.instrcutor.com User : tecmint
Remote Nodes
Node 1: 192.168.0.112 Node 2: 192.168.0.113 Node 3: 192.168.0.114
Step 1: Installing Controlling Machine – Ansible
1. Before installing ‘Ansible‘ on the server, let’s first verify the details of the server like hostname and IP Address. Login into server as a root user and execute the below command to confirm system settings that we’re going to use for this setup.
# sudo ifconfig | grep inet
2. Once you confirm your system settings, it’s time to install ‘Ansible’ software on the system.
On Ubuntu/Debian/Linux Mint
Here we are going to use official Ansible PPA repository on the system, just run the below commands to add the repository.
$ sudo apt-add-repository ppa:ansible/ansible -y $ sudo apt-get update && sudo apt-get install ansible -y
On RHEL/CentOS/Fedora
Unfortunately, there are no official Ansible repository for RedHat based clones, but we can install Ansible by enabling epel repository under RHEL/CentOS 6, 7 and currently supported fedora distributions.
Fedora users can directly install Ansible through default repository, but if you are using RHEL/CentOS 6, 7, you have to enable EPEL repo.
After configuring epel repository, you can install Ansible using following command.
$ sudo yum install ansible -y
After installed successfully, you can verify the version by executing below command.
# ansible --version
Step 2: Preparing SSH Keys to Remote Hosts
4. To perform any deployment or management from the localhost to remote host first we need to create and copy the ssh keys to the remote host. In every remote host there will be a user account tecmint (in your case may be different user).
First let we create a SSH key using below command and copy the key to remote hosts.
# ssh-keygen -t rsa -b 4096 -C "[email protected]"
5. After creating SSH Key successfully, now copy the created key to all three remote server’s.
# ssh-copy-id [email protected] # ssh-copy-id [email protected] # ssh-copy-id [email protected]
6. After copying all SSH Keys to remote host, now perform a ssh key authentication on all remote hosts to check whether authentication working or not.
$ ssh [email protected] $ ssh [email protected] $ ssh [email protected]
Excellent article on Ansible for starters!
It’s a really interesting article on Ansible…
I don’t want to use ssh-key for ansible, what I need is I always need to use passwords for each and every commands
how to configure that?
Use
--ask-passcommand will ask to enter the password.is not a right one
Replace with below mentioned command:
Hi, missing only Chapter 4, when I click does not open the link for the rest of the tutorial.
Hi, I am getting below error when I try to install ansible on Linux.
Error: Package: python-paramiko-2.1.1-0.4.el7.noarch (epel) Requires: python2-pyasn1 Error: Package: python-paramiko-2.1.1-0.4.el7.noarch (epel) Requires: python-cryptographyCan someone please help..
Error: Package: ansible-2.4.2.0-1.el7.noarch (epel)
Requires: python-jinja2
Ansible installation issue
=====================
Error: Package: python-paramiko-2.1.1-0.2.el7.noarch (epel)
Requires: python-cryptography
You could try using –skip-broken to work around the problem
You could try running: rpm -Va –nofiles –nodigest
https://centos.pkgs.org/7/epel-testing-x86_64/python-paramiko-2.1.1-0.4.el7.noarch.rpm.html
when I have tried to install the ansible, after enable the repo also I am getting the following error
@Manikandan,
I think you first install python-cryptography manually using PIP tool as shown.
Faced some issues while installing Ansible in linux. Got resolved by installing below packages.
error: Failed dependencies:
python-httplib2 is needed by ansible-2.4.1.0-2.el6.noarch
python-jinja2-26 is needed by ansible-2.4.1.0-2.el6.noarch
python-keyczar is needed by ansible-2.4.1.0-2.el6.noarch
python-setuptools is needed by ansible-2.4.1.0-2.el6.noarch
python-six is needed by ansible-2.4.1.0-2.el6.noarch
sshpass is needed by ansible-2.4.1.0-2.el6.noarch
Downloaded separately all the rpms from rpmfind.net and installed.
Issue got resolved by below command after keygen in host1
ssh-copy-id
then run the ansible
ansible -m command -a “df -h ” webservers
I was not able to install ansible in my REDHAT 7, after running the below commands;
Return output
#8 command should be -> ansible all -m ping
Hello Team,
On Production server, We can’t provide internet access to server. I have download ansible.tar file. Can you suggest me the steps to install ?
Regards,
Rajesh kathar
@Rajesh,
you can try from below link, FYI it’s good to install from RPM.
http://docs.ansible.com/ansible/latest/intro_installation.html#running-from-source
If you have a proxy export it as follows your server will get internet access.
Just run below commands in terminal.
For HTTP URL: export http_proxy=http://xxx.xxx.xxx.xxx:3128
For HTTPS URL: export https_proxy=https://xxx.xxx.xxx.xxx:3128
Replace xxx with your Proxy IP and instead of 3128 replace with your proxy port.
Thanks & Regards,
Babin Lonston
192.168.0.25 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: Permission denied (publickey,password).\r\n”,
“unreachable”: true
}
192.168.4.23 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: connect to host 192.168.4.23 port 22: Connection timed out\r\n”,
“unreachable”: true
}
I got the same error. I fixed it by
1) installing python on remote servers
2) Adding the following line to /etc/ansible/hosts ( my user is shivaji )
ansible_user=shivaji
[web-servers]
192.168.1.200
192.168.1.201
@Arun,
Have you tried ssh-add, ssh-agent?
Regards,
Babin Lonston
my be your network (server )is not reachable or you havent copy ssh-key for password less login or defined user havent any key to that server.
