How to Install Ansible on Debian 11 Server Tutorial (Step by Step)
How to Install Ansible on Debian 11 Server (Tutorial)
What is Ansible?
Ansible is an open source IT automation tool that developers use to automate provisioning, configuration management, application deployment, orchestration and several other IT processes. This software tool provides simple yet sturdy automation for cross platform computer support. The best part of Ansible server is that it does not depend on agent software and does not have additional security infrastructure, making it effortless to deploy.
Moreover, since it is entirely based on automation, users have to give it instructions to accomplish the jobs. Its primary contribution to the “Infrastructure as Code” movement enables IT professionals to maintain the server and client infrastructure as the same software development. It can be treated alongside repositories of self documenting, proven and executable solutions that are capable of running an organization even after experiencing staff changes.
Apart from being a leading tool for automation, system administration and DevOps, Ansible is also effective for everyday users. They can configure it potentially in a whole network of computers, with no programming skills required. The instructions are easy to understand for both beginners and experts.
Benefits of Ansible
The Ansible pros are as follows:
Simple To Learn
Ansible tool is highly a straightforward, which means it can be used both by professionals and beginners. Due to its simplicity, users can learn about this software effortlessly along with better productivity. Further, it also receives the support of comprehensive and effortless interpretable documentation.
Its lack of a dependency system enables you to execute Ansible tasks sequentially and stops when it identifies any error. This way, troubleshooting becomes a lot more efficient even when you are just learning about the software.
Python Based Software Tool
Unlike other competing solutions, Ansible is written in Python, making it effortless. It is because Python libraries are by default present on most Linux distributions. It is also a language that is effective for administration and scripting tasks. However, it module for extending the tool’s functionality can be written in any language as long as it is returning data in JSON format.
Lacks Dependency On Agents
Ansible is agentless in nature. It means that it can manage all the master agent communications through Standard SSH or Paramiko module. This module is a Python implementation of SSH2, which is essential for managing nodes. That is why it does not need any form of agents installed on remote systems for ensuring management. It results in the reduction of maintenance overheads and performance degradations.
Ansible Galaxy
The Ansible Galaxy portal serves as a central repository for finding, reusing and sharing Ansible content. For example, it helps in downloading reusable Roles for installing applications or server configuration. The downloads are ideal for use in a particular user’s playbooks and contribute substantially to an increase in deployment speed.
YAML Based Playbooks
Playbooks are the configuration files in Ansible, and their language is written in YAML format. It makes it a better alternative for configuration management and automation, thereby making it easy to read and support comments. The best thing about YAML is that it includes the use of anchors to refer to other items.
Follow this post to explain how to Install Ansible on Debian 11 Server (Tutorial).
Setup SSH Authentication Between Ansible Nodes
Ansible uses SSH protocol to connect to each remote server and execute tasks. So you will need to set up an SSH key based authentication between Ansible nodes.
First, log in to the Ansible controller node and generate an SSH key pair using the following command:
ssh-keygen -t rsa
Provide empty passphrash and hit Enter. You should see the following output:
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:hHi3oGEKyn1nb/a+mbGx0Vz3pyLfTlJePlhZWgZY1QE root@debian
The key's randomart image is:
+---[RSA 3072]----+
| E+o+|
| . . . ..|
|. + + o +|
|o..o + + . +o|
|...... oS o+o|
| . o . oo+oo|
| + +.+o.+|
| o o X+ .o|
| .@oo+ |
+----[SHA256]-----+
Next, verify the generated SSH key using the following command:
ls -l ~/.ssh/id_rsa*
You will get the following output:
-rw------- 1 root root 2590 Apr 22 07:03 /root/.ssh/id_rsa
-rw-r--r-- 1 root root 565 Apr 22 07:03 /root/.ssh/id_rsa.pub
Here you will need to copy the generated public key from the Ansible control node to both remote nodes:
ssh-copy-id root@192.168.0.100
ssh-copy-id root@192.168.0.101
Where: 192.168.0.100 and 192.168.0.101 are the IP address of the remote nodes.
After copying the SSH public key, verify the SSH authentication using the following command:
ssh root@192.168.0.100
ssh root@192.168.0.101
If everything is fine, you can log in to remote nodes without providing an SSH password.
How to Install Ansible on Debian 11 Server
Install Ansible on Debian
By default, the Ansible package is included in the Debian 11 default repository. You can verify it with the following command:
apt-cache policy ansible
You will get the following output:
ansible:
Installed: (none)
Candidate: 2.10.7+merged+base+2.10.8+dfsg-1
Version table:
2.10.7+merged+base+2.10.8+dfsg-1 500
500 http://debian.gtisc.gatech.edu/debian bullseye/main amd64 Packages
Please install the Ansible package by running the following command:
apt-get install ansible -y
After the successfully installation, verify the Ansible version and configuration file information using the following command:
ansible --version
Sample output:
ansible 2.10.8
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
Create Ansible Inventory File
By default, Ansible store its configuration file and inventory file at /etc/ansible/ansible.cfg and /etc/ansible/hosts respectively.
