How to Install and Configure an Ansible Control Node?

Ansible is an open-source automation tool that enables system administrators to automate IT tasks such as application deployment, configuration management, and infrastructure orchestration. Ansible uses a declarative language to describe system configurations and runs tasks in parallel on multiple machines at same time. One of key components of an Ansible deployment is control node, which manages deployment process.

In this article, we'll guide you through process of installing and configuring an Ansible control node on a Linux machine.

Prerequisites

Before we begin, you will need following −

A machine running a Linux distribution (such as Ubuntu, CentOS, or Debian) with a minimum of 2GB of RAM.

A user account with sudo privileges.

Step 1: Install Ansible

The first step is to install Ansible on control node. Ansible is available in most Linux distributions' default package repositories. To install it, update your package lists and install ansible package −

sudo apt update
sudo apt install ansible

If you're using a different Linux distribution, you can follow relevant documentation to install Ansible.

Step 2: Configure Control Node

Once Ansible is installed, you need to configure control node. Ansible uses an inventory file to define hosts it will manage. inventory file is a plain text file that lists hostnames or IP addresses of machines that Ansible will manage.

By default, Ansible looks for inventory file at /etc/ansible/hosts. You can create file manually or use ansible-inventory command to generate it.

To create an inventory file manually, create a new file at /etc/ansible/hosts −

sudo nano /etc/ansible/hosts

In file, list hosts you want Ansible to manage. For example −

[webservers]
web1.example.com
web2.example.com

[dbservers]
db1.example.com

In this example, we have defined two groups: webservers and dbservers. webservers group contains two hosts, web1.example.com and web2.example.com. dbservers group contains one host, db1.example.com.

Once you have defined your inventory file, you can test that Ansible is able to connect to your hosts by running following command −

ansible all -m ping

This command will send a ping to all hosts defined in your inventory file. If Ansible is able to connect to hosts, it will return a success message.

Step 3: Configure SSH Authentication

Ansible uses SSH to connect to remote hosts and execute commands. By default, Ansible uses user account you're currently logged in with to connect to remote hosts. However, it's best practice to create a separate user account for Ansible and configure SSH authentication to use public-key authentication instead of passwords.

To create a new user account, run following command −

sudo adduser ansible

Enter a password for new user account when prompted. You can leave other fields blank.

Next, configure SSH public-key authentication for new user account. First, switch to new user account −

su ansible

Next, generate a new SSH key pair −

ssh-keygen

When prompted, press Enter to accept default file location and leave passphrase blank.

Next, copy public key to each of hosts you want Ansible to manage −

ssh-copy-id hostname

Replace hostname with hostname or IP address of each remote host. You will need to enter password for each remote host first time you connect.

Once public key has been copied to remote host, you should be able to connect to it without entering a password −

ssh hostname

If you are prompted for a password, then public key authentication has not been set up correctly.

Finally, exit new user account and switch back to your original user account −

exit

Step 4: Configure SSH Connection Settings

By default, Ansible uses SSH client installed on control node to connect to remote hosts. You can configure SSH client settings by creating an SSH configuration file at ~/.ssh/config. This file can contain settings such as default username and location of private SSH key.

To create SSH configuration file, run following command −

nano ~/.ssh/config

Add following lines to file −

Host *
   User ansible
   IdentityFile /home/ansible/.ssh/id_rsa

This configures SSH client to use ansible user and private key located at /home/ansible/.ssh/id_rsa by default. Replace path to private key with location of your own private key if it's different.

There are many more advanced configurations and features you can explore when working with Ansible. Here are some examples −

Group and Host Variables

Ansible allows you to define variables for each group or host in your inventory file. These variables can be used in your playbooks to customize configuration for each host or group.

To define variables for a group, create a new file in /etc/ansible/group_vars/ directory with same name as your group. For example, to define variables for webservers group, create a file called webservers.yml. In this file, you can define variables as key-value pairs −

nginx_version: 1.18

To define variables for a specific host, create a new file in /etc/ansible/host_vars/ directory with same name as your host. For example, to define variables for web1.example.com, create a file called web1.example.com.yml.

Playbooks

Playbooks are Ansible's way of defining tasks and configurations that should be applied to a group of hosts. Playbooks are written in YAML and can contain multiple tasks.

Here's an example playbook that installs Nginx on a group of web servers −

---
- name: Install Nginx on webservers
   hosts: webservers
   become: true
   tasks:
      - name: Install Nginx
      apt:
         name: nginx
         state: present

This playbook defines a single task that installs Nginx on all hosts in webservers group. become keyword is used to switch to root user before executing task.

Roles

Roles are a way of organizing tasks and configurations into reusable components. A role can contain tasks, templates, files, and other components that define a specific function, such as installing a web server or configuring a database.

To create a new role, use ansible-galaxy command −

ansible-galaxy init myrole

This will create a new directory called myrole that contains basic structure for a new role.

Roles can be included in playbooks using roles keyword −

---
- name: Install and configure web server
   hosts: webservers
   become: true
   roles:
      - myrole

Here are some additional topics you might want to explore when working with Ansible −

Variables

Variables are a key feature of Ansible and allow you to define values that can be reused across multiple playbooks and roles. Variables can be defined in a variety of ways, including −

• Inline variables − defined directly in a task or playbook.

• Inventory variables − defined in inventory file for a specific host or group.

• Group variables − defined in a YAML file in /etc/ansible/group_vars directory for a specific group.

• Host variables − defined in a YAML file in /etc/ansible/host_vars directory for a specific host.

• Role variables − defined in a YAML file in vars directory of a role.

Variables can be used in tasks and playbooks using {{ variable_name }} syntax.

Conditionals

Conditionals allow you to control flow of your playbooks and tasks based on specific conditions. Ansible supports a wide range of conditionals, including when, failed_when, and changed_when. These conditionals can be used to check state of a system or to determine whether a task needs to be executed.

Handlers

Handlers are tasks that are only executed when a specific condition is met. Handlers are typically used to restart services or perform other actions that are only necessary when a configuration change has been made. Handlers are defined in a playbook or role using notify keyword.

Templates

Templates allow you to define dynamic configuration files that can be customized for each host or group. Templates are typically written in Jinja2 syntax and can include variables and conditionals. Templates are defined in a role or playbook using template keyword.

Conclusion

In this article, we have walked you through process of installing and configuring an Ansible control node on a Linux machine. We started by installing Ansible and creating an inventory file to define hosts that Ansible will manage. We then configured SSH authentication and connection settings to enable Ansible to connect to remote hosts.

By following these steps, you should now have a fully functional Ansible control node that can manage your IT infrastructure efficiently and easily.