Ansible Setup For CentOS
In our last post on Ansible Series, we read about Why Ansible Automation.
Prerequisites for Ansible Setup
As Ansible is based on agentless Model, we just need to install Ansible on one server which is called “Ansible Controller Node or Master Node or Central Management Server”. Before Ansible Installation, lets clear some facts about Ansible:
- Ansible by default manages machines over the SSH protocol i.e PORT 22 (For Linux OS).
- Python packages (with lasest OS’s Python version 2.6 and 2.7) are the only prerequisites for Ansible Installation.
- EPEL (Extra Packages for Enterprise Linux) must be configured on your OS.
- As of now (Ansible 2.3 version) Ansible Controller Node can be installed only on Linux Based Operating systems like Red Hat, Debian, CentOS, Ubuntu and BSD OS’s. (Windows isn’t supported for the control machine).
- For Managed Nodes, there is no need to install any Ansible Agent. But there are some Python dependencies i.e compatible packages of Python (Python version 2.4 or later) are required for the proper functioning of Ansible on Managed Nodes.
Note: If you are running Python version less than 2.5 on the Managed Nodes, you will also need to install “python-simplejson”. - Operating System Package Repository (if internet is not available) or Controller node with Internet connectivity to download and install packages.
Ansible EPEL Configuration
Lets start with the EPEL repository setup on CentOS 7.3 to configure Ansible repository.
[root@ansible-managed ~]# cd /var/tmp [root@ansible-managed tmp]# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm --2017-08-31 15:58:15-- https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm Resolving dl.fedoraproject.org (dl.fedoraproject.org)... 209.132.181.23, 209.132.181.24, 209.132.181.25 Connecting to dl.fedoraproject.org (dl.fedoraproject.org)|209.132.181.23|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 14848 (14K) [application/x-rpm] Saving to: ‘epel-release-latest-7.noarch.rpm’ 100%[=============================================================>] 14,848 42.4KB/s in 0.3s 2017-08-31 15:58:17 (42.4 KB/s) - ‘epel-release-latest-7.noarch.rpm’ saved [14848/14848] [root@ansible-managed tmp]# ls -lrt epel-release-latest-7.noarch.rpm -rw-r--r--. 1 root root 14848 Jun 24 20:38 epel-release-latest-7.noarch.rpm[root@ansible-managed tmp]# rpm -ivh epel-release-latest-7.noarch.rpm warning: epel-release-latest-7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY Preparing... ################################# [100%] Updating / installing... 1:epel-release-7-10 ################################# [100%]Note: Even you will get the EPEL repository by default with CentOS 7.x versions.
Ansible Installation and Setup on Controller Node
EPEL is configured and now we are all set to install Ansible on our controller node.
[root@ansible-managed tmp]# yum list ansible Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.0x.sg * epel: kartolo.sby.datautama.net.id * extras: mirror.0x.sg * updates: mirror.0x.sg Available Packages ansible.noarch 2.3.1.0-1.el7 epel[root@ansible-managed tmp]# yum -y install ansible Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 docker-ce-stable | 2.9 kB 00:00:00 epel/x86_64/metalink | 6.2 kB 00:00:00 epel | 4.3 kB 00:00:00 extras | 3.4 kB 00:00:00 jenkins | 2.9 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/2): epel/x86_64/updateinfo | 817 kB 00:00:01 (2/2): epel/x86_64/primary_db | 4.8 MB 00:00:03 Loading mirror speeds from cached hostfile * base: mirror.0x.sg * epel: kartolo.sby.datautama.net.id * extras: mirror.0x.sg * updates: mirror.0x.sg Resolving Dependencies --> Running transaction check ---> Package ansible.noarch 0:2.3.1.0-1.el7 will be installed --> Processing Dependency: sshpass for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-six for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-setuptools for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-paramiko for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-keyczar for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-jinja2 for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-httplib2 for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: python-crypto for package: ansible-2.3.1.0-1.el7.noarch --> Processing Dependency: PyYAML for package: ansible-2.3.1.0-1.el7.noarch --> Running transaction check ---> Package PyYAML.x86_64 0:3.10-11.el7 will be installed --> Processing Dependency: libyaml-0.so.2()(64bit) for package: PyYAML-3.10-11.el7.x86_64 ---> Package python-httplib2.noarch 0:0.7.7-3.el7 