Site icon CentLinux

How to Install Ansible Control Node on CentOS 8

Share on Social Media

In this article, you will learn how to install Ansible Control Node on CentOS 8. Later, we will also configure an Ansible managed node and execute some adhoc commands on it. #centlinux #linux #ansible

What is Ansible?:

Ansible is an open-source software provisioning, configuration management, and application deployment tool. Ansible is developed by Red Hat and available in free and commercial editions.

Unlike Puppet and Chef, Ansible is agent-less. Ansible uses declarative language to define system configurations and uses SSH service and Python scripts to apply configurations on the managed nodes.

The Ansible machine that is used for management and administration of nodes is called Ansible Control Node. Whereas, the controlled nodes are called Ansible Managed hosts.

The Ansible control node has the Inventory of managed nodes and the Ansible software to manage it.

Ansible vs Terraform

Ansible and Terraform are popular tools used in the field of DevOps for infrastructure management and automation. However, they serve different purposes and are best suited for different tasks. Here’s a comparison of Ansible and Terraform:

Overview

Ansible:

Terraform:

Key Differences

When to Use Which?

Conclusion

Ansible and Terraform are both powerful tools but are optimized for different aspects of infrastructure management. Ansible excels in configuration management and orchestration, while Terraform is designed for infrastructure provisioning and management. Many organizations use both tools in tandem to take advantage of their respective strengths.

Recommended Online Training: Ultimate Ansible Bootcamp by School of Devops

Environment Specification

We are using two minimal CentOS 8 virtual machine with following specification.

Ansible Control Node:

Ansible Managed Node:

Update your Linux OS

Connect to ansible-01.centlinux.com as root user by using a ssh tool or you can configure a Jump Server to securely connect to your network servers from a web-based ssh interface.

It is a best practice to always update the Linux OS and installed software packages before initiating to install ansible control node.

We can update CentOS 8 software packages by using dnf command.

# dnf update -y
CentOS-8 - AppStream                            801  B/s | 4.3 kB     00:05
CentOS-8 - Base                                 3.1 kB/s | 3.9 kB     00:01
CentOS-8 - Extras                               2.2 kB/s | 1.5 kB     00:00
Dependencies resolved.
Nothing to do.
Complete!

Since, we have recently updated our CentOS 8 software packages, therefore, there is nothing to upgrade at this time.

Installing Python on CentOS 8

To install Ansible Control Node, we require Python 2 (version 2.7) or Python 3 (version 3.5 or higher).

In CentOS 8 default yum repositories, we have Python 2.7 and Python 3.6 both are available. So we can install any of them to fulfill the Ansible requirements.

We are installing Python 3.6 on CentOS 8 as follows.

# dnf module install -y python36

Check version of Python to verify that it has been installed correctly.

# python3 --version
Python 3.6.8

Installing EPEL Yum Repository

EPEL (Extra Packages for Enterprise Linux) is a free community supported yum repository from Fedora team. EPEL provides latest versions of Linux software that are not available in standard yum repositories.

We can enable EPEL yum repository on CentOS 8 by installing the epel-release package.

# dnf install -y epel-release

Build cache for EPEL yum repository.

# dnf makecache
CentOS-8 - AppStream                            6.1 kB/s | 4.3 kB     00:00
CentOS-8 - Base                                 6.1 kB/s | 3.9 kB     00:00
CentOS-8 - Extras                               3.3 kB/s | 1.5 kB     00:00
Extra Packages for Enterprise Linux Modular 8 - 6.6 kB/s | 117 kB     00:17
Extra Packages for Enterprise Linux 8 - x86_64  496 kB/s | 6.6 MB     00:13
Metadata cache created.

EPEL yum repository has been installed and ready for use.

Install Ansible Control Node

We can install Ansible on CentOS 8, by one of the following three methods.

  1. Install the latest release of Ansible from EPEL yum repository
  2. Install Ansible by using pip (Python Package Manager)
  3. Install by compiling the Ansible source code available at GitHub

Here, we are installing Ansible by using EPEL yum repository.

First of all, check the available version of Ansible in EPEL repository.

# dnf info ansible --repo=epel
Last metadata expiration check: 0:02:29 ago on Sat 16 May 2020 02:07:46 AM PKT.
Available Packages
Name         : ansible
Version      : 2.9.7
Release      : 1.el8
Architecture : noarch
Size         : 17 M
Source       : ansible-2.9.7-1.el8.src.rpm
Repository   : epel
Summary      : SSH-based configuration management, deployment, and task
             : execution system
URL          : http://ansible.com
License      : GPLv3+
Description  : Ansible is a radically simple model-driven configuration
             : management, multi-node deployment, and remote task execution
             : system. Ansible works over SSH and does not require any software
             : or daemons to be installed on remote nodes. Extension modules can
             : be written in any language and are transferred to managed
             : machines automatically.

