How to Install and Configure Ansible on Rocky Linux 9

Introduction

Configuration guidance systems are designed to make controlling ample numbers of servers accessible for administrators and operations teams. They let you to power galore different systems successful an automated measurement from 1 cardinal location. While location are galore celebrated configuration guidance systems disposable for Linux systems, specified arsenic Chef and Puppet, these are often much analyzable than galore group want aliases need. Ansible is simply a awesome replacement to these options because it has a overmuch smaller overhead to get started.

Ansible useful by configuring customer machines from a machine pinch Ansible components installed and configured. It communicates complete normal SSH channels to retrieve accusation from distant machines, rumor commands, and transcript files. Because of this, an Ansible strategy does not require immoderate further package to beryllium installed connected the customer computers. This is 1 measurement that Ansible facilitates the management of servers: immoderate server that has an SSH larboard exposed tin beryllium brought nether Ansible’s configuration umbrella, sloppy of what shape it is astatine successful its life cycle.

Ansible takes connected a modular approach, making it imaginable to usage the functionality of the main strategy to woody pinch circumstantial scenarios. Modules tin beryllium written successful immoderate connection and pass successful modular JSON. Configuration files are chiefly written successful the YAML information serialization format owed to its expressive quality and its similarity to celebrated markup languages. Ansible tin interact pinch clients done either bid statement devices aliases done its configuration scripts called Playbooks.

Rocky Linux 9 is simply a free, community-driven distribution that is binary-compatible pinch Red Hat Enterprise Linux (RHEL) 9, which makes it a celebrated prime for an Ansible control node (the instrumentality that runs Ansible) and for the managed nodes (the servers Ansible configures). In this guide, you will instal Ansible connected a Rocky Linux 9 server, group up SSH key authentication, build an inventory of hosts, and tally your first ad-hoc commands and a basal playbook. By the end, you will person a moving power node that tin scope and negociate 1 aliases much distant Rocky Linux 9 servers.

Prerequisites

To travel this tutorial, you will need:

• One Ansible power node: The Ansible power node is the instrumentality you will usage to link to and power the Ansible hosts complete SSH. Your power node tin either beryllium your section instrumentality aliases a server dedicated to moving Ansible, though this guideline assumes your power node is simply a Rocky Linux 9 system. Make judge the power node has:

  • A non-root personification pinch sudo privileges. To group this up, you tin travel Steps 2 and 3 of our Initial Server Setup pinch Rocky Linux 9 guide. If you are utilizing a distant server arsenic your power node, you should travel every step of that guide.
  • An SSH keypair associated pinch this user. To group this up, you tin travel Step 1 of our guideline connected How to Set Up SSH Keys connected Rocky Linux 9.
  • Python 3 installed. Rocky Linux 9 includes Python 3.9 by default, which satisfies the request of ansible-core 2.14 for a power node.

• One aliases much Ansible hosts (managed nodes): An Ansible big is immoderate instrumentality that your power node is configured to automate. This guideline assumes your Ansible hosts are distant Rocky Linux 9 servers. Each managed node only needs Python 3 and SSH access; Ansible itself does not request to beryllium installed connected it. Make judge each big has:

  • The power node’s SSH nationalist cardinal added to the authorized_keys of a strategy user. This personification tin beryllium either root aliases a regular personification pinch sudo privileges. To group this up, you tin travel Step 2 of How to Set Up SSH Keys connected Rocky Linux 9.

Once you are done mounting everything up, you are fresh to statesman the first step.

Step 1: Installing Ansible

To statesman utilizing Ansible to negociate your various servers, you first request to instal the Ansible package connected the instrumentality that will service arsenic your power node.

On Rocky Linux 9, the Ansible motor is packaged arsenic ansible-core and lives successful the AppStream repository, which is enabled by default. This is simply a alteration from Rocky Linux 8, wherever the all-in-one ansible package was installed from EPEL. On Rocky Linux 9, the ansible package is nary longer provided by AppStream, truthful you instal the motor straight pinch dnf.