will be installed ---> Package python-jinja2.noarch 0:2.7.2-2.el7 will be installed --> Processing Dependency: python-babel >= 0.8 for package: python-jinja2-2.7.2-2.el7.noarch --> Processing Dependency: python-markupsafe for package: python-jinja2-2.7.2-2.el7.noarch ---> Package python-keyczar.noarch 0:0.71c-2.el7 will be installed --> Processing Dependency: python-pyasn1 for package: python-keyczar-0.71c-2.el7.noarch ---> Package python-setuptools.noarch 0:0.9.8-4.el7 will be installed --> Processing Dependency: python-backports-ssl_match_hostname for package: python-setuptools-0.9.8-4.el7.noarch ---> Package python-six.noarch 0:1.9.0-2.el7 will be installed ---> Package python2-crypto.x86_64 0:2.6.1-13.el7 will be installed --> Processing Dependency: libtomcrypt.so.0()(64bit) for package: python2-crypto-2.6.1-13.el7.x86_64 ---> Package python2-paramiko.noarch 0:1.16.1-2.el7 will be installed --> Processing Dependency: python2-ecdsa for package: python2-paramiko-1.16.1-2.el7.noarch ---> Package sshpass.x86_64 0:1.06-1.el7 will be installed --> Running transaction check ---> Package libtomcrypt.x86_64 0:1.17-25.el7 will be installed --> Processing Dependency: libtommath >= 0.42.0 for package: libtomcrypt-1.17-25.el7.x86_64 --> Processing Dependency: libtommath.so.0()(64bit) for package: libtomcrypt-1.17-25.el7.x86_64 ---> Package libyaml.x86_64 0:0.1.4-11.el7_0 will be installed ---> Package python-babel.noarch 0:0.9.6-8.el7 will be installed ---> Package python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7 will be installed --> Processing Dependency: python-backports for package: python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch ---> Package python-markupsafe.x86_64 0:0.11-10.el7 will be installed ---> Package python2-ecdsa.noarch 0:0.13-4.el7 will be installed ---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed --> Running transaction check ---> Package libtommath.x86_64 0:0.42.0-5.el7 will be installed ---> Package python-backports.x86_64 0:1.0-8.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================= Package Arch Version Repository Size ======================================================================================================= Installing: ansible noarch 2.3.1.0-1.el7 epel 5.7 M Installing for dependencies: PyYAML x86_64 3.10-11.el7 base 153 k libtomcrypt x86_64 1.17-25.el7 epel 225 k libtommath x86_64 0.42.0-5.el7 epel 35 k libyaml x86_64 0.1.4-11.el7_0 base 55 k python-babel noarch 0.9.6-8.el7 base 1.4 M python-backports x86_64 1.0-8.el7 base 5.8 k python-backports-ssl_match_hostname noarch 3.4.0.2-4.el7 base 12 k python-httplib2 noarch 0.7.7-3.el7 epel 70 k python-jinja2 noarch 2.7.2-2.el7 base 515 k python-keyczar noarch 0.71c-2.el7 epel 218 k python-markupsafe x86_64 0.11-10.el7 base 25 k python-setuptools noarch 0.9.8-4.el7 base 396 k python-six noarch 1.9.0-2.el7 base 29 k python2-crypto x86_64 2.6.1-13.el7 epel 476 k python2-ecdsa noarch 0.13-4.el7 epel 83 k python2-paramiko noarch 1.16.1-2.el7 epel 258 k python2-pyasn1 noarch 0.1.9-7.el7 base 100 k sshpass x86_64 1.06-1.el7 epel 21 k Transaction Summary ======================================================================================================= Install 1 Package (+18 Dependent packages) Total download size: 9.7 M Installed size: 44 M Downloading packages: (1/19): PyYAML-3.10-11.el7.x86_64.rpm | 153 kB 00:00:00 warning: /var/cache/yum/x86_64/7/epel/packages/libtomcrypt-1.17-25.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY Public key for libtomcrypt-1.17-25.el7.x86_64.rpm is not installed (2/19): libtomcrypt-1.17-25.el7.x86_64.rpm | 225 kB 00:00:00 (3/19): python-babel-0.9.6-8.el7.noarch.rpm | 1.4 MB 00:00:00 (4/19): python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch.rpm | 12 kB 00:00:00 (5/19): python-httplib2-0.7.7-3.el7.noarch.rpm | 70 kB 00:00:00 (6/19): python-backports-1.0-8.el7.x86_64.rpm | 5.8 kB 00:00:00 (7/19): python-jinja2-2.7.2-2.el7.noarch.rpm | 515 kB 00:00:00 (8/19): python-keyczar-0.71c-2.el7.noarch.rpm | 218 kB 00:00:00 (9/19): python-markupsafe-0.11-10.el7.x86_64.rpm | 25 kB 00:00:00 (10/19): python-six-1.9.0-2.el7.noarch.rpm | 29 kB 00:00:00 (11/19): libtommath-0.42.0-5.el7.x86_64.rpm | 35 kB 00:00:02 (12/19): libyaml-0.1.4-11.el7_0.x86_64.rpm | 55 kB 00:00:02 (13/19): python2-crypto-2.6.1-13.el7.x86_64.rpm | 476 kB 00:00:00 (14/19): python2-pyasn1-0.1.9-7.el7.noarch.rpm | 100 kB 00:00:00 (15/19): sshpass-1.06-1.el7.x86_64.rpm | 21 kB 00:00:00 (16/19): python-setuptools-0.9.8-4.el7.noarch.rpm | 396 kB 00:00:01 (17/19): python2-ecdsa-0.13-4.el7.noarch.rpm | 83 kB 00:00:01 (18/19): python2-paramiko-1.16.1-2.el7.noarch.rpm | 258 kB 00:00:01 (19/19): ansible-2.3.1.0-1.el7.noarch.rpm | 5.7 MB 00:01:12 ------------------------------------------------------------------------------------------------------- Total 137 kB/s | 9.7 MB 00:01:12 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 Importing GPG key 0x352C64E5: Userid : \"Fedora EPEL (7) <[email protected]>\" Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5 Package : epel-release-7-10.noarch (installed) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Warning: RPMDB altered outside of yum. Installing : python-six-1.9.0-2.el7.noarch 1/19 Installing : python2-ecdsa-0.13-4.el7.noarch 2/19 Installing : sshpass-1.06-1.el7.x86_64 3/19 Installing : python-babel-0.9.6-8.el7.noarch 4/19 Installing : libtommath-0.42.0-5.el7.x86_64 5/19 Installing : libtomcrypt-1.17-25.el7.x86_64 6/19 Installing : python2-crypto-2.6.1-13.el7.x86_64 7/19 Installing : python2-paramiko-1.16.1-2.el7.noarch 8/19 Installing : python-backports-1.0-8.el7.x86_64 9/19 Installing : python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch 10/19 Installing : python-setuptools-0.9.8-4.el7.noarch 11/19 Installing : python2-pyasn1-0.1.9-7.el7.noarch 12/19 Installing : python-keyczar-0.71c-2.el7.noarch 13/19 Installing : python-httplib2-0.7.7-3.el7.noarch 14/19 Installing : python-markupsafe-0.11-10.el7.x86_64 15/19 Installing : python-jinja2-2.7.2-2.el7.noarch 16/19 Installing : libyaml-0.1.4-11.el7_0.x86_64 17/19 Installing : PyYAML-3.10-11.el7.x86_64 18/19 Installing : ansible-2.3.1.0-1.el7.noarch 19/19 Verifying : python-keyczar-0.71c-2.el7.noarch 1/19 Verifying : libyaml-0.1.4-11.el7_0.x86_64 2/19 Verifying : python-jinja2-2.7.2-2.el7.noarch 3/19 Verifying : libtomcrypt-1.17-25.el7.x86_64 4/19 Verifying : python-setuptools-0.9.8-4.el7.noarch 5/19 Verifying : python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch 6/19 Verifying : python-markupsafe-0.11-10.el7.x86_64 7/19 Verifying : python-httplib2-0.7.7-3.el7.noarch 8/19 Verifying : python2-ecdsa-0.13-4.el7.noarch 9/19 Verifying : python2-pyasn1-0.1.9-7.el7.noarch 10/19 Verifying : python-backports-1.0-8.el7.x86_64 11/19 Verifying : python2-paramiko-1.16.1-2.el7.noarch 12/19 Verifying : ansible-2.3.1.0-1.el7.noarch 13/19 Verifying : libtommath-0.42.0-5.el7.x86_64 14/19 Verifying : PyYAML-3.10-11.el7.x86_64 15/19 Verifying : python-babel-0.9.6-8.el7.noarch 16/19 Verifying : python-six-1.9.0-2.el7.noarch 17/19 Verifying : sshpass-1.06-1.el7.x86_64 18/19 Verifying : python2-crypto-2.6.1-13.el7.x86_64 19/19 Installed: ansible.noarch 0:2.3.1.0-1.el7 Dependency Installed: PyYAML.x86_64 0:3.10-11.el7 libtomcrypt.x86_64 0:1.17-25.el7 libtommath.x86_64 0:0.42.0-5.el7 libyaml.x86_64 0:0.1.4-11.el7_0 python-babel.noarch 0:0.9.6-8.el7 python-backports.x86_64 0:1.0-8.el7 python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7 python-httplib2.noarch 0:0.7.7-3.el7 python-jinja2.noarch 0:2.7.2-2.el7 python-keyczar.noarch 0:0.71c-2.el7 python-markupsafe.x86_64 0:0.11-10.el7 python-setuptools.noarch 0:0.9.8-4.el7 python-six.noarch 0:1.9.0-2.el7 python2-crypto.x86_64 0:2.6.1-13.el7 python2-ecdsa.noarch 0:0.13-4.el7 python2-paramiko.noarch 0:1.16.1-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7 sshpass.x86_64 0:1.06-1.el7 Complete! [root@ansible-managed tmp]#[root@ansible-managed tmp]# ansible --version ansible 2.3.1.0 config file = /etc/ansible/ansible.cfg configured module search path = Default w/o overrides python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
Ansible Configuration File
There are multiple ways to configure your Ansible Configuration file but we will stick to the default one which is present at location “/etc/ansible/ansible.cfg”. Incase you want to change any of the configuration parameter just change it in the Ansible Configuration file. Because of the agentless nature of Ansibe you even dont need to restart any services.
Ansible Inventory
Ansible Inventory represent which machines “Ansible Controller Node” should manage by defining it in a very simple plaintext file. By default Ansible look for the inventory at /etc/ansible/hosts. I strongly suggest you to go through the Ansible Default Inventory file as get familiar with different Managed Nodes patterns you can define with Ansible. Ansible users have complete flexibility to define Ansible inventory at any other location.
This is all about Ansible Installation and setup on CentOS 7.x, in next post we will demonstrate the installation and setup details on Ubuntu distribution.