Here, we will create both files inside /root/ansible directory. First, create an ansible directory inside the root directory using the following command:
mkdir /root/ansible
Next, create an ansible configuration file:
nano /root/ansible/ansible.cfg
Add the following lines:
[defaults]
inventory=/root/ansible/inventory
remote_user=root
host_key_checking=False
become=True
become_user=root
become_ask_pass=False
Save and close the file then create an inventory file:
nano /root/ansible/inventory
Add your remote node’s IP address as shown below:
[apache]
192.168.0.100
[mariadb]
192.168.0.101
Save and close the file then export the Ansible new configuration path with the following command:
export ANSIBLE_CONFIG=/root/ansible/ansible.cfg
echo "export ANSIBLE_CONFIG=/root/ansible/ansible.cfg" >> ~/.profile
source ~/.profile
Now, change the directory to ansible and verify the Ansible new configuration path using the following command:
cd /root/ansible
ansible --version
You should see the following output:
ansible 2.10.8
config file = /root/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
How to Use Ansible Modules
There are a lot of built in modules available with Ansible. Ansible modules allow you to perform certain tasks on remote nodes via ad hoc commands. Here, we will show you how to use Ansible modules to manage remote nodes.
Verify Ansible Hosts Connectivity
Ansible ping module is used to check the ping connectivity test on all remote nodes which you have defined in your inventory file:
ansible -m ping all
This command will checks if all nodes are accessible and have valid SSH credentials. If everything is fine. You should get the following output:
192.168.0.101 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
192.168.0.100 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
Check Free Memory of Ansible Nodes
Next, use the “free -m” command module with a shell flag to run the “free -m” command on all remote nodes and check the free memory.
ansible -m shell -a "free -m" all
You should get the following output:
192.168.0.100 | CHANGED | rc=0 >>
total used free shared buff/cache available
Mem: 1982 499 82 2 1400 1297
Swap: 0 0 0
192.168.0.101 | CHANGED | rc=0 >>
total used free shared buff/cache available
Mem: 1982 499 82 2 1400 1297
Swap: 0 0 0
Install and Remove a Package on Ansible Node
Ansible apt module allows you to install and remove a specific package on the Ansible nodes. For example, to install a git package on the apache node, run the following command:
ansible -m ansible.builtin.apt -a "name=git state=present" apache
Once the package is installed successfully, you should get the following output:
192.168.0.100 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"cache_update_time": 1650608573,
"cache_updated": false,
"changed": false
}
To install a package named htop on the mariadb host, run the following command:
ansible -m ansible.builtin.apt -a "name=htop state=present" mariadb
You will get the following output:
192.168.0.101 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"cache_update_time": 1650608573,
"cache_updated": false,
"changed": true,
"stderr": "",
"stderr_lines": [],
"Setting up htop (3.0.5-7) ...",
"Processing triggers for man-db (2.9.4-2) ...",
"Processing triggers for mailcap (3.69) ...",
"Processing triggers for libc-bin (2.31-13+deb11u2) ..."
]
}
To remove a package named htop from the mariadb host, run the following command:
ansible -m ansible.builtin.apt -a "name=htop state=absent" mariadb
Display File Content on Ansible Nodes
You can use the shell module to run the “cat /etc/hosts” command on the mariadb host and display its content:
ansible -m shell -a "cat /etc/hosts" mariadb
Sample output:
192.168.0.101 | CHANGED | rc=0 >>
127.0.0.1 localhost
192.168.0.101 debian
How to Use Ansible Playbooks
Ansible Playbook is a file where you can write Ansible code to perform repeatable tasks and configuration management. It is written in YAML format that defines work for a server configuration managed by Ansible.
Here, we will create an Ansible playbook named install.yaml to install Apache and PHP on the Apache host and MariaDB on the mariadb host.
Let’s create an install.yaml file inside the ansible directory:
nano /root/ansible/install.yaml
Add the following code:
---
- name: Playbook to Install Apache on apache node.
hosts:
- apache
tasks:
- name: Install apache and php
package:
name:
- apache2
- php
state: present
- name: Playbook to Install MariaDB database server on mariadb node.
hosts:
- mariadb
tasks:
- name: Install mariadb
package:
name:
- mariadb-server
- mariadb-client
state: present
Save and close the file. Then, navigate to the ansible directory and run the Ansible playbook using the following command:
cd /root/ansible
ansible-playbook install.yaml
If the playbook has been executed successfully. You should get the following output:
PLAY [Playbook to Install Apache on apache node.] ********************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************
ok: [192.168.0.100]
TASK [Install apache and php] ****************************************************************************************************************
changed: [192.168.0.100]
PLAY [Playbook to Install MariaDB database server on mariadb node.] **************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************
ok: [192.168.0.101]
TASK [Install mariadb] ***********************************************************************************************************************
changed: [192.168.0.101]
PLAY RECAP ***********************************************************************************************************************************
192.168.0.100 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.0.101 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
To verify the installed package on Ansible nodes, run the following command:
ansible -m shell -a 'dpkg -l | grep -E "apache2"' apache
Sample output:
192.168.0.100 | CHANGED | rc=0 >>
ii apache2 2.4.53-1~deb11u1 amd64 Apache HTTP Server
ii apache2-bin 2.4.53-1~deb11u1 amd64 Apache HTTP Server (modules and other binary files)
ii apache2-data 2.4.53-1~deb11u1 all Apache HTTP Server (common files)
ii apache2-utils 2.4.53-1~deb11u1 amd64 Apache HTTP Server (utility programs for web servers)
ii libapache2-mod-php7.4 7.4.28-1+deb11u1 amd64 server-side, HTML-embedded scripting language (Apache 2 module)
Great job! You have learned the steps to Install Ansible on Debian 11 Server.
How to Install Ansible on Debian 11 Server (Tutorial) Conclusion
In this guide, we explained how to install Ansible on Debian 11 server. We also setup an inventory file to execute commands from an Ansible control node. We also create and run a playbook to automate package installation. I hope this guide will help you to manage multiple nodes from the central location.