We have Ansible 2.9 available in EPEL yum repository. Therefore, We are installing it by using dnf command.

# dnf install -y ansible

Verify the Ansible installation by checking its version as follows.

# ansible --version
ansible 2.9.7
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 (Red Hat 8.3.1-4)]

Enable Bash Completion for Ansible Commands

As of Ansible 2.9, shell completion of Ansible commands is available and provided through an optional dependency called argcomplete. argcomplete supports bash but has limited support for zsh and tcsh.

We are installing python3-argcomplete package to enable bash completion of Ansible commands.

# dnf install -y python3-argcomplete

Configure argcomplete to enable bash completion of Ansible commands.

# activate-global-python-argcomplete
activate-global-python-argcomplete
Installing bash completion script /etc/bash_completion.d/python-argcomplete.sh
printf "33]0;%s@%s:%s07" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"

Generate SSH Key Pair for Ansible Control Node

We are generating a SSH key pair for our Ansible Control Node. This SSH key pair will be used to setup password-less authentication on Ansible Managed Nodes.

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:4yfSptgQTPY9+1X+Qh0tJ3e9VDvPGz/KzlpBmm0qjmg root@ansible-01.centlinux.com
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|                .|
|    o        .  =|
|   + . .    = o=*|
|    o . S  o +oB*|
|     . o +  oooo+|
|    . . *....o. +|
|     E.+o+..+ .+.|
|    o.o. ...o=..o|
+----[SHA256]-----+

Add an Ansible Managed Node

If we want to manage a CentOS 8 node, then we have perform some necessary configurations thereon.

If you are not using a DNS server for your network then you have to configure name resolution of managed nodes by using Local DNS Resolver.

Add the name resolution entry in hosts file of Ansible control node.

# echo "192.168.116.206 apache-01 apache-01.centlinux.com" >> /etc/hosts

There are only two software required to setup a Ansible Managed node.

  1. sshd with password less authentication
  2. Python

In CentOS 8 based systems, sshd is installed by default. So, we are only required to configure the password less authentication on it.

It is quiet easy, since we have already generated the SSH key pair. We now use the ssh-copy-id command to copy the public key to the managed node.

# ssh-copy-id root@apache-01.centlinux.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'apache-01.centlinux.com (192.168.116.206)' can't be established.
ECDSA key fingerprint is SHA256:skGj4xg0w+jIQtrfF8AOdfItgcXUQQu+bWUFfvws1Hk.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@apache-01.centlinux.com's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@apache-01.centlinux.com'"
and check to make sure that only the key(s) you wanted were added.

That’s all for the Ansible control node configurations. Now login to Ansible managed node (apache-01.centlinux.com) and install Python 3.6 thereon.

# dnf module install -y python36

Verify Python installation by checking its version.

# python3 --version
Python 3.6.8

apache-01.centlinux.com node is ready to be managed by the Ansible. Now login to Ansible control node and add apache-01.centlinux.com node in Ansible Inventory.

Create a directory to store Ansible inventory files.

# mkdir ansible
# cd ansible

Create the hosts file to define Ansible managed nodes.

# vi hosts

Add a section [webservers] and add apache-01.centlinux.com node in it.

[webservers]
apache-01.centlinux.com

These configurations are quiet enough for executing Ansible adhoc commands. However, we can also write Ansible playbooks for orchestration of managed nodes.

List down the Ansible managed hosts from the Inventory.

# ansible -i hosts --list-hosts all
  hosts (1):
    apache-01.centlinux.com

Check connectivity by pinging Ansible managed nodes.

# ansible -i hosts -m ping all
apache-01.centlinux.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

By using Ansible execute a command to managed host. We are installing Apache HTTP server on all the nodes in webservers section.

# ansible -i hosts -m shell -a 'dnf install -y httpd' webservers

Recommended Book: Mastering Ansible – 3rd Edition (PAID LINK) by Packt Publishing

Final Thoughts

In conclusion, setting up an Ansible Control Node on CentOS 8 can significantly streamline your IT operations, enhancing efficiency and reliability across your infrastructure. Whether you’re managing a small network or a large-scale enterprise environment, Ansible provides the tools you need to automate and simplify your workflow.

If you’re ready to take the next step and want professional assistance, I offer a specialized service to install Ansible Control Node on Linux. By leveraging my expertise, you can ensure a smooth, hassle-free setup tailored to your specific needs.

Visit my Fiverr profile to learn more and book my service: DevOps Engineer

Thank you for reading, and I look forward to helping you optimize your IT management!

Exit mobile version