How to install Ansible on Rocky Linux 9

Discover how to install Ansible on Rocky Linux 9 with our comprehensive step-by-step guide. Simplify your IT automation and configuration management with Ansible today. #centlinux #linux #ansible

What is Ansible?

Ansible is a suite of software tools that enables infrastructure as code. It is open-source and the suite includes software provisioning, configuration management, and application deployment functionality. (Ansible Official Website)

Originally written by Michael DeHaan and acquired by Red Hat in 2015, Ansible is designed to configure both Unix-like systems as well as Microsoft Windows. Ansible is agentless, relying on temporary remote connections via SSH or Windows Remote Management which allows PowerShell execution. 

The Ansible control node runs on most Unix-like systems that are able to run Python, including Windows with WSL installed. System configuration is defined in part by using its own declarative language.(Source: Wikipedia)

What is Ansible Control Node?

The Ansible control node (master host) is intended to manage (orchestrate) target machines (nodes termed as “inventory”. Control nodes are only available for Linux and the like; Windows OSs are not supported. Multiple control nodes are allowed. Ansible does not require a single controlling machine for orchestration, ensuring that disaster recovery is simple. Nodes are managed by the controlling node over SSH.

What is an Ansible Playbook?

An Ansible playbook is a YAML file used to automate IT tasks on managed hosts. It defines a series of instructions, called “plays,” that describe the desired state of a system. Key components include hosts (target machines), tasks (actions to perform), variables (dynamic values), handlers (triggered tasks), and modules (units of work). Playbooks are human-readable, idempotent (repeated runs yield the same result), and reusable. They simplify provisioning, configuration, and deployment without needing agents on target machines, making Ansible an efficient tool for consistent and scalable infrastructure management.

Ansible vs Terraform

Ansible and Terraform are both popular tools for managing IT infrastructure, but they serve different purposes and have unique strengths.

Ansible

Purpose: Configuration management and orchestration.

Key Features

• Agentless: Uses SSH for communication, eliminating the need for agent software on managed hosts.
• Procedural: Describes the steps to achieve the desired state.
• Flexibility: Suitable for managing both the configuration of servers and deploying applications.
• Ad-Hoc Commands: Allows for executing commands across multiple machines without pre-defined playbooks.
• Modules: Supports a wide range of built-in modules for various tasks, making it highly versatile.

Use Cases

• Automating software installation and configuration.
• Managing system states (e.g., ensuring services are running).
• Orchestrating complex deployment workflows.

Pros

• Easy to learn with a simple, human-readable syntax (YAML).
• Quick to set up and start using without extensive pre-configuration.
• Strong community support and extensive documentation.

Cons

• Procedural nature can make complex dependencies harder to manage.
• Not as strong in infrastructure provisioning compared to Terraform.

Terraform

Purpose: Infrastructure as Code (IaC) and provisioning.

Key Features

• Declarative: Defines the desired end state of infrastructure, and Terraform determines the steps to achieve it.
• Provider Support: Supports a wide range of cloud providers (AWS, Azure, GCP) and on-premises solutions.
• State Management: Maintains a state file to track infrastructure changes, ensuring consistency.
• Modules: Promotes reuse and sharing of infrastructure code.

Use Cases

• Provisioning and managing cloud resources (VMs, networks, databases).
• Defining and enforcing infrastructure policies.
• Automating infrastructure lifecycle (creation, updates, and deletion).

Pros

• Strong focus on infrastructure provisioning and lifecycle management.
• Declarative syntax simplifies complex dependency management.
• Supports plan and apply workflows for previewing changes before applying them.

Cons

• Requires managing state files, which can be complex in collaborative environments.
• Learning curve can be steeper compared to Ansible, especially for those new to IaC concepts.

Read Also: How to install Terraform on Rocky Linux 10

Conclusion

• Ansible is ideal for configuration management, software deployment, and ad-hoc tasks, with its agentless and procedural approach.
• Terraform excels at infrastructure provisioning and managing the entire lifecycle of cloud resources with its declarative syntax and state management.

Choosing between them often depends on the specific needs of your infrastructure management strategy. For comprehensive automation, many organizations use both tools together: Terraform for provisioning and Ansible for configuration management.

Environment Specification

We are using a Rocky Linux 9 minimal installed virtual machine with following specifications.

• CPU – 3.4 Ghz (2 cores)
• Memory – 2 GB
• Storage – 20 GB
• Operating System – Rocky Linux release 9.0 (Blue Onyx)
• Hostname – control.centlinux.com
• IP Address – 192.168.116.131 /24

For experimenting with Ansible and other Linux server tools, setting up a dedicated Home Lab environment is highly beneficial. A compact Mini PC offers excellent performance with low power consumption, making it an ideal choice for running Rocky Linux 9 and practicing Ansible automation in a real-world setting.

