Ansible is a powerful automation tool that simplifies IT infrastructure management. This project guides you through installing and configuring Ansible on a Linux server, enabling you to automate tasks and manage servers effectively.
In this hands-on project, you'll learn to:
- Install and configure Ansible on a control node
- Set up secure SSH key-based authentication
- Create and manage Ansible inventory files
- Test connectivity and run basic commands
- Understand the fundamentals of infrastructure automation
This project forms the foundation for more advanced Ansible topics like playbooks, roles, and complex infrastructure management.
- Control Node: A Linux server or virtual machine (Ubuntu/Debian preferred)
- Target Node(s): At least one additional Linux server/VM to manage
- SSH Access: Ability to connect to target nodes via SSH
- User Privileges: Sudo access on the control node
- Network Connectivity: Both nodes must be able to communicate
- Basic Linux command line skills
- Understanding of SSH connections
- Text editor familiarity (nano, vim, etc.)
- Screenshots of each major step
- Command outputs showing successful execution
- Inventory file configuration
- Ad-hoc command results demonstrating functionality
- Troubleshooting evidence (if issues occurred)
Objective: Ensure your system is ready for Ansible installation.
- Check Linux Distribution:
cat /etc/os-releaseExpected Output: Should show Ubuntu, Debian, or similar Linux distribution.
- Verify Sudo Access:
sudo whoamiExpected Output: Should return root (confirming sudo privileges).
- Check Network Connectivity:
ping -c 3 google.comExpected Output: Successful ping responses.
Objective: Ensure your system has the latest package information.
sudo apt updateWhat this does:
- Updates the local package index
- Retrieves information about available packages
- Shows download progress and any errors
Expected Output: List of packages that can be upgraded.
Objective: Install Ansible on the control node.
sudo apt install ansible -yCommand breakdown:
sudo: Run with administrative privilegesapt install: Package installation commandansible: The package name-y: Automatic "yes" to prompts
Expected Output:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
ansible
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 5,023 kB of archives.
After this operation, 8,214 kB of additional disk space will be used.
Objective: Confirm Ansible is properly installed.
ansible --versionExpected Output:
ansible [core 2.13.0]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.4 (main, Apr 2 2022, 09:04:19) [GCC 9.4.0]
Objective: Create SSH keys for passwordless authentication.
ssh-keygen -t rsaWhat to expect:
- System will prompt:
Enter file in which to save the key (/home/username/.ssh/id_rsa): - Press Enter to accept the default location
- System will prompt:
Enter passphrase (empty for no passphrase): - Press Enter twice (for no passphrase - easier for automation)
Expected Output:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa
Your public key has been saved in /home/username/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:ABC123...xyz789 username@hostname
The key's randomart image is:
+---[RSA 3072]----+
| .oo. |
| . o.o |
| o o . |
| + . |
| . o S |
| o + . |
| o |
| E |
| |
+----[SHA256]-----+
Objective: Enable passwordless SSH access to target machines.
ssh-copy-id username@target-server-ipCommand explanation:
ssh-copy-id: Securely copies your public key to the target serverusername: Your username on the target servertarget-server-ip: IP address or hostname of target server
What happens:
- You'll be prompted for the target server's password
- The public key gets added to
~/.ssh/authorized_keyson target - Future connections won't require passwords
Expected Output:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/username/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@target-server-ip's password:
Number of key(s) added: 1
Objective: Verify passwordless SSH works.
ssh username@target-server-ipWhat to expect:
- Should connect without prompting for password
- You'll see a welcome message or shell prompt
- Type
exitto return to control node
Expected Output: Direct login to target server without password prompt.
Objective: Organize your Ansible configuration files.
mkdir ~/ansible
cd ~/ansibleWhat this does:
- Creates a dedicated directory for Ansible files
- Changes to that directory for easier file management
Objective: Define which servers Ansible should manage.
nano inventory.iniAdd the following content:
[linux_servers]
target1 ansible_host=TARGET_IP_ADDRESS ansible_user=YOUR_USERNAME
target2 ansible_host=TARGET_IP_ADDRESS ansible_user=YOUR_USERNAME
[webservers]
target1
[databases]
target2File explanation:
[linux_servers]: Group name for all managed serversansible_host: IP address of the target serveransible_user: Username for SSH connections- Additional groups (
[webservers],[databases]) for organization
Save the file: Press Ctrl+O, Enter, then Ctrl+X
Objective: Verify Ansible can communicate with target nodes.
ansible -i inventory.ini linux_servers -m pingCommand breakdown:
-i inventory.ini: Specify inventory file locationlinux_servers: Target group from inventory-m ping: Use the ping module to test connectivity
Expected Output:
target1 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
What this means:
SUCCESS: Ansible connected successfullypong: Target server respondedchanged: false: No changes were made to the system
Objective: Execute a basic command across managed servers.
ansible -i inventory.ini linux_servers -m command -a "uname -a"Command explanation:
-m command: Use the command module-a "uname -a": Arguments to pass to the module
Expected Output: System information for each target server.
Objective: Demonstrate Ansible's ability to gather system information.
ansible -i inventory.ini linux_servers -m shell -a "df -h"Command explanation:
-m shell: Use shell module (supports piping, redirection)-a "df -h": Disk usage command with human-readable format
Expected Output: Disk usage information for each target server.