Hi, I created script that installa Ansible on SuSe SLES11
https://github.com/kmonticolo/Ansible-on-SLES11
Hi ,
I am trying to create /etc/ansible/hosts file but it is not allowing me to either touch this file or save this file
[root@localhost ~]# ansible –version
ansible 2.2.0.0
config file =
configured module search path = Default w/o overrides
[root@localhost ~]# touch /etc/ansible/hosts
touch: cannot touch ‘/etc/ansible/hosts’: No such file or directory
when i am doing vim /etc/ansible/hosts it is giving below error whien i am trying to save
“/etc/ansible/hosts”
“/etc/ansible/hosts” E212: Can’t open file for writing
Is this file created by default or we need to create manually
make sure the ansible directory was created under /etc
Thanks for this post., I am looking for installation of ansible from the servers which is not exposed to internet. I downloaded the ansible tar.gz from git hub and ran make command but getting error as below
ansible –version
Traceback (most recent call last):
File “/home/jboss/Ansible/ansible-2.1.1.0/bin/ansible”, line 44, in
import ansible.constants as C
I tried adding the env variables like below but again seeing exception
ANSIBLE=/home/xxx/Ansible/ansible-2.1.1.0
export PATH=$PATH:$ANSIBLE/bin
export PYTHONPATH=$ANSIBLE/lib
export ANSIBLE_LIBRARY=$ANSIBLE/library
Error:
ansible:85: DeprecationWarning: BaseException.message has been deprecated as of Python 2.6
if e.message.endswith(‘ %s’ % sub):
ERROR! Unexpected Exception: No module named yaml
the full traceback was:
Traceback (most recent call last):
File “/home/jboss/Ansible/ansible-2.1.1.0/bin/ansible”, line 81, in
from ansible.cli.adhoc import AdHocCLI as mycli
File “/home/jboss/Ansible/ansible-2.1.1.0/lib/ansible/cli/__init__.py”, line 27, in
import yaml
ImportError: No module named yaml
Kindly suggest to prepare install the prerequisites and ansible in my situation
Noticed a possible typo – shouldn’t the prerequisite “parmiko” be “paramiko”? As in python-paramiko package (or pip install paramiko)?
Hi,
When i tried to copy remote server to ssh, then i got below error.
]$ ssh-copy-id 10.247.146.163
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]‘s password:
Could not chdir to home directory /export/home/akumar3: No such file or directory
Please suggest.
@Nakul,
Are you sure the /export/home/akumar3 exists on the remote server? Please confirm..
Hi Ravi,
I don’t find /export/home/akumar3 in remote server.Only /export/home/ is available.
@Nakul,
Then create that user’s home directory and try the command again, it will work for sure.
Thanks Ravi.
Its working.
No this /export/home/akumar3 doean’t exist in remote server.
hi, excellent post, just having a doubt here, I’m getting the same error sampada does, I already tried with the user the ssh keys generated, any idea what might be happening? thanks
@Erick Bazan,
Please run the ansbile from (user) were you create SSH keygen for remote servers. It will resolve this issue.
Regards
Hi I am trying to set up a ansible lab on azure cloud and trying to get hand on to replace puppet actually.
But when I m trying to run : [ ansible -m ping web-servers ]
I am getting a error as : as mentioned below in-between [ ]
[
10.1.0.17 | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh.”,
“unreachable”: true
}
]
So I tried command : [ ansible -m ping web-servers:2222 ]
But i am still getting the error as : [ [WARNING]: provided hosts list is empty, only localhost is available ]
Can somebody help me please
Thank you
Sampada
Sampada,
Try to execute the same command with the user that ssh keys generated
it was really interesting…
Thanks, very useful for a new user of ansible….
Hello. I am trying to setup ansible on my home network for testing and mabey replace puttet if i like anisble.
BUT! I have copied the key from my anisble host to my test vm, added the ip for my test vm in sudo vim /etc/ansible/hosts under [web-servers]
but when i am trying to ping the test vm from anisble then i get this message ?
# ansible -m ping web-servers
# No hosts matched
@Daniel
Have you listed all hostname or IPs under /etc/ansible/hosts ?
Excellent, nice job! :)
Thanks
Can’t install from PPA on debian, when do ‘apt-get update’ get:
‘Failed to fetch http://ppa.launchpad.net/ansible/ansible/ubuntu/dists/wheezy/main/binary-amd64/Packages 404 Not Found’
even though ‘sudo apt-add-repository ppa:ansible/ansible -y’ was successful
I am getting error after executing
ansible -m ping ‘webservers’
SUDO password:
192.168.1.239 | FAILED => SSH Error: Permission denied (publickey,password).
while connecting to 192.168.1.239:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
But ssh [email protected] is working fine. Can you please help.
Excellent Tutorial. Thanks Tecmint
Nice and clear.
I’ll be waiting for next post about ansible.
Thanks.
I love to read tecmint.com articles. …
Thankssss
For
Great
Great
Knowledge. ..
Waiting for 2nd & 3rd part…..
Please upload soon…..
i configured ansible server but i have some proble. When i ma using “sudo ansible -m ping web-servers” this command
, i got the error “No hosts matched”
I am configured “/etc/ansible/hosts” file properly.
can you cable to ping using
# sudo ansible -i /etc/ansible/hosts -m ping web-servers
Let me know..
may be you have given a different host name i.e web-servers. For me i gave webservers as my host name. Please check your host name
Nice writeup. Looking forward for part-2 with WordPress installation.
So what happened to part 2 ?
There are three parts pending to post, Will post
Thanks for the clear walkthrough. I am looking forward to part 2.
Nice article. easy to understand.
Thanks for your valuable comments, Keep watching more article about Ansible soon.