Ansible

Ansible: Installation and First Use

Jul 6, 2024 • 4 min read

TLDR;

sudo apt install python3-pip sshpass
sudo pip install ansible
#PIP won't install packages on Ubuntu 24.04 so for that release you must use apt and be ok with the slightly older version.
#sudo apt install ansible
#What follows assumes you setup an ssh key and sudo is set to nopasswd for the user on the remote server.
#Get facts from server.
ansible all -u paul --private-key ~/.ssh/paul-ansible -b -i "192.168.42.5," -m gather_facts
#Do something useful, apply updates.
ansible all -u paul --private-key ~/.ssh/paul-ansible -b -i "192.168.42.5," -m apt -a "update_cache=true upgrade=full"

💡

If you are using Windows you will need to run Ansible in Windows Subsystem for Linux (WSL). A good overview of that will be published soon. Until then, here is someone else's guide for running WSL: https://learn.microsoft.com/en-us/windows/wsl/install

Installation

Ansible can be installed from most repositories, but the most current version will be available through pip or pipx. For example, at the time of writing, Ubuntu 22.04's default apt repository has ansible version 2.10.7 as the most current version but this guide installs version 2.16.6 via pip.

The first step is to make sure pip for python3 is installed. I'm also installing sshpass during this step. sshpass is a tool that allows you to script passwords being pushed to SSH. If you are using a private SSH Key then this package is not necessary.

sudo apt install python3-pip sshpass

After this, you can install Ansible using pip:

sudo pip install ansible

It is not normally advised to use sudo to do this. I do it out of habit. If you don't sudo then each user on the system has to install it separately. That isn't a big deal if you are using WSL to run this, but if you're hosting a central Linux server for management then it can make a difference because you want everyone using your playbooks to be using the same version of Ansible.

If you get an error about an "externally managed environment" then you have to use your distribution's package manager to install it. This is known to be the case with Ubuntu 24.04. (Maybe WSL Only?)

sudo apt install ansible

Now you can verify Ansible is installed: ansible --version

Using Ansible

The CLI Tool

The CLI tool is useful to get information or test a module. We will very quickly move on to playbooks which is the standard way to use Ansible.

The CLI Tool has many options but we will cover the most important subset:

Parameter	Variable	Purpose
-u	remote_user	User account used to establish the initial connection
--private-key	private_key_file	Private key file to authenticate the remote user
-k	ansible_ssh_pass	Prompts for a password (if not using key) to use for initial connection (The variable passes the password)
-b	become	Causes sudo to be used to change the context of root
--become-user	become_user	Causes sudo to be used to change context to the specified user
-K	become_pass	Prompts for a password to use during sudo (The variable passes the password)
-i	inventory	Passes a file, directory, or list of hosts to use in the inventory
-m	N/A	Module to execute
-a	N/A	variables to pass to the module

About passing inventory

The inventory variable/parameter can take a few different methods of input.

If a filename is passed then Ansible checks if it is a raw list of hosts, a YAML file, a JSON file, or an INI file. All except the raw list support grouping hosts.

If a directory is passed then Ansible parses all of the files in that directory like they were individually passed. They don't all have to be in the same format.

The last option is to pass a comma-delineated list of hosts. If you are passing just one host, you must have a comma following it. See the example in the next section.

Gathering Facts

Ansible has a built-in procedure to gather facts about a remote host. These facts are then used to filter or run commands. If you run from a command line the gather facts module then you can see what facts are gathered.

We will simplify this command in the next post, but for now, you view the facts gathered like this:

ansible all -u paul --private-key ~/.ssh/paul-ansible -b -i 192.168.42.5, -m gather_facts

First, ansible is the CLI tool executable name. Second, "all" instructs Ansible to run this against all hosts in the inventory. If you are using an inventory file, you can replace this with a group name. The other attributes can be seen in the table above.

Run this and see the results. It displays it in JSON and has a ton of data.

Doing Something Useful

Gathering Facts is great and provides plenty of information but Ansible is far more than an information-gathering tool.

Let's update our Linux server using the apt module:

ansible all -u paul --private-key ~/.ssh/paul-ansible -b -i 192.168.42.5, -m apt -a "update_cache=true upgrade=full"

This is very similar to our previous command, but it also defines parameters passed to the module.

Hopefully, you get a response back that you just updated your Linux server. You'll notice the stdout is returned and a field called "changed" which is "true" if anything was installed or updated. If so, run it again and you'll find it now equals false indicating nothing changed.

Next Steps

Now that you have Ansible installed and can have it do something, the next step is to create a data store for all of the files that will be associated with our playbooks.