Objective: Check if specific services are running.
ansible -i inventory.ini linux_servers -m systemd -a "name=ssh state=started"Expected Output: SSH service status across all target servers.
| Problem | Symptoms | Solution |
|---|---|---|
| Permission Denied | ssh: Permission denied |
Check SSH key permissions (chmod 600 ~/.ssh/id_rsa), verify username, ensure key is in authorized_keys |
| Connection Refused | ssh: connect to host ... Connection refused |
Check if SSH service is running on target, verify firewall settings, confirm IP address |
| Host Key Verification Failed | Host key verification failed |
SSH into target manually first to accept host key, or use StrictHostKeyChecking=no |
| Ansible Command Failed | unreachable or failed |
Check inventory file syntax, verify SSH connectivity, ensure Python is installed on target |
| Sudo Access Issues | sudo: no tty present |
Use ansible_become: true in playbooks, or configure passwordless sudo |
| Module Not Found | module ... not found |
Install required Python modules on target: sudo apt install python3-pip |
# Test basic SSH connection
ssh -v username@target-server-ip
# Check SSH service status on target
ssh username@target-server-ip "systemctl status ssh"
# Verify Python installation on target
ssh username@target-server-ip "python3 --version"
# Test Ansible with verbose output
ansible -i inventory.ini linux_servers -m ping -vvv
# Check Ansible configuration
ansible-config viewFailed to connect to the host via ssh:
- Cause: SSH service not running, wrong IP/username, firewall blocking
- Solution: Check SSH service, verify credentials, check security groups/firewall
Permission denied (publickey,password)
- Cause: SSH key not properly configured or wrong username
- Solution: Regenerate and copy SSH keys, verify username in inventory
pong not received
- Cause: Ansible cannot execute Python on target
- Solution: Install Python:
sudo apt install python3
-
Prerequisites Verification
evidence-01-prereq-os-version.png- OS version checkevidence-02-prereq-sudo-access.png- Sudo privileges verificationevidence-03-prereq-network.png- Network connectivity test
-
Ansible Installation
evidence-04-ansible-install.png- Package installation processevidence-05-ansible-version.png- Version verification
-
SSH Configuration
evidence-06-ssh-keygen.png- SSH key generationevidence-07-ssh-copy-id.png- Public key distributionevidence-08-ssh-connection.png- Passwordless connection test
-
Ansible Configuration
evidence-09-inventory-file.png- Inventory file contentsevidence-10-directory-structure.png- Ansible directory structure
-
Testing and Commands
evidence-11-ping-test.png- Ansible ping module resultsevidence-12-system-info.png- System information commandevidence-13-disk-usage.png- Disk usage command resultsevidence-14-service-status.png- Service status check
All screenshots should be saved in the img/ directory with descriptive names:
evidence-XX-description.png- Include terminal prompts and outputs
- Ensure text is readable and commands are visible
- Control Node: Machine where Ansible is installed
- Managed Nodes: Servers configured and managed by Ansible
- Inventory: File defining managed hosts and groups
- Modules: Pre-written scripts for specific tasks
- Ad-hoc Commands: Single tasks executed immediately
- Public Key: Shared with remote servers
- Private Key: Kept secure on control node
- authorized_keys: File on target containing allowed public keys
- ping: Tests connectivity
- command: Executes single commands
- shell: Executes shell commands with piping/redirection
- systemd: Manages system services
# Create SSH config for easier connections
nano ~/.ssh/config
# Add:
Host target1
HostName TARGET_IP_ADDRESS
User YOUR_USERNAME
IdentityFile ~/.ssh/id_rsa
# Test with:
ansible -i inventory.ini linux_servers -m ping# View current Ansible configuration
ansible-config view
# Common customizations in ansible.cfg:
[defaults]
inventory = ~/ansible/inventory.ini
host_key_checking = False
remote_user = your_username
private_key_file = ~/.ssh/id_rsa[linux_servers]
target1 ansible_host=192.168.1.10 ansible_user=ubuntu ansible_ssh_private_key_file=/home/user/.ssh/id_rsa
target2 ansible_host=192.168.1.11 ansible_user=ubuntu
[linux_servers:vars]
ansible_python_interpreter=/usr/bin/python3
ansible_become=true
ansible_become_user=root- Prerequisites verified (OS, sudo, network)
- Ansible installed and version confirmed
- SSH keys generated and distributed
- Inventory file created with target servers
- Connectivity tested with ping module
- Ad-hoc commands executed successfully
- All screenshots captured for evidence
- Troubleshooting documented (if applicable)
With Ansible successfully configured, you can now:
- Write Your First Playbook: Create YAML files to automate complex tasks
- Install Software: Use Ansible to install packages across multiple servers
- Configure Services: Set up and manage web servers, databases, etc.
- User Management: Automate user creation and permission management
- File Management: Distribute configuration files and templates
By completing this project, you have:
✅ Installed and configured Ansible on a Linux server ✅ Established secure SSH communication with target nodes ✅ Created a functional inventory for server management ✅ Successfully executed Ansible commands across multiple servers ✅ Gained practical experience with infrastructure automation tools
Congratulations on setting up your Ansible automation environment! 🎉
This foundation will enable you to automate complex IT tasks, manage large-scale infrastructure, and streamline your DevOps workflows.
For questions or issues, refer to the troubleshooting section or consult the official Ansible documentation at docs.ansible.com.