How to Install and Configure an Ansible Control Node?

Ansible is an open-source automation tool that enables system administrators to automate IT tasks such as application deployment, configuration management, and infrastructure orchestration. Ansible uses a declarative language to describe system configurations and runs tasks in parallel on multiple machines simultaneously. One of the key components of an Ansible deployment is the control node, which manages the deployment process.

In this article, we'll guide you through the process of installing and configuring an Ansible control node on a Linux machine.

Prerequisites

Before we begin, you will need the following

• A machine running a Linux distribution (such as Ubuntu, CentOS, or Debian) with a minimum of 2GB of RAM

• A user account with sudo privileges

• Network connectivity to target hosts

Step 1: Install Ansible

The first step is to install Ansible on the control node. Ansible is available in most Linux distributions' default package repositories. To install it, update your package lists and install the ansible package

sudo apt update
sudo apt install ansible

For CentOS/RHEL systems, use

sudo yum install epel-release
sudo yum install ansible

Verify the installation by checking the version

ansible --version

Step 2: Configure the Inventory File

Once Ansible is installed, you need to configure the control node. Ansible uses an inventory file to define the hosts it will manage. The inventory file is a plain text file that lists hostnames or IP addresses of machines that Ansible will manage.

By default, Ansible looks for the inventory file at /etc/ansible/hosts. Create the file manually

sudo nano /etc/ansible/hosts

In the file, list the hosts you want Ansible to manage. For example

[webservers]
web1.example.com
web2.example.com
192.168.1.10

[dbservers]
db1.example.com
192.168.1.20

[all:vars]
ansible_user=ansible

In this example, we have defined two groups: webservers and dbservers. The [all:vars] section defines variables that apply to all hosts.

Test that Ansible can connect to your hosts by running

ansible all -m ping

Step 3: Configure SSH Authentication

Ansible uses SSH to connect to remote hosts and execute commands. It's best practice to create a separate user account for Ansible and configure SSH public-key authentication.

Create a new user account

sudo adduser ansible
sudo usermod -aG sudo ansible

Switch to the new user account and generate an SSH key pair

su ansible
ssh-keygen -t rsa -b 2048

When prompted, press Enter to accept the default file location and leave the passphrase blank for automation purposes.

Copy the public key to each remote host

ssh-copy-id ansible@hostname

Replace hostname with the hostname or IP address of each remote host. Test the connection

ssh ansible@hostname

If you can connect without entering a password, the key-based authentication is working correctly.

Step 4: Configure SSH Connection Settings

Create an SSH configuration file to streamline connections

nano ~/.ssh/config

Add the following configuration

Host *
    User ansible
    IdentityFile ~/.ssh/id_rsa
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null

This configures SSH to use the ansible user and the specified private key by default.

Advanced Configuration

Group and Host Variables

Define variables for groups by creating files in /etc/ansible/group_vars/

sudo mkdir -p /etc/ansible/group_vars
sudo nano /etc/ansible/group_vars/webservers.yml

Example group variables

nginx_version: 1.18
http_port: 80
max_clients: 200

Sample Playbook

Create a simple playbook to test your setup

nano test-playbook.yml

---
- name: Test Ansible Setup
  hosts: all
  become: true
  tasks:
    - name: Ensure system is up to date
      apt:
        update_cache: yes
        upgrade: dist
      when: ansible_os_family == "Debian"
    
    - name: Install basic packages
      package:
        name: "{{ item }}"
        state: present
      loop:
        - curl
        - wget
        - vim

Run the playbook

ansible-playbook test-playbook.yml

Testing the Setup

Verify your Ansible control node is working correctly with these commands

# Test connectivity to all hosts
ansible all -m ping

# Check system facts
ansible all -m setup

# Run a simple command
ansible all -a "uptime"

# Test with sudo privileges
ansible all -b -a "systemctl status ssh"

Conclusion

You have successfully installed and configured an Ansible control node on a Linux machine. The setup includes proper SSH authentication, inventory configuration, and basic testing procedures. Your control node is now ready to manage remote hosts efficiently through automated playbooks and ad-hoc commands.