Before installing, you tin corroborate which type AppStream offers by querying the package:

1. sudo dnf info ansible-core

The output lists the campaigner type and the repository it comes from, akin to the following:

Output

Available Packages Name : ansible-core Epoch : 1 Version : 2.14.18 Release : 3.el9 Architecture : x86_64 Size : 2.2 M Source : ansible-core-2.14.18-3.el9.src.rpm Repository : appstream Summary : SSH-based configuration management, deployment, and task execution system URL : http://ansible.com License : GPLv3+ Description : Ansible is simply a radically elemental model-driven configuration management, : multi-node deployment, and distant task execution system. Ansible works : complete SSH and does not require immoderate package aliases daemons to beryllium installed : connected distant nodes. Extension modules tin beryllium written in immoderate connection and : are transferred to managed machines automatically.

With the type confirmed, instal ansible-core:

1. sudo dnf install ansible-core

Rocky Linux 9 ships ansible-core 2.14.x, and Red Hat holds this type for the remainder of the RHEL 9 lifecycle alternatively than advancing it pinch each insignificant release. This intends the AppStream type is unchangeable and well-tested but will not beryllium the newest merchandise disposable upstream. If you request a newer motor aliases the afloat organization postulation bundle, spot the alternatives below.

Installing a newer type from EPEL aliases pip

The default AppStream package installs only the halfway motor and a mini group of built-in modules. If you want the larger ansible organization package, which bundles ansible-core together pinch a curated group of organization collections, you person 2 main options.

The first action is the EPEL (Extra Packages for Enterprise Linux) repository. Enable it and instal the bundled package:

1. sudo dnf install epel-release
2. sudo dnf install ansible

Because the EPEL ansible package depends connected a compatible ansible-core, type mismatches betwixt AppStream and EPEL tin occasionally origin dependency errors. If dnf reports a conflict, for illustration a azygous root alternatively than mixing the two. Package readiness and versions successful EPEL tin besides alteration complete time, truthful you tin corroborate what is presently offered pinch sudo dnf hunt ansible earlier installing.

The 2nd action is pip, the Python package manager, which ever offers the astir caller release. Installing into a virtual situation keeps it isolated from the strategy packages:

1. python3 -m venv ~/ansible-venv
2. source ~/ansible-venv/bin/activate
3. pip install ansible

The standalone ansible package connected PyPI tracks the newest organization merchandise and pulls successful a caller ansible-core, truthful pip is the champion way erstwhile you specifically request the latest features. Because these versions beforehand regularly, cheque the Ansible merchandise status for the existent pairing alternatively than relying connected a fixed type number. Keep successful mind that ansible-core 2.18 and later require Python 3.11 aliases newer connected the power node, truthful corroborate your Python type earlier upgrading this way.

To comparison the 3 installation sources astatine a glance, mention to the pursuing table:

Verifying the installation

After installing, corroborate that Ansible is disposable and cheque which type and Python expert it is using:

1. ansible --version

The output reports the version, configuration record paths, and the Python executable Ansible runs under:

Output

ansible [core 2.14.18] config file = /etc/ansible/ansible.cfg configured module hunt way = ['/home/sammy/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible postulation location = /home/sammy/.ansible/collections:/usr/share/ansible/collections executable location = /usr/bin/ansible python type = 3.9.16 (main, Dec 8 2022, 00:00:00) [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] (/usr/bin/python3) jinja type = 3.1.2 libyaml = True

Now you person each of the package required to administer your servers done Ansible.

Installing collections erstwhile you request them

The ansible-core package ships only the built-in ansible.builtin modules. If a playbook needs a module from a organization collection, for example, thing nether community.general, ansible-core will study that the module cannot beryllium found. In that case, instal the postulation separately pinch ansible-galaxy:

1. ansible-galaxy postulation install community.general

You only request this measurement erstwhile a task references a module extracurricular ansible.builtin. If you installed the afloat ansible package from EPEL aliases pip alternatively of ansible-core, the astir communal collections are already bundled and this measurement is usually unnecessary.

Step 2: Configuring Ansible hosts

Ansible keeps way of each of the servers it knows astir done an inventory file. The default location is /etc/ansible/hosts, and you request to group up an inventory earlier you tin pass pinch your different machines.

The ansible-core package does not ever create the /etc/ansible directory aliases a sample hosts file, truthful create the directory first if it does not exist:

1. sudo mkdir -p /etc/ansible

With the directory successful place, unfastened the inventory record pinch root privileges. The default matter editor connected Rocky Linux 9 is vi, truthful this illustration uses it:

1. sudo vi /etc/ansible/hosts

The inventory record is elastic and tin beryllium configured successful a fewer different ways. The simplest syntax uses an INI-style format that looks for illustration the following:

Example inventory file

[group_name] alias ansible_host=your_server_ip

The group_name is an organizational tag that lets you mention to immoderate servers listed nether it pinch 1 word, and the othername is simply a friends sanction you usage to mention to an individual server. The ansible_host adaptable tells Ansible the reside to link to.

