DevOps Classroom notes 09/Jun/2026

Ansible Setup on Linux — Step-by-Step Guide

Prerequisites

  • Two Ubuntu Linux machines (e.g., node-1, node-2 on Azure/AWS)
  • SSH access with a user that has sudo privileges

Step 1: Connect to Your Linux Machine

ssh username@<your-server-ip>

Step 2: Update the System

sudo apt update && sudo apt upgrade -y

Step 3: Install Python

sudo apt install python3 python3-pip -y
python3 --version   # verify

Step 4: Install Ansible

sudo apt install software-properties-common -y
sudo add-apt-repository --yes --update ppa:ansible/ansible
sudo apt install ansible -y
ansible --version   # verify

Step 5: Create the ansible User

sudo adduser ansible

Enter a password when prompted and fill in (or skip) the optional details.

Step 6: Grant ansible User Sudo Permissions (Passwordless)

As per industry standard, the Ansible user should have passwordless sudo/privilege escalation on all nodes.

echo "ansible ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ansible
sudo chmod 440 /etc/sudoers.d/ansible

sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config.d/60-cloudimg-settings.conf && sudo systemctl restart ssh

Verify it works:

su - ansible
sudo whoami   # should print: root

Step 7: Set Up SSH Key-Based Auth for ansible User

On your control machine (laptop/workstation):

ssh-keygen -t ed25519 -f ~/.ssh/ansible_key
ssh-copy-id -i ~/.ssh/ansible_key ansible@<node-1-ip>
ssh-copy-id -i ~/.ssh/ansible_key ansible@<node-2-ip>

Test passwordless login:

ssh -i ~/.ssh/ansible_key ansible@<node-1-ip>
ssh -i ~/.ssh/ansible_key ansible@<node-2-ip>

Step 8: Verify Ansible Connectivity

Create a quick inventory file:

# inventory.ini
[nodes]
<node-1-ip>
<node-2-ip>
[nodes]
node1 ansible_host=192.168.1.10 ansible_user=ansible

Run a ping test:

ansible -i inventory.ini all -m ping --user ansible --private-key ~/.ssh/ansible_key
ansible all -m ping
ansible nodes -m ping
# check inventory is correct
ansible nodes --list-hosts

# ping with verbose output
ansible nodes -m ping -v

# ping with explicit user and key
ansible nodes -m ping -u ansible --private-key ~/.ssh/id_ed25519

You should see pong back from each node — you’re all set!

How Ansible Uses SSH (Background)

  • Ansible reads IP addresses and credential info from the inventory file
  • Internally runs an SSH command to connect to each node
  • Generates a temporary Python script for your configuration and copies it to the node
  • Python on the node executes the script and returns output via SSH
  • Ansible then cleans up the temporary files automatically

redhat

# 1. Create the user 'ansible'
sudo useradd -m -s /bin/bash ansible

# 2. Set password for 'ansible'
echo "ansible:YourPasswordHere" | sudo chpasswd

# 3. Add 'ansible' to sudo group
sudo usermod -aG sudo ansible

# 4. Enable password authentication in SSH
sudo sed -i 's/^#PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config

# 5. Restart SSH service to apply changes
sudo systemctl restart sshd

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Media Icons Powered by Acurax Web Design Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Exit mobile version
%%footer%%