[Power Your Projects with the Best Mini PC – Shop Now!]

Alternatively, using a reliable VPS like Bluehost’s VPS hosting provides a flexible cloud-based environment accessible from anywhere, perfect for remote testing and development.

[Try Bluehost VPS Now – Perfect for Linux & DevOps Enthusiasts!]

Both options enable hands-on experience with Linux servers and automation workflows.

Disclaimer: Some of the links in this post are affiliate links, which means I may earn a small commission at no extra cost to you if you choose to purchase through them. This helps support the blog and allows me to keep creating quality content.

Configure Hostname and Name Resolution

By using a ssh client, connect with control.centlinux.com as root user.

Set the hostname of your Rocky Linux server as follows.

hostnamectl set-hostname control.centlinux.com

If you are not using a Private DNS Server, then you have to configure name resolution by using the Local DNS Resolver.

Execute following command at Linux bash prompt to add the name resolution directive in the /etc/hosts file.

echo "192.168.116.131 control control.centlinux.com" >> /etc/hosts

Update your Rocky Linux OS

Refresh your yum cache by using following command.

dnf makecache

Execute following dnf command to update all installed software packages on your Linux operating system.

dnf update -y

If the above command updates your Linux Kernel, then you should reboot your operating system with the new Linux Kernel.

reboot

Check the versions of Linux operating system and Kernel as follows.

cat /etc/rocky-release
uname -r

Output:

Rocky Linux release 9.0 (Blue Onyx)
5.14.0-70.17.1.el9_0.x86_64

Install Ansible on Rocky Linux 9

Unlike CentOS 8, Ansible is now available via standard yum repositories of Rocky Linux 9.

You can easily install Ansible software by using a dnf command.

dnf install -y ansible-core

After successful installation, verify the version of Ansible software.

ansible --version

Output:

ansible [core 2.12.2]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.10 (main, Feb  9 2022, 00:00:00) [GCC 11.2.1 20220127 (Red Hat 11.2.1-9)]
  jinja version = 2.11.3
  libyaml = True

Create Linux User for Ansible Node Management

Create a Linux user for managing your Ansible control node and managed nodes.

You have to create this user on each managed node to grant access for executing Ansible plays and Adhoc commands.

Execute adduser command to create ansible user and passwd command to set a password.

adduser ansible
passwd ansible

Ansible user requires sudo privileges to execute administrative commands on the managed hosts. Since, our Ansible control node is also a managed host therefore, grant the sudo privilege to ansible user as follows.

echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ansible

For your convenience, you can setup the key-based authentication among Ansible control node and managed nodes.

Login as ansible user.

su - ansible

and generate a ssh key-pair by using following command.

ssh-keygen

Output:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansible/.ssh/id_rsa):
Created directory '/home/ansible/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ansible/.ssh/id_rsa
Your public key has been saved in /home/ansible/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:4b/tm++yY5pgRgsNLhuNLg4qywXjxOiE0sHkLIlMdeU ansible@control.centlinux.com
The key's randomart image is:
+---[RSA 3072]----+
| .o. ...         |
|+*  . .          |
|+.=   .E.        |
|+o . + + .       |
|+*. + + S        |
|* o. + o o       |
|.o..o   = .      |
|+o..   o . ++.   |
|+o.       ++*Bo  |
+----[SHA256]-----+

Now copy the generated ssh key to the target system, i.e. Ansible control node. For better manageability, you have to copy ssh key on every Ansible managed node.

ssh-copy-id ansible@control

Output:

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ansible/.ssh/id_rsa.pub"
The authenticity of host 'control (192.168.116.131)' can't be established.
ED25519 key fingerprint is SHA256:JoCfyRGNeBGu3tEQ74hTMaaErN1kU+cTr8+HuTBak3w.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ansible@control's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ansible@control'"
and check to make sure that only the key(s) you wanted were added.

Create Ansible Project Directory

For better management of Ansible Inventory, playbooks and configurations. You should create a project directory as follows.

mkdir base

Create an Ansible Inventory file in base directory.

cd base
vi inventory

Add following hosts and host groups in this file.

control
ansible1
ansible2

[web]
ansible1

[db]
ansible2

Create a custom ansible.cfg file by using vim text editor.

vi ansible.cfg

Add following directives in this file.