For example, ideate you person 3 servers you want to power pinch Ansible. Because Ansible communicates pinch managed nodes complete SSH, each server must beryllium reachable from the power node. If you followed the One aliases much Ansible hosts action successful the prerequisites, your hosts already person the power node’s SSH cardinal installed, truthful you tin link without a password:

1. ssh sammy@your_server_ip

You will not beryllium prompted for a password. While Ansible tin grip password-based SSH authentication, SSH keys support things much streamlined and secure.

With your inventory record open, adhd a artifact that uses the illustration IP addresses 203.0.113.111, 203.0.113.112, and 203.0.113.113. Make judge to switch these pinch your ain server addresses. This setup lets you mention to each server individually arsenic host1, host2, and host3, aliases to each of them astatine erstwhile arsenic the servers group. To participate this successful vi, property one to move to insert mode, type the block, past property ESC:

/etc/ansible/hosts

[servers] host1 ansible_host=203.0.113.111 host2 ansible_host=203.0.113.112 host3 ansible_host=203.0.113.113

Once you are done adding the block, prevention and exit the record by typing :wq and past ENTER.

Note that this guideline uses ansible_host, the modern relationship variable. Older tutorials and inventories often usage ansible_ssh_host; that sanction still useful arsenic a bequest alias, but ansible_host is the existent recommended form. The aforesaid applies to ansible_user, which replaced the older ansible_ssh_user.

Hosts tin beryllium to aggregate groups, and groups tin group parameters for each of their members. You tin trial the relationship to a azygous big pinch the pursuing command. Note that the big shape comes first, instantly aft ansible, which is the accepted ordering shown successful the charismatic Ansible documentation:

1. ansible host1 -m ping

If Ansible cannot link pinch the existent settings, it returns an correction for illustration the following:

Ansible relationship error

host1 | UNREACHABLE! => { "changed": false, "msg": "Failed to link to the big via ssh: [email protected]: Permission denied (publickey).", "unreachable": true }

By default, Ansible tries to link to distant hosts utilizing your existent section username. This correction shows that if that personification does not beryllium connected the distant system, the relationship fails.

To hole this, show Ansible which distant personification to usage for the servers group. Begin by creating a group_vars directory successful the Ansible configuration structure:

1. sudo mkdir -p /etc/ansible/group_vars

Within this folder, you create 1 record per group you want to configure. The record is named aft the inventory group it applies to, truthful the record for the servers group is simply named servers. Ansible loads these files based connected the name, truthful a plain servers record works; a .yml hold (servers.yml) is besides commonly utilized and is arsenic valid. You tin edit the record pinch immoderate matter editor. The examples beneath usage nano; if it is not already installed and you for illustration it complete vi, instal it first:

1. sudo dnf -y install nano

Open the group variables record for the servers group:

1. sudo nano /etc/ansible/group_vars/servers

Add the pursuing to the file. YAML files commencement pinch ---, truthful beryllium judge to see that line:

/etc/ansible/group_vars/servers

--- ansible_user: sammy

Once you are finished, prevention and exit the file. In nano, property CTRL + X, past Y, past ENTER.

Now Ansible will ever usage the sammy personification for the servers group, sloppy of which personification is presently logged in. If you want to group configuration specifications for each server sloppy of group, spot them successful a record astatine /etc/ansible/group_vars/all. You tin configure individual hosts by creating files nether a directory astatine /etc/ansible/host_vars.

If you would alternatively support your inventory wrong a task files alternatively of the system-wide location, prevention it arsenic a record specified arsenic inventory.ini and walk it to immoderate bid pinch the -i flag, for illustration ansible each -i inventory.ini -m ping. A project-local inventory is the recommended modern believe because it keeps each task self-contained and version-controllable.

Step 3: Using basal Ansible commands

Now that your hosts are group up pinch capable configuration to link successfully, you tin effort retired respective ad-hoc commands. Ad-hoc commands tally a azygous module against your hosts without penning a playbook, which is perfect for speedy tasks and testing.

