How to install Ansible on RHEL8 / CentOS8
Ansible Linux

How to install Ansible on RHEL8 / CentOS8

In this article I am explaining Step-by-Step tutorial to install Ansible on RHEL/CentOS 8 Linux environment. We will setup a five-node environment with one controller node and two managed nodes. But before we start with the steps to install Ansible on RHEL8 or CentOS8, let us understand what is Ansible and how it works.

ANSIBLE

Ansible is the leading Open Source configuration management system. It makes it easy for administrators and operations teams to control thousands of servers from central machine without installing agents on them.

Ansible is the simplest to use and manage when compared to other configuration management systems such as Puppet, Chef and Salt. It is easy to install, learn, and use. The only dependency required on the remote server is SSH service and Python.

Advantages of Ansible

  • Free: Ansible is an open-source tool.
  • Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
  • Powerful: Ansible lets you model even highly complex IT workflows. 
  • Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
  • Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
  • Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.

Step 1: update /etc/hosts file

Update /etc/hosts file with the hostname and IP details of your controller and managed hosts in your setup.
ansible host file

Step 2: Install Ansible on RHEL8 & CentOS
I will share the steps to install Ansible on both RHEL8 and CentOS 8 using different methods:

Method1: Install Ansible on Red Hat Enterprise Linux 8

 
 
 
 
 
 
 
 
 
Register your system to Red Hat Subscription Manager.
[redaix@controller ~]$ sudo subscription-manager register
Set a role for your system.

[redaix@controller ~]$ sudo subscription-manager role --set="Red Hat Enterprise Linux Server"

Attach your Red Hat Ansible Engine subscripton


[redaix@controller ~]$ sudo subscription-manager list –available
Use the pool ID of the subscription to attach the pool to the system.
[redaix@controller ~]$ sudo subscription-manager attach –pool=8a85f98d6XX60ce6016eXXXX1e6a41d1
Enable the Red Hat Ansible Engine repository.
[redaix@controller ~]$ sudo subscription-manager repos –enable ansible-2-for-rhel-8-x86_64-rpms
Install Red Hat Ansible Engine.
[redaix@controller ~]$ sudo yum install ansible

Check the version of Ansible installed on your RHEL 8 system.

ansible version

Method2: Install Ansible using EPEL repo on CentOS 8

In this method first manually Install EPEL repo on CentOS 8 Linux Machine
[root@redaix ~]# dnf -y install epel-release

Now once epel repo is installed you can search for ansiblepackage

ansible search in repo
So, you can now install ansible.noarch rpm on the controller node using dnf or yum

[root@redaix ~]# dnf install -y ansible.noarch

Method 3: Install Ansible using pip on CentOS8 / RHEL8

In the next method for CentOS8 / RHEL8 install ansbile you can also use pip. To install ansible via pip install the below rpms on your controller node:

[root@redaix ~]# dnf install python3 python3-pip -y

Next install ansible using pip3 as a normal user “redaix”

ansible install with pip tool

Note:

·       For python2, use : [redaix@redaix ~]$ pip2 install ansible –user
·       For python3, use : [redaix@redaix ~]$ pip3 install ansible –users

 Step 3: Create normal user

Create normal user on all the servers managed servers and controller server
In this article I am creating “redaix” user in controller node and managed nodes
Step 4: Create and distribute SSH keys to managed nodes

Now we must enable password less login between our controller node and all the managed hosts. So, we can configure passphrase-based login using ssh-keygenLogin or switch user to “redaix” and execute ssh-keygen in the below format.

ssh key generation
This will create public and private key pair in the home directory under ~/.ssh/. Now since we have a public and private key pair, copy public key to target managed server. We use ssh-copy-id as it saves time and performs all the tasks required to enable passphrase-based login.

[redaix@controller ~]$ ssh-copy-id servera

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/redaix/.ssh/id_rsa.pub”

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys

redaix@servera’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘servera'”
and check to make sure that only the key(s) you wanted were added.

Repeat the same procedure for other managed nodes.

Verify password less SSH authentication

The ssh-copy-id command will copy the public key we just created to servera and serverb and append the content of the key to ansible user’s authorized_keys file under ~/.ssh.

You can perform a ssh to managed host to make sure you can connect to the server without giving any password or passphrase.

[redaix@controller ~]$ ssh servera date

Fri Apr 24 07:30:56 IST 2020

So, we were able to connect to our serveramanaged host without any password here.

Step 5: Configure privilege escalation using sudo

Since our redaix user would need privilege escalation we will create a new rule for redaix user using a new file under /etc/sudoers.d

[root@controller ~]# echo “redaix ALL=(ALL) NOPASSWD: ALL” >> /etc/sudoers.d/redaix

[root@controller ~]# cat /etc/sudoers.d/redaix
redaix ALL=(ALL) NOPASSWD: ALL

Add the same rule on all your managed hosts
[root@servera ~]# echo "redaix ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/redaix

[root@serverb ~]# echo "redaix ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/redaix
[root@serverc ~]# echo "redaix ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/redaix
[root@serverd ~]# echo "redaix ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/redaix
Step 6: Deploying or Configure Ansible
Building an Ansible Inventory:
An inventory defines a collection of hosts that Ansible will manage. These hosts can also be assigned to groups, which can be managed collectively. Groups can contain child groups, and hosts can be members of multiple groups. The inventory can also set variables that apply to the hosts and groups that it defines.
Inventory image

Managing Ansible Configuration file

We will create an ansible.cfg, In this we identify how to connect remote hosts.

To list the matching hosts using our inventoryfile use below command.

You can use ping module to test Ansible and after successful run you can see the below output.

Step 7: Running ad-hoc commands

Ad hoc commands in Ansible are used to perform tasks or operations that are needed on an ad hoc basis, or only once, based upon the requirement.

Congratulations…!! you have successfully installed Ansible, please comment below if you have any questions and quaries….!!!

 

You can view video here and subscribe to my channel.
https://youtu.be/Jv8qmxyvyZY
 

 
Share
Facebook Twitter Pinterest Linkedin

Related Posts

9 thoughts on “How to install Ansible on RHEL8 / CentOS8

  6. I have observed that rates for internet degree experts tend to be an excellent value. For example a full 4-year college Degree in Communication from The University of Phoenix Online consists of 60 credits at $515/credit or $30,900. Also American Intercontinental University Online provides a Bachelors of Business Administration with a total education course element of 180 units and a tariff of $30,560. Online studying has made having your diploma been so detailed more than before because you could earn your current degree from the comfort of your home and when you finish from office. Thanks for all the tips I have certainly learned from your web-site.

  8. Hello, I hope you’re well. I’m reaching out because I believe you’d be interested in a product known as Jasper AI. It is a robotic writer powered by cutting-edge AI technology that can curate content 5x quicker than a typical human copywriter. With Jasper AI, you receive 100 original content material with zero plagiarism flags that are accurately written. You also get pre-written templates on specific categories. Jasper AI writes SEO-friendly content material, which indicates all the content material that you get by utilizing Jasper AI is optimized and ready to attract sales.You can try it out at no cost right here: Jasper AI. I’d really love to hear your thoughts once you have tested it out.

Leave a Reply

Your email address will not be published. Required fields are marked *