Sign in Subscribe

Ansible: Introduction

Last updated on 
  • Ansible controller: 10.10.10.127
  • Webserver: 10.10.10.128
  • DB server: 10.10.10.129

Generate SSH-Key in ansible-controller

ssh-keygen -t ed25519 -C "ansible-controller"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/root/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_ed25519
Your public key has been saved in /root/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:w+iu+LtojuymDhMoGJ7tnGLhUcGKEBsVjC0DsE6wobQ ansible-controller
The key's randomart image is:
+--[ED25519 256]--+
|XB+o             |
|O*+..            |
|OE..             |
|Bo+    o         |
|=* .  . S        |
|o.= ..   .       |
|o+ +  .          |
|++oo .           |
|B*+.=+.          |
+----[SHA256]-----+

Distribute SSH-Key to other machine

ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_ed25519.pub"
The authenticity of host '10.10.10.128 (10.10.10.128)' can't be established.
ED25519 key fingerprint is SHA256:cexQ8SS1HT3UiQZTiNsz+Oi432GJvGnn2OoRzokrQ28.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

1. Create Inventory File

Create a file named hosts.ini:

[webservers]
10.10.10.128

[dbservers]
10.10.10.129

2. Test Connection to All Hosts

ansible all -i hosts.ini -m ping

10.10.10.128 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
10.10.10.129 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
  • This will send a ping to both servers using Ansible.

3. Run Ad-Hoc Command on Webserver (Example: Check uptime)

ansible webservers -i hosts.ini -m command -a "uptime"

10.10.10.128 | CHANGED | rc=0 >>
 13:41:39 up 14 min,  2 users,  load average: 0.21, 0.20, 0.13

4. Run Ad-Hoc Command on DB server (Example: Check disk space)

ansible dbservers -i hosts.ini -m command -a "df -h"

10.10.10.129 | CHANGED | rc=0 >>
Filesystem      Size  Used Avail Use% Mounted on
tmpfs           193M  1.0M  192M   1% /run
/dev/vda1       2.9G  1.9G  947M  68% /
tmpfs           961M     0  961M   0% /dev/shm
tmpfs           5.0M     0  5.0M   0% /run/lock
/dev/vda16      881M   62M  758M   8% /boot
/dev/vda15      105M  6.2M   99M   6% /boot/efi
tmpfs           193M   12K  193M   1% /run/user/1000

5. Run Command on All Hosts (Update package lists)

ansible all -i hosts.ini -m shell -a "sudo apt update"

10.10.10.128 | CHANGED | rc=0 >>
Hit:1 http://archive.ubuntu.com/ubuntu noble InRelease
Get:2 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Get:3 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
Get:4 http://archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB]
Get:5 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [1350 kB]
Get:6 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [1083 kB]
Get:7 http://archive.ubuntu.com/ubuntu noble-updates/main Translation-en [269 kB]
Get:8 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Components [175 kB]
Get:9 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [1123 kB]
Get:10 http://archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [288 kB]
Get:11 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Components [377 kB]
Get:12 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Packages [1723 kB]
Get:13 http://archive.ubuntu.com/ubuntu noble-updates/restricted Translation-en [383 kB]
Get:14 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Components [212 B]
Get:15 http://archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Packages [33.2 kB]
Get:16 http://archive.ubuntu.com/ubuntu noble-updates/multiverse Translation-en [6772 B]
Get:17 http://archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Components [940 B]
Get:18 http://archive.ubuntu.com/ubuntu noble-backports/main amd64 Packages [39.9 kB]
Get:19 http://archive.ubuntu.com/ubuntu noble-backports/main Translation-en [9152 B]
Get:20 http://archive.ubuntu.com/ubuntu noble-backports/main amd64 Components [7060 B]
Get:21 http://archive.ubuntu.com/ubuntu noble-backports/universe amd64 Packages [30.2 kB]
Get:22 http://archive.ubuntu.com/ubuntu noble-backports/universe Translation-en [17.4 kB]
Get:23 http://archive.ubuntu.com/ubuntu noble-backports/universe amd64 Components [19.2 kB]
Get:24 http://archive.ubuntu.com/ubuntu noble-backports/restricted amd64 Components [216 B]
Get:25 http://archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 Components [212 B]
Get:26 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [187 kB]
Get:27 http://security.ubuntu.com/ubuntu noble-security/main amd64 Components [21.6 kB]
Get:28 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [881 kB]
Get:29 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [195 kB]
Get:30 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [52.2 kB]
Get:31 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Packages [1631 kB]
Get:32 http://security.ubuntu.com/ubuntu noble-security/restricted Translation-en [361 kB]
Get:33 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Components [212 B]
Get:34 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Components [212 B]
Fetched 10.6 MB in 6s (1822 kB/s)
Reading package lists...
Building dependency tree...
Reading state information...
96 packages can be upgraded. Run 'apt list --upgradable' to see them.
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
10.10.10.129 | CHANGED | rc=0 >>
Hit:1 http://archive.ubuntu.com/ubuntu noble InRelease
Get:2 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
Get:3 http://archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Get:4 http://archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB]
Get:5 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [1350 kB]
Get:6 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [1083 kB]
Get:7 http://archive.ubuntu.com/ubuntu noble-updates/main Translation-en [269 kB]
Get:8 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Components [175 kB]
Get:9 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [1123 kB]
Get:10 http://archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [288 kB]
Get:11 http://archive.ubuntu.com/ubuntu noble-updates/universe amd64 Components [377 kB]
Get:12 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Packages [1723 kB]
Get:13 http://archive.ubuntu.com/ubuntu noble-updates/restricted Translation-en [383 kB]
Get:14 http://archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Components [212 B]
Get:15 http://archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Packages [33.2 kB]
Get:16 http://archive.ubuntu.com/ubuntu noble-updates/multiverse Translation-en [6772 B]
Get:17 http://archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Components [940 B]
Get:18 http://archive.ubuntu.com/ubuntu noble-backports/main amd64 Packages [39.9 kB]
Get:19 http://archive.ubuntu.com/ubuntu noble-backports/main Translation-en [9152 B]
Get:20 http://archive.ubuntu.com/ubuntu noble-backports/main amd64 Components [7060 B]
Get:21 http://archive.ubuntu.com/ubuntu noble-backports/universe amd64 Packages [30.2 kB]
Get:22 http://archive.ubuntu.com/ubuntu noble-backports/universe Translation-en [17.4 kB]
Get:23 http://archive.ubuntu.com/ubuntu noble-backports/universe amd64 Components [19.2 kB]
Get:24 http://archive.ubuntu.com/ubuntu noble-backports/restricted amd64 Components [216 B]
Get:25 http://archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 Components [212 B]
Get:26 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [187 kB]
Get:27 http://security.ubuntu.com/ubuntu noble-security/main amd64 Components [21.6 kB]
Get:28 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [881 kB]
Get:29 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [195 kB]
Get:30 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [52.2 kB]
Get:31 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Packages [1631 kB]
Get:32 http://security.ubuntu.com/ubuntu noble-security/restricted Translation-en [361 kB]
Get:33 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Components [212 B]
Get:34 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Components [212 B]
Fetched 10.6 MB in 6s (1638 kB/s)
Reading package lists...
Building dependency tree...
Reading state information...
97 packages can be upgraded. Run 'apt list --upgradable' to see them.
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

Tips

  • Make sure your SSH user and keys are set up so Ansible can login to those servers.
  • You can specify the user with -u username.

For example:

ansible all -i hosts.ini -m ping -u yourusername