First, ping each of the servers you configured. The -m ping information of the bid tells Ansible to usage the ping module. This module operates somewhat for illustration the normal ping inferior successful Linux, but alternatively of sending ICMP packets it checks for Ansible connectivity complete SSH and confirms a usable Python expert connected the distant host:

1. ansible each -m ping

Ansible returns output for illustration the following, pinch 1 artifact per host:

Output

host3 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" } host1 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" } host2 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" }

A pong reply from each big confirms that Ansible has a moving relationship to each of its managed nodes.

Beyond targeting all, you tin scope a bid to different sets of servers. To target a group, sanction it directly:

1. ansible servers -m ping

To target an individual host, usage its alias:

1. ansible host1 -m ping

To target respective circumstantial hosts, abstracted them pinch a comma. A comma is the preferred separator successful existent Ansible versions, though a colon besides works:

1. ansible 'host1,host2' -m ping

The ammunition module lets you nonstop a terminal bid to the distant big and retrieve the result. For instance, to cheque representation usage connected host1, tally the following:

1. ansible host1 -m ammunition -a 'free -m'

You walk arguments to a module pinch the -a switch. The bid returns output akin to this:

Output

host1 | CHANGED | rc=0 >> full utilized free shared buff/cache available Mem: 7951 234 6768 0 948 7461 Swap: 0 0 0

Ad-hoc commands are besides useful for strategy management. For example, you tin cheque uptime crossed each host, aliases usage the dnf module to instal a package connected each servers successful the servers group. Because installing a package requires elevated privileges, adhd the --become emblem (often abbreviated -b) truthful Ansible escalates to root pinch sudo:

1. ansible servers -b -m dnf -a "name=htop state=present"

You person now tally respective of the basal Ansible commands crossed your various hosts.

Step 4: Running a basal playbook

Ad-hoc commands are useful for one-off tasks, but the existent spot of Ansible is the playbook, a YAML record that describes a desired authorities and tin beryllium tally many times pinch the aforesaid result. The pursuing illustration installs and starts the chrony clip synchronization work connected each big successful the servers group.

Create a record named playbook.yml successful your location directory:

1. nano playbook.yml

Add the pursuing content, which defines 1 play pinch 2 tasks:

playbook.yml

--- - name: Basic server setup hosts: servers become: true tasks: - name: Ensure chrony is installed ansible.builtin.dnf: name: chrony state: present - name: Ensure chrony is moving and enabled ansible.builtin.service: name: chronyd state: started enabled: true

Save and adjacent the file, past tally it pinch the ansible-playbook command:

1. ansible-playbook playbook.yml

Ansible reports the position of each task per big and finishes pinch a recap:

Output

PLAY [Basic server setup] ****************************************************** TASK [Gathering Facts] ********************************************************* ok: [host1] ok: [host2] ok: [host3] TASK [Ensure chrony is installed] ********************************************** changed: [host1] changed: [host2] changed: [host3] TASK [Ensure chrony is moving and enabled] ************************************ changed: [host1] changed: [host2] changed: [host3] PLAY RECAP ********************************************************************* host1 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 host2 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 host3 : ok=3 changed=2 unreachable=0 failed=0 skipped=0

Because playbooks are idempotent, moving the aforesaid playbook a 2nd clip reports changed=0, since the desired authorities already matches reality. To spell deeper into playbook syntax and structure, spot our guideline connected Configuration Management 101: Writing Ansible Playbooks.

Troubleshooting communal relationship issues

Rocky Linux 9 ships pinch some firewalld and SELinux enabled by default. Neither usually blocks a modular Ansible connection, but a fewer situations tin interrupt connectivity, truthful it helps to cognize wherever to look. Alongside the firewall and SELinux, 2 SSH- and Python-related errors are among the first that caller users hit. The pursuing subsections screen the astir communal blockers.

Firewalld blocks the SSH port

Ansible reaches managed nodes complete SSH, truthful the SSH larboard must beryllium unfastened successful the firewall. By default, firewalld permits the ssh work connected larboard 22, truthful a default instal useful without changes. If you moved SSH to a non-standard larboard aliases removed the default rule, connections will clip out. On the managed node, corroborate that SSH is allowed and adhd it if necessary:

1. sudo firewall-cmd --permanent --add-service=ssh
2. sudo firewall-cmd --reload

If you tally SSH connected a civilization port, unfastened that circumstantial larboard instead, for illustration sudo firewall-cmd --permanent --add-port=2222/tcp.

