How to Install and Configure an Ansible Control Node – Part 2

Read Time: 3 minsCategories Ansible 1 Comment

In the previous topic, you learn about basic Ansible terminologies and basic concepts. In this topic (Part 2 of Ansible series), we will demonstrate how you can install and configure an Ansible control node on RHEL 8.

In our setup, we are going to use 1 Ansible server and 2 remote Linux nodes:

Control Node 1: RHEL 8 Server     IP: 192.168.0.108         Ansible Server
Managed Host 1: Debian 10         IP: 192.168.0.15          Webserver
Managed Host 2: CentOS 8          IP: 192.168.0.200	    Database Server

What is an Ansible Control Node?

A control node is a Linux server that has Ansible installed on it and is used for managing remote hosts or nodes. These remote systems are known as Managed Hosts or Managed nodes.

In the setup above, the control node is the RHEL 8 server on which Ansible will be installed and Debian 10 & CentOS 8 are the managed hosts.

NOTE: Ansible is only installed on the control node and not the managed hosts.

Step 1: Installing Python 3

By default, RHEL 8 comes with Python 3 and you can verify the version of Python installed on your server by running.

# python3 -V
Check Python Version
Check Python Version

If for whatever reason Python3 is not installed, install it using the following dnf command.

# dnf install python3
Install Python3 in RHEL 8
Install Python3 on RHEL 8

If multiple versions of Python exist on your RHEL 8 system, you can set Python 3 as the default Python version by running.

# alternatives --set python /usr/bin/python3
Set Default Python Version
Set Default Python Version

Step 2: Enable Official RedHat Repository

After installing Python3, make sure that you have enabled RedHat’s official repository for Ansible as shown below.

# subscription-manager repos --enable ansible-2.8-for-rhel-8-x86_64-rpms
Enable RedHat Ansible Repository
Enable RedHat Ansible Repository

NOTE: For the above command to work, ensure that you have registered your RHEL 8 for RedHat subscription.

Step 3: Install Ansible on RHEL 8

To install Ansible on the Control node which is our RHEL 8 system, run the command.

# dnf install ansible -y
Install Ansible in RHEL 8
Install Ansible in RHEL 8

Once installed, you can check the version of Ansible installed by running the command.

# ansible --version
Check Ansible Version
Check Ansible Version

Step 4: Creating a Static Host Inventory File

So far, we have successfully installed ansible on the Control Node which is our RHEL 8 server. The remote nodes to be managed by the control node need to be defined in a file called the inventory file. The inventory file is a plain text file that resides on the control node and consists of the remote hosts’ hostnames or IP addresses.

A static host file is a plain text file that contains a list of managed nodes defined by their IP addresses or hostnames. Let’s create a static file ‘hosts‘ in the /etc/ansible/ directory.

# vi /etc/ansible/hosts

Next, define a group or groups for your managed hosts. We have 2 managed hosts as earlier seen in the setup at the introduction of this topic. From the setup, the static host file will be defined as follows:

[webserver]
192.168.0.15

[database_server]
192.168.0.200

Save and exit the inventory file.

To list managed hosts run:

# ansible all -i hosts --list-hosts
Check Host Inventory File
Check Host Inventory File

Thus far, we have managed to install Ansible in the control node and define the managed hosts in a static Host file residing on the control node.

Next, we are going to see how we can manage or control our remote or managed hosts.

Step 5: Setup the Ansible Control Node to Connect with the Remote Nodes

For the Ansible control node (RHEL 8) to manage the remote host systems (Debian 10 and CentOS 8) we need to set up passwordless SSH authentication to the remote hosts. For this to happen, you need to generate an SSH key pair and save the public key to the remote nodes.

On the Ansible control node, log in as a normal user and generate the SSH key pair by running the command.

# su tecmint
$ ssh-keygen
Generate SSH Keys
Generate SSH Keys

Next, copy the public ssh key to remote nodes as shown.

$ ssh-copy-id [email protected]	        (For Debian 10 node)
$ ssh-copy-id [email protected]	        (For CentOS 8 node)
Copy SSH Key to Remote Host
Copy SSH Key to Remote Host

Having added the public keys to all of our remote nodes, we are going to issue a ping command from the Ansible Control node to ensure that they are reachable.

$ ansible -m ping all
Ping All Remote Nodes
Ping All Remote Nodes

From the output above, we can clearly see that the ping command was successful and we were able to test reachability to all the nodes.

Conclusion

In this guide, we successfully installed and set up Ansible on the control node running RHEL 8. We later defined the remote hosts in a static host file and configured the control node to connect and control the managed hosts by setting up SSH passwordless authentication.

Previous article:

How to Check Debian Linux Version

Next article:

How to Fix ‘semanage command’ Not Found Error in CentOS/RHEL
Photo of author
Ravi Saive
I am an experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

Related Posts

1 Comment

Leave a Reply

  1. I didn’t understand how managed nodes trust to control node. In this way any people can do this with their server, so they can connect my server. Don’t we have to authenticate the ansible control node at our local systems (managed nodes)?

    Reply

Leave a Reply to ahmet Cancel reply

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.