Install and Use Ansible on Debian 11/10

Ansible is a free, open-source, and one of the popular automation and configuration management tool written in Python. In the field of technology, the concept of automation has been highly adopted in many organizations due to complex environments and the need to scale too quickly by system administrators and developers. This concept has made tools like Ansible, Puppet, Chef, Foreman, Katello, and CFEngine finding their use. From the automation tools named, ansible is the first of choice in any IT organization for managing UNIX-based systems due to the following features:

• Free and open-source
• It is easy to set up and use
• It is flexible as it allows orcherstartion on an entire environment no matter where it was deployed.
• Efficient as it does not need one to install other softwares or firewall ports
• It is powerful and can be used to model complex IT workflows
• Security and Compliance

For tasks orchestration to happen, ansible needs to be installed on one of the nodes. The managing node is known as the control node. This node will have the Ansible Playbook file. This is a YAML file that contains the steps which the user wants to execute on a particular machine/machines normally referred to as managed nodes.

This guide demonstrates how to install and Use Ansible on Debian 11/10.

Pre-requisites

For this guide, you will need the following:

• 3 servers – with a Debian11|10 control node
• a user with sudo privileges on all the servers

I will have my setup as below.

Step 1 – Install Ansible on Debian

In this guide, I will cover several ways to get Ansible installed on your Debian 11/10 control node.

1. Debian default upstream repository.
2. Ubuntu APT repository
3. Using pip (Python Package Manager)

In this guide, I will be using the vim text editor to create and edit various files

sudo apt update
sudo apt install vim

1a) Install Ansible on Debian using PIP

Ansible is also found on PIP(Python Package Manager). But first, we need to install Python and PIP to your system.

sudo apt-get install python3 python3-pip -y

Then use PIP to install Ansible as below.

sudo pip3 install ansible

Check the installed version

$ ansible --version
ansible [core 2.14.6]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

1b) Install Ansible on Debian from APT Repository.

Ansible exists in the default Debian repositories but the available versions are not up-to-date. Installing Ansible using this method is quite easy as it does not entail complex steps.

First, update your systems package index.

sudo apt update

Then proceed and install Ansible on Debian 11/10 as below.

sudo apt install ansible

Confirm your installation by checking the Ansible version installed.

$ which ansible
/usr/bin/ansible

$ ansible --version

1c) Install Ansible on Debian from Ubuntu APT Repository.

In this method, we are required to add a PPA repository to our Debian 11/10 system. First, install some requires dependencies as below.

sudo apt-get install gnupg2 curl wget -y

With the dependencies installed, now add the PPA repository as below.

sudo vim /etc/apt/sources.list

In the file, add the below line

deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main

The add the Ansible GPG key to your Debian 11/10 system as below.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367

Sample Output:

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.SzIqXbWidp/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
gpg: key 93C4A3FD7BB9C367: public key "Launchpad PPA for Ansible, Inc." imported
gpg: Total number processed: 1
gpg:               imported: 1

Now update your APT package index and install Ansible as below.

sudo apt-get update
sudo apt-get install ansible -y

Check the installed Ansible version:

ansible --version

Step 2 – Create Ansible Hosts Inventory file

After installing Ansible on your Control Node, the file /etc/hosts file is created automatically. In this file, we are required to add our managed nodes. You can also create your own inventory file in the home directory as below

In the file, add your managed nodes as below.

[Node1]
192.168.100.118 ansible_ssh_user=your_username
[Node2]
192.168.100.119 ansible_ssh_user=your_username

Remember to replace your_username with the username to use on the managed hosts. Then create the SSH fingerprints keys between the Control Node and Managed Nodes

From your Control Nodeconfigure the SSH keys

ssh-keygen -t rsa

Just press Enter till the end.

Then copy the public keys of your managed nodes as below

ssh-copy-id -i ~/.ssh/id_rsa.pub your_username@192.168.100.118
ssh-copy-id -i ~/.ssh/id_rsa.pub your_username@192.168.100.119

This allows your control node to manage the nodes without password authentication.

Step 3 – Working with Ansible

With ansible, one can manage the nodes with commands from your Control Node using the syntax below.

ansible -i [inventory_file] -m [module] [host]

Now test to see if the managed nodes have been added and are reachable.

sudo ansible -i ~/.hosts -m ping all

Sample Output.

Ping a specific host in the inventory file as below.

sudo ansible -i ~/.hosts -m ping Node1
###OR
sudo ansible -i ~/.hosts -m ping Node2

You can also check the available space using the free-m command as below

sudo ansible -i ~/.hosts -m shell -a "free -m" Node1

Sample Output:

You can also use the df-h command

sudo ansible -i ~/.hosts -m shell -a "df -h" Node2

Sample Output:

Install Applications with Ansible.

In this guide, we will do an installation on the managed nodes using a playbook file. We will install the Nginx Web Server, vim, and also check the system uptime on the Rocky Linux nodes, so we need to create this playbook file on the Control Node.

vim playbook.yaml

In the YAML file, add the below information.

---
- hosts: all
  become: yes
  tasks:
    - name: Install latest version of nginx on Rocky Linux Node
      yum: name=nginx state=latest
    - name: start nginx
      service:
          name: nginx
          state: started
    - name: Install latest version of vim on Rocky Linux Node
      yum: name=vim   state=latest
    - name: start nginx
      service:
          name: nginx
          state: started
    - name: Check uptime of the remote host
      shell: uptime
      register: command_output

    - debug:
             var: command_output.stdout_lines 

Now execute the playbook file as below.

ansible-playbook -i ~/.hosts playbook.yaml

Sample Output:

That is it! You have successfully installed Nginx on all the managed nodes. Confirm this by checking the status of Nginx on the managed nodes using the ansible command:

ansible -i ~/.hosts -m shell -a "systemctl status nginx" all

Sample output:

192.168.100.119 | CHANGED | rc=0 >>
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2021-09-27 09:43:55 EDT; 15s ago
  Process: 1789 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 1787 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 1786 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 1791 (nginx)
    Tasks: 2 (limit: 4937)
   Memory: 12.7M
   CGroup: /system.slice/nginx.service
           ├─1791 nginx: master process /usr/sbin/nginx
           └─1792 nginx: worker process

Sep 27 09:43:53 rockylinux8.linuxvmimages.local systemd[1]: Starting The nginx HTTP and reverse proxy server...
............

192.168.100.118 | CHANGED | rc=0 >>
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2021-09-27 09:43:55 EDT; 15s ago
  Process: 1787 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 1785 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 1784 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 1789 (nginx)
    Tasks: 2 (limit: 4937)
   Memory: 12.7M
   CGroup: /system.slice/nginx.service
           ├─1789 nginx: master process /usr/sbin/nginx
           └─1790 nginx: worker process

Sep 27 09:43:53 rockylinux8.linuxvmimages.local systemd[1]: Starting The nginx HTTP and reverse proxy server...
Sep 27 09:43:55 rockylinux8.linuxvmimages.local nginx[1785]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
.............

Conclusion.

That marks the end of this guide, we have installed and used Ansible on Debian 11/10. You have seen how working with ansible simplify complex tasks more so if you are working with a complex environment with tight margins. I hope you enjoyed it.

See more:

• How To Manage PostgreSQL Database with Ansible
• Install LAMP Stack on Ubuntu / Debian with Ansible
• Automate Windows Server & Windows Administration with Ansible
• Manage SELinux Status, Context, Ports and Booleans Using Ansible