SELinux interferes pinch a module’s record operations

SELinux successful enforcing mode does not artifact mean SSH logins, truthful basal ping connectivity usually succeeds moreover pinch SELinux on. Problems thin to look erstwhile a module writes to a location pinch an unexpected information context. To cheque whether SELinux is enforcing, tally the pursuing connected the managed node:

1. getenforce

If the output is Enforcing and a task fails pinch a support correction that mean record permissions do not explain, inspect the audit log for denials:

1. sudo ausearch -m avc -ts recent

The reported denial usually names the discourse that needs adjusting. Set the correct discourse pinch restorecon aliases semanage fcontext alternatively than disabling SELinux, which keeps the information benefits successful place. For managing SELinux states and booleans from Ansible itself, instal the python3-libselinux package connected the managed nodes truthful the applicable modules tin run.

A communal real-world lawsuit occurs erstwhile a playbook uses the transcript aliases template module to constitute a record into a non-standard location, specified arsenic a civilization web guidelines extracurricular /var/www. The record copies successfully, but the web server cannot service it because the caller record does not person the httpd_sys_content_t discourse SELinux expects. The hole is to relabel the target directory alternatively than move SELinux off. You tin do this from a task successful your playbook pinch the ansible.builtin.sefcontext and ansible.builtin.command modules (running restorecon), aliases manually connected the managed node:

1. sudo semanage fcontext -a -t httpd_sys_content_t "/opt/mysite(/.*)?"
2. sudo restorecon -Rv /opt/mysite

Ansible cannot find a Python interpreter

Because Ansible runs Python codification connected the managed node, it needs a usable Python 3 expert there. On minimal server images, Python whitethorn beryllium missing aliases installed astatine a way Ansible does not expect, and a task fails pinch an correction specified as:

Output

Failed to find a Python interpreter

Rocky Linux 9 includes Python 3 by default, but if a managed node lacks it, instal it:

1. sudo dnf install python3

If Python is coming but astatine a non-standard path, show Ansible wherever to find it by mounting the ansible_python_interpreter adaptable for the big aliases group. For example, successful /etc/ansible/group_vars/servers:

/etc/ansible/group_vars/servers

ansible_python_interpreter: /usr/bin/python3

Host cardinal verification failed

The first clip the power node connects to a managed node complete SSH, the distant big cardinal is unknown, and a strict SSH configuration rejects the relationship with:

Output

Host cardinal verification failed

The simplest hole is to link to the big erstwhile manually truthful you tin reappraisal and judge its key, aft which Ansible connects without complaint:

1. ssh sammy@your_server_ip

After accepting the key, the big is recorded successful ~/.ssh/known_hosts and consequent Ansible runs succeed. In disposable laboratory environments wherever hosts are often rebuilt, immoderate group disable the cheque by mounting host_key_checking = False successful an ansible.cfg file, but time off big cardinal checking enabled for immoderate accumulation work, since it protects against connecting to an impersonated host.

Comparing Rocky Linux 9, AlmaLinux 9, and CentOS Stream

Rocky Linux 9 is 1 of respective RHEL-compatible distributions, and the Ansible setup is astir identical crossed them, which is useful to cognize if your situation mixes distributions. The pursuing array summarizes the applicable differences for installing Ansible.

In practice, the commands successful this guideline activity without modification connected AlmaLinux 9, because it uses the aforesaid AppStream and EPEL repositories and the aforesaid ansible-core package version. CentOS Stream 9 sits upstream of RHEL 9, truthful it tin person package updates somewhat earlier, but the workflow is the same. For endeavor environments that want predictable, long-lived versions, the AppStream ansible-core package is the astir blimpish prime connected immoderate of these distributions, while EPEL aliases pip suits teams that request newer collections aliases features.

FAQs

1. How do I upgrade Ansible connected Rocky Linux 9?

How you upgrade depends connected really you installed Ansible. If you utilized the AppStream ansible-core package, tally sudo dnf upgrade ansible-core; statement that AppStream holds ansible-core astatine 2.14 for the RHEL 9 lifecycle, truthful this only applies bug and information fixes wrong that bid alternatively than moving you to a newer engine. If you installed the bundled ansible package from EPEL, sudo dnf upgrade ansible follows EPEL’s release. If you installed pinch pip, upgrade wrong your virtual situation pinch pip instal --upgrade ansible. To move from the held AppStream type to a newer engine, move installation methods to EPEL aliases pip alternatively than expecting AppStream to advance.

