Ansible Server Automation: How to Automate Server Configuration. Did you want to learn more about automation of Ansible? We welcome you to learn about it below. In today’s world automation is very much an integral part of system administration. Modern application environments are often disposable and require quick and efficient server setup.
To achieve this, Ansible was created to streamline automating server setup by establishing standard procedures for new servers, saving time, and reducing the likelihood of human error associated with manual configurations.
Follow this post to read about benefits of automating server configuration with Ansible. We then show you how to automate remote server configuration with Ansible.
What is Ansible?
We should know, that Ansible is a Python based open source command line IT automation software program that helps to configure systems, deploy software, and demonstrate complex workflows to support application deployment, system updates, and other tasks.
Are you aware, that this is one of the must have tools for DevOps engineers and network engineers? Why? Well, it offers a centralized control system that makes managing and monitoring infrastructure easier from a single interface. Moreover, Ansible saves you time, decreases errors, and increases the overall efficiency of your infrastructure operations by applying Ansible Automation.
Benefits of Automating Server Configuration with Ansible
1. It Reduces Manual Work
We very well know, that manual work is not a feasible solution for a long time or in a growing company. Especially for maintaining the entire infrastructure and server configuration. Organizations shall minimize repetition and error-prone manual server setup activities by using Ansible’s extensive automation features. This improves operational efficiency and reduces the possibility of human error, resulting in increased system reliability. Ansible’s declarative language defines infrastructure as code, improving consistency across servers and ensuring settings are easily reproducible. Furthermore, IT teams are able to concentrate on more strategic and sophisticated activities to construct a more agile and robust infrastructure.
2. Seamless Configuration Management
In this instance, Ansible provides a unified platform for configuration tasks, allowing administrators to manage and deploy changes across multiple servers effortlessly. This means consistency in configurations, reduction of discrepancies and enhancement of overall system stability. What is more, Ansible’s agentless architecture further simplifies the process, allowing for easy scaling without additional installations on target servers. Hence, you may easily achieve a streamlined and efficient configuration management solution, whilst promoting agility, reliability, and ease of maintenance in your IT infrastructure.
3. Handles Repetitive Processes using Automation
we are aware, that Ansible reduces the requirement for manual intervention in server deployment and management. This not only speeds up the configuration process but also decreases the chances of errors caused by repetitive manual work. This tool assures server consistency, allowing for quick and dependable configuration updates. As a result, IT departments can reallocate resources to more strategic activities, increasing productivity and promoting a more responsive and scalable infrastructure. Ansible’s ability to handle repetitive procedures is a significant advantage for enterprises looking for streamlined and error-free server settings.
4. Improved Efficiency and Work Productivity
The automation capabilities of Ansible make the server deployment and management process by decreasing the time and effort necessary for repetitive activities. IT teams can achieve consistent and error-free results in less time by automating configuration processes, increasing operational efficiency. This eventually speeds up your workflows and allow IT workers to concentrate on more strategic parts of their jobs. With this increase in efficiency and productivity, Ansible has become a significant tool for enterprises looking to streamline their server configuration operations.
5. Supports Multi Cloud Environment
Ansible’s versatility extends across various cloud platforms, enabling consistent configuration management regardless of the provider. This ensures adaptability and flexibility in deploying and managing servers across diverse cloud infrastructures. With a unified approach to configuration tasks, Ansible simplifies the complexities associated with multi cloud environments, promoting interoperability and minimizing vendor lock-in. This capability allows organizations to utilize the benefits of different cloud services while maintaining a cohesive and automated server configuration strategy and resource optimization in today’s dynamic IT landscapes.
Ansible Server Automation: How to Automate Server Configuration with Ansible
Read our step-by-step guide below that shows you automating server configuration using Ansible.
Prerequisites
- One Ubuntu 22.04 server for the Ansible control node and another for target node
- A root user or a user with sudo privileges
Step 1 - Install Ansible
Before starting, Ansible should be installed on your control node. If it is not installed, follow the below steps to install Ansible.
First, add the Ansible repository using the following command.
apt-add-repository ppa:ansible/ansible
Once the repository is updated, you can install the Ansible using the following command.
apt install ansible -y
Now verify the Ansible installation using the following command.
ansible --version
You see the following output.
ansible [core 2.14.6]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/vyom/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/vyom/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3)
jinja version = 3.0.3
libyaml = True
Step 2 - Configure Ansible Control Node
Next step is to edit Ansible main configuration file and define the IP address of your target server.
nano /etc/ansible/hosts
Add the following line:
[server]
remoteserver ansible_host=remote-server-ip
Save and close the file, then verify the Ansible inventory using the following command.
ansible-inventory --list
You will see your remote host information in the following output.
