Ansible provisioning, configuration management, and application-deployment tool dev

Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code.

Ansible websiteopen in new window GitHubopen in new window

Setup and configuration have been tested on the following operating systems:

  • Ubuntu 20.04 (Focal Fossa), Rocky 8.4 (Green Obsidian)
  • Ansible 2.9.6

ko-fiopen in new window

Configuration files

Prerequisites

Prerequisites for Ansible.

Install Ansible

server@ubuntu:~$ sudo apt-get update && \
sudo apt-get -y upgrade && \
sudo apt-get install -y ansible
server@rocky:~$ sudo yum -y update && \
sudo yum -y upgrade && \
sudo yum install -y ansible

Server configuration

server@ubuntu:~$ sudo nano /etc/ansible/hosts
server@rocky:~$ sudo nano /etc/ansible/hosts
[servers]
server1 ansible_host=192.168.0.2
server2 ansible_host=192.168.0.3
server3 ansible_host=192.168.0.4

[all:vars]
ansible_python_interpreter=/usr/bin/python3
[servers]
server1 ansible_host=192.168.0.2
server2 ansible_host=192.168.0.3
server3 ansible_host=192.168.0.4
server@ubuntu:~$ ansible all -m ping -u ansible
server@rocky:~$ ansible all -m ping -u ansible
Output
server1 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
server2 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
server3 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

Firewall settings

The firewall being used is UFW (Uncomplicated Firewall). It is set by default to deny incoming traffic, allow outgoing traffic and allow port 22 (OpenSSH). Read more about UFW hereopen in new window.

UFW Settings
server@ubuntu:~$ sudo ufw default deny incoming
server@ubuntu:~$ sudo ufw default allow outgoing
server@ubuntu:~$ sudo ufw allow 22
server@ubuntu:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
1
2
3
4
5
6

Command-line