Home/How to install and configure Ansible

How to install and configure Ansible

Published On: 8 March 2021.By .
  • Performance and Security

What is Ansible ?

Ansible is a simple open source IT engine which automates application deployment, intra-service orchestration,configuration management and many other IT needs. Ansible is easy to deploy because it does not use any agents or custom security infrastructure.
Ansible is a push based configuration management tool which means that we can directly push all the configuration on to the host machine directly.
Ansible uses playbook to describe automation jobs, and playbook uses very simple language i.e. YAML which is very easy for humans to understand, read and write. Hence the advantage is that even the IT infrastructure support guys can read and understand the playbook and debug if needed (YAML – It is in human readable form).

Features of Ansible

  1. Simple to install and setup and very easy to learn.
  2. No need for any agent or client software to manage the nodes, all that we need to install ansible on the control machine and make ssh connection with your nodes and start pushing configuration right away.
  3. Capabilities to model complex IT workflows .
  4. Ansible modules can be extended and modified and we can modify them in any programming language.

Ansible Architecture

The picture shown below show how ansible works

Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them. Ansible then executes these modules (over SSH by default), and removes them when finished. Your library of modules can reside on any machine, and there are no servers, daemons, or databases required.
The management node in the above picture is the controlling node (managing node) which controls the entire execution of the playbook. It’s the node from which you are running the installation.The Ansible management node is the machine we will use to connect to and control the Ansible hosts over SSH. Your Ansible management node can either be your local machine or a server dedicated to running Ansible
Inventory is a file which contains the list of all IP addresses of all host machines.
Playbook describes the whole workflow of system.Playbook contains a set of place which are set of tasks and inside every task there is particular module so when we run a playbook it’s the modules that actually get executed on all your node machine
Ansible host is any machine that your Ansible control node is configured to automate.

Ansible Installation

  1. Go to ansible control node and set its non-root user with sudo privileges. To set this up,
    1. Create new user
      $ adduser username


    2. Granting Administrative Privileges
      As root, run this command to add your new user to the sudo group

      $ usermod -aG sudo username
  2. Generate SSH keypair for this user. To set this up, you can follow Step 1 of link How to Set Up SSH Keys on Ubuntu 18.04
  3. Go to ansible host node and add Ansible control node SSH public key to the authorized_keys of hosts.This we can add by following Step 2 of link How to Set up SSH keys on Ubuntu 18.04
  4. Installing Ansible on Control node
    We can setup ansible by running following commands:

    $ sudo apt-add-repository ppa:ansible/ansible
    $ sudo apt update
    $ sudo apt install ansible
  5. Setup Inventory file on Control node
    Inventory file contains information about the hosts that you will manage through ansible.Inventory file contains any number of hosts that can be organized under groups and subgroups.Edit the content of default inventory file present

    $ sudo nano /etc/ansible/hosts

    Or we can create new inventory file and provide its path using parameter -iThe default inventory file provided by the Ansible installation contains a number of examples that you can use as references for setting up your inventory. The following example defines a group named [servers] with three different servers in it, each identified by a custom alias: server1, server2, and server3. Be sure to replace the highlighted IPs with the IP addresses of your Ansible hosts.

    server1 ansible_host=
    server2 ansible_host=
    server3 ansible_host=

    Now save the file

  6. Testing Connection From your local machine run :
    $ ansible all -m ping -u root

    This command will use Ansible’s built-in ping module to run a connectivity test on all nodes from your default inventory, connecting as root. The ping module will test:

    1. if hosts are accessible.
    2. if you have valid SSH credentials.
    3. if hosts are able to run Ansible modules using Python.

    You should get output similar to this:

    server1 | SUCCESS => {
    "changed": false,
    "ping": "pong"
    server2 | SUCCESS => {
    "changed": false,
    "ping": "pong"
    server3 | SUCCESS => {
    "changed": false,
    "ping": "pong"
  7. Writing Playbook File
    For actual server setup we write playbook file.Playbook file is YAML file that contains a series of task that needs to be executed on host machine
    Task Format
    A task defines a single automated step that should be executed by Ansible. It typically involves the usage of a module or the execution of a raw command. This is how a task looks:

    - name: This is a task
      apt: name=vim state=latest

    The name part is actually optional, but recommended, as it shows up in the output of the provisioning when the task is executed. The apt part is a built-in Ansible module that abstracts the management of packages on Debian-based distributions. This example task tells Ansible that the package vim should have its state changed to latest, which will cause the package manager to install this package in case it is not installed yet.
    Playbook Format
    Playbooks are YAML files containing a series of task to automate the setup of a server.Task are executed in the order in which we have written them in the file. The following example is a simple playbook that perform two tasks: updates the apt cache and installs vim afterwards:

    - hosts: all
        - name: Update apt-cache
          apt: update_cache=yes
          become: yes
        - name: Install Vim
          apt: name=vim state=latest
          become: yes

    Let’s describe this playbook in more detail:
    hosts: all
    The playbook starts by stating that it should be applied to all hosts in your inventory (hosts: all). It is possible to restrict the playbook’s execution to a specific host, or a group of hosts. This option can be overwritten at execution time.
    become: true
    The become: true portion tells Ansible to use sudo permission for executing all the tasks in this playbook.
    The section where the actual tasks are defined. The first task updates the apt cache, and the second task installs the package vim.

  8. Running a Playbook
    The following command will execute the playbook on all hosts from your default inventory file, using SSH keypair authentication to connect as the current system user:

    $ ansible-playbook playbook.yml

    You can also use -l to limit execution to a single host or a group of hosts from your inventory:

    $ ansible-playbook -l host_or_group playbook.yml

    If you need to specify a different SSH user to connect to the remote server, you can include the argument -u user to that command:

    $ ansible-playbook -l host_or_group playbook.yml -u remote-user

    If you need to specify a different inventory file, you can use -i to specify different inventory file path:

    $ ansible-playbook -i inventory_file.ini playbook.yml

E.g Install Nginx on Hosts

- hosts: all
    - name: ensure nginx is at the latest version
      apt: name=nginx state=latest
      become: yes
    - name: start nginx
          name: nginx
          state: started
      become: yes
    - name: copy the nginx config file and restart nginx
        src: /var/www/html/ansible/static_site.cfg
        dest: /etc/nginx/sites-available/static_site.cfg
      become: yes
    - name: create symlink
        src: /etc/nginx/sites-available/static_site.cfg
        dest: /etc/nginx/sites-enabled/default
        state: link
      become: yes
    - name: copy the content of the web site
        src: /var/www/html/ansible/static-site-src/
        dest: /home/kamal/static-site
    - name: restart nginx
        name: nginx
        state: restarted
      become: yes


Related content

We Love Conversations

Say Hello
Go to Top