Tag Archives: run command using ansible

Install Ansible in Linux

2 Replies

Small tutorial about how to install Ansible in Linux and run ansible command on the remote clients from the control server.

Ansible installation in Linux

What is Ansible ?

Ansible is an open-source configuration management tool developed by Red Hat. You can have enterprise support for it from Red Hat subscriptions. Ansible is written in Python, Ruby, and Power shell. It uses SSH in the background to communicate with clients and execute tasks. The best feature of Ansible is being agent-less hence no load on clients and configurations can be pushed from the server at any time.

Ansible installation

The first pre-requisite of Ansible is: Primary or control server should have password-less SSH connection configured for Ansible user for all its client servers. You can configure passwordless SSH in two commands steps using ssh-keygen and ssh-copy-id.

For our understanding, we have 1 control server kerneltalks1 and 1 client kerneltalks2 and we have configured passwordless SSH for user shrikant (which we treat as Ansible user here)

Lets install Ansible on control server i.e. kerneltalks1

Ansible can be installed using the normal package installation procedure. Below are quick commands for your reference.

  • RHELsubscription-manager repos --enable rhel-7-server-ansible-2.6-rpms; yum install ansible
  • CentOS, Fedora : yum install ansible
  • Ubuntuapt-add-repository --yes --update ppa:ansible/ansibleapt-get install ansible
  • Git clone : git clone https://github.com/ansible/ansible.git
    • cd ./ansiblemake rpm
    • rpm -Uvh ./rpm-build/ansible-*.noarch.rpm

I installed Ansible on my CentOS machine using above command.

[root@kerneltalks1 ~]# ansible --version
ansible 2.7.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

Ansible default config structure

After installation, Ansible creates/etc/ansible directory with default configuration in it.  You can find ansible.cfg and hosts files in it.

[root@kerneltalks1 ~]# ll /etc/ansible
total 24
-rw-r--r--. 1 root root 20269 Oct  9 01:34 ansible.cfg
-rw-r--r--. 1 root root  1016 Oct  9 01:34 hosts
drwxr-xr-x. 2 root root     6 Oct  9 01:34 roles

ansible.cfg is default configuration file for ansible executable

hosts is a list of clients on which control server executes commands remotely via password-less SSH.

Running first command via Ansible

Let’s configure kerneltalks2 and run our first Ansible command on it remotely from kerneltalks1 control server.

You need to configure the password less ssh as we discussed earlier. Then add this server name in /etc/ansible/hosts file.

root@kerneltalks1 # cat /etc/ansible/hosts
[testservers]
 172.31.81.83

Here IP mentioned is of kerneltalks2 and you can specify the grouping of servers in square braces. And you are good to go. Run ansible command with ping module (-m switch). There are many modules comes in-built with ansible which you can use rather than using equivalent shell commands.

[shrikant@kerneltalks1 ~]$ ansible -m ping all
172.31.81.83 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

You can see the output is a success on the mentioned IP. So we installed and ran the first successful command using ansible!

Common errors

1. If you try to run ansible command on a group of the server which does not exist in the host file. You will see below error –

[shrikant@kerneltalks1 ~]$ ansible -m ping testserver
 [WARNING]: Could not match supplied host pattern, ignoring: testserver

 [WARNING]: No hosts matched, nothing to do

You need to check /etc/ansible/hosts file (or hosts files being referred by your ansible installation) and make sure the server group mentioned on command exists in it.

2. If you do not configure passwordless SSH from the control server to the client or If the client is not reachable over the network you will see below error.

[root@kerneltalks1 ansible]# ansible -m ping all
kerneltalks2 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'kerneltalks2,172.31.81.83' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\r\n",
    "unreachable": true
}

You need to check the connectivity and passwordless ssh access from the control server.