Step 3 - Update Repository
On a fresh Linux system, it is always recommended to update the APT repository cache to get the latest package version. Let’s create a playbook to update the APT repository on the target server.
nano update-repo.yaml
Add the following content.
---
- name: Update APT Repository
hosts: remoteserver
tasks:
- name: Update APT cache
become: yes
apt:
update_cache: yes # Update the APT package cache
Save and close the file, then run the playbook using the following command.
ansible-playbook update-repo.yaml -u root -k
You will see the following screen.
Step 4 - Add a Sudo User to Setup Tasks
Running a playbook using a root user is not advisable for security reasons. So, it is always recommended to create a user with sudo privileges to execute the remote tasks via the playbook.
Let’s create a playbook to add a Sudo user on the target server.
nano add-sudo-user.yaml
Add the following content.
- name: Setup Sudo User
hosts: remoteserver
tasks:
- name: Setup passwordless sudo
lineinfile:
path: /etc/sudoers
state: present
regexp: ^%sudo
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: "/usr/sbin/visudo -cf %s"
- name: Create a new sudo user
user:
name: 'adminuser'
state: present
groups: sudo
append: true
create_home: true
Save and close the file, then run the above playbook.
ansible-playbook add-sudo-user.yaml -u root -k
You will see the following screen.
Step 5 - Configure SSH keys for the Sudo user
Next, you must implement passwordless authentication between the Ansible and remote nodes. So you can execute any task without providing a password. To achieve this, you must create an SSH key, copy it to the remote server, and disable the root password login.
Let’s create a playbook for this task.
nano configure-ssh.yaml
Add the following content.
- name: Setup SSH Key
hosts: remoteserver
tasks:
- name: Set authorized key for remote user
ansible.posix.authorized_key:
user: adminuser
state: present
key: "{{ lookup('file', lookup('env','HOME') + 'https://net.cloudinfrastructureservices.co.uk/.ssh/id_rsa.pub') }}"
- name: Disable password authentication for root
lineinfile:
path: /etc/ssh/sshd_config
state: present
regexp: '^#?PermitRootLogin'
line: 'PermitRootLogin prohibit-password'
Save and close the file then run the playbook.
ansible-playbook configure-ssh.yaml -u root -k
You see the following screen after the successful playbook execution.
Step 6 - Install Basic Packages on the Target Server
It is also recommended to install some essential packages such as wget, curl, nano, git, and ufw should be installed on the target server. Let’s create a playbook to install those packages.
nano install-basic-packages.yaml
Add the following content.
- name: Run playbook as an admin user.
hosts: remoteserver
become: true
vars:
default_username: adminuser
tasks:
- name: Update apt and install required system packages
apt:
pkg:
- curl
- wget
- git
- ufw
- nano
state: latest
update_cache: true
Save the file, then run the above playbook using the adminuser.
ansible-playbook install-basic-packages.yaml -u adminuser
You see the following screen:
Step 7 - Configure Firewall on Remote Server
I would also recommend implementing a UFW firewall on the target server to secure your server from attack. You can create a playbook to implement the UFW firewall for SSH.
nano firewall.yaml
Add the following content.
- name: Run playbook as an admin user.
hosts: remoteserver
become: true
vars:
default_username: adminuser
tasks:
- name: Allow SSH via UFW
community.general.ufw:
rule: allow
name: OpenSSH
- name: UFW - Enable and deny by default
community.general.ufw:
state: enabled
default: deny
Save the file, then run the playbook to implement the UFW firewall.
ansible-playbook firewall.yaml -u adminuser
You will see the following screen.
Did you enjoy reading Ansible Server Automation: How to Automate Server Configuration? We hope we added to your knowledge base of Ansible.
Conclusion: Ansible Server Automation: How to Automate Server Configuration
This guide explained a detailed overview of automating basic initial server setup tasks using Ansible, such as creating a sudo user, setting up SSH passwordless authentication, implementing UFW rules, and installing basic packages. You can also create a new playbook and add new tasks to customize your initial server setup further.