[defaults]
remote_user = ansible
host_key_checking = false
inventory = inventory

[privilege_escalation]
become = True 
become_method = sudo 
become_user = root 
become_ask_pass = False 

Now, query your inventory file to check your configurations are working fine.

ansible-inventory --graph

Output:

@all:
  |--@db:
  |  |--ansible2
  |--@ungrouped:
  |  |--control
  |--@web:
  |  |--ansible1

Install Ansible Collections

Additionally, you can download and install Ansible collections (Set of Ansible Modules) that are available at Ansible Galaxy.

You can use ansible-galaxy command to install a Ansible collection.

ansible-galaxy collection install ansible.posix

Output:

Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/ansible-posix-1.4.0.tar.gz to /home/ansible/.ansible/tmp/ansible-local-9129vnjemc0/tmpvez7op32/ansible-posix-1.4.0-91fegzol
Installing 'ansible.posix:1.4.0' to '/home/ansible/.ansible/collections/ansible_collections/ansible/posix'
ansible.posix:1.4.0 was installed successfully

Check the list of installed Ansible collections to verify ansible.posix installation.

ansible-galaxy collection list

Output:

# /home/ansible/.ansible/collections/ansible_collections
Collection    Version
------------- -------
ansible.posix 1.4.0

Execute Ansible Adhoc Commands

By using Ping module, execute following Ansible adhoc command to check node manageability.

ansible all -m ping

Output:

control | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
ansible1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible1: Name or service not known",
    "unreachable": true
}
ansible2 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible2: Name or service not known",
    "unreachable": true
}

Definitely, ansible1 and ansible2 are non existent machines. Therefore, you are receiving UNREACHABLE error for them.

However, the control (Ansible control node) machine is returning a SUCCESS response.

Now, by using yum module, install bash-completion package on control node.

ansible control -m yum -a "name=bash-completion state=latest"

Output:

control | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: bash-completion-1:2.11-4.el9.noarch",
        "Installed: pkgconf-pkg-config-1.7.3-9.el9.x86_64",
        "Installed: pkgconf-m4-1.7.3-9.el9.noarch",
        "Installed: pkgconf-1.7.3-9.el9.x86_64",
        "Installed: libpkgconf-1.7.3-9.el9.x86_64"
    ]
}

By using the firewalld module that was being installed with ansible.posix collection, you can easily configure the Linux firewall with Ansible.

ansible control -m firewalld -a "service=http state=enabled immediate=yes permanent=yes"

Output:

control | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": true,
    "msg": "Permanent and Non-Permanent(immediate) operation, Changed service http to enabled"
}

Power Off the Ansible control node by using command module.

ansible control -a "poweroff"

Read Also:

How to install Ansible on Rocky Linux 8
How to install Ansible on CentOS 7

Video Tutorial

Final Thoughts

Thank you for following our guide on how to install Ansible on Rocky Linux 9. We hope this tutorial has made the installation process clear and straightforward.

Need expert AWS and Linux system administration? From cloud architecture to server optimization, I provide reliable and efficient solutions tailored to your needs. Hire me today!

FAQs

Q1: Can I install Ansible without using root privileges?
A1: Yes, you can install and run Ansible in a virtual environment or user space without root access, but some tasks may require elevated permissions.

Q2: Is it necessary to disable SELinux or firewalld for Ansible to work smoothly?
A2: Not necessarily. Proper configuration of SELinux and firewalld is recommended, but they do not need to be disabled entirely unless they interfere with specific tasks.

Q3: Can I install a specific version of Ansible on Rocky Linux 9?
A3: Yes, you can specify a version during installation by using pip (Python package manager) or by downloading a particular release from the source.

Q4: Will installing Ansible impact my existing Python environment?
A4: Installing Ansible via pip can affect your global Python setup. Using a virtual environment isolates dependencies and avoids conflicts.

Q5: Is it possible to use Ansible with graphical user interfaces (GUIs) on Rocky Linux?
A5: Ansible itself is command-line-based, but you can integrate it with web-based management tools like Ansible Tower or AWX for GUI access.

Recommended Courses

If you’re new to DevOps and want to build a strong foundation in automation, Ansible for the Absolute Beginner – Hands-On – DevOps by Mumshad Mannambeth is the perfect place to start. This highly-rated course walks you through the core concepts of Ansible with practical, step-by-step exercises, making it easy to learn even if you have zero prior experience.

By the end, you’ll have the confidence to automate real-world tasks and accelerate your DevOps journey. Don’t wait until you’re left behind in the job market—invest in your skills today and unlock future opportunities.

Disclaimer: This post contains affiliate links. If you purchase through these links, I may earn a small commission at no additional cost to you.