2. Why does Ansible study a big arsenic UNREACHABLE?

An UNREACHABLE consequence intends Ansible could not found a moving SSH convention and tally codification connected the host, arsenic opposed to a task failing erstwhile connected. Common causes are an SSH cardinal that is not installed connected the managed node, the incorrect distant personification (set ansible_user for the group aliases host), SSH listening connected a non-default larboard the firewall blocks, aliases the big simply being down. Run the bid again pinch -vvv to spot the underlying SSH error, past corroborate you tin scope the big pinch a plain ssh bid utilizing the aforesaid personification and key.

3. How do I instal Ansible collections erstwhile utilizing ansible-core?

The ansible-core package only includes the built-in ansible.builtin modules. When a playbook needs a module from a organization collection, instal that postulation pinch ansible-galaxy, for illustration ansible-galaxy postulation instal community.general. If you installed the afloat ansible package from EPEL aliases pip instead, the astir communal collections are already bundled and you usually do not request this step.

4. Is Ansible a CI aliases CD tool?

Ansible is simply a configuration guidance and automation tool, not a continuous integration (CI) tool. It describes and enforces the desired authorities of servers and applications, and it tin play a domiciled successful the continuous transportation (CD) shape of a pipeline by deploying and configuring infrastructure. It is chopped from CI devices specified arsenic Jenkins aliases GitHub Actions, which build and trial code; successful galore setups, a CI instrumentality triggers an Ansible playbook arsenic the deployment step.

5. Can I usage Ansible connected Windows arsenic a power node?

Native Windows is not supported arsenic an Ansible power node, but moving Ansible wrong Windows Subsystem for Linux (WSL2) is afloat supported and is the recommended attack for Windows users. The charismatic Ansible archiving lists a WSL distribution arsenic a valid power node platform, truthful installing Ansible successful WSL2 gives you a afloat supported Linux power node connected a Windows machine. Note that Windows is besides afloat supported arsenic a managed node; the regularisation applies only to moving the power node natively.

6. Do managed nodes request Ansible installed?

Managed nodes do not request Ansible installed. They only require Python 3 and SSH access, because the power node connects complete SSH and runs the basal codification remotely. This agentless creation is 1 of Ansible’s main advantages: immoderate server pinch an exposed SSH larboard and a Python expert tin beryllium managed without installing other package connected it.

7. How do I usage a civilization inventory record alternatively of the default /etc/ansible/hosts?

Pass your inventory record to immoderate bid pinch the -i flag, for illustration ansible each -i inventory.ini -m ping aliases ansible-playbook -i inventory.ini playbook.yml. To make a civilization inventory the default for a project, group the inventory directive successful an ansible.cfg record successful the task directory, specified arsenic inventory = ./inventory.ini. A project-local inventory keeps each task self-contained and is easy to way successful type control, which is why it is preferred complete editing the system-wide file.

8. What is the quality betwixt the ansible and ansible-core packages?

ansible-core is the minimal runtime: the motor positive a mini group of built-in modules. The ansible package bundles ansible-core together pinch a large, curated group of organization collections, truthful it is overmuch larger but fresh to usage retired of the box. Install ansible-core erstwhile you want a thin instal and will adhd only the collections you need, and instal ansible erstwhile you want the wide postulation group disposable immediately.

Conclusion

Your Ansible power node is now configured to pass pinch the servers you want to control. You verified connectivity pinch the ping module, ran ad-hoc commands, executed a basal playbook, and learned really to grip the astir communal relationship issues connected Rocky Linux 9, including firewalld, SELinux, missing Python interpreters, and SSH big cardinal errors.

You person built a coagulated instauration for moving pinch your servers done Ansible, truthful your adjacent measurement is to study really to usage Playbooks to do the dense lifting for you. You tin study much successful our guideline connected Configuration Management 101: Writing Ansible Playbooks.

Further reading

To proceed building your Ansible skills, research these related DigitalOcean tutorials:

• Configuration Management 101: Writing Ansible Playbooks
• How To Execute Ansible Playbooks to Automate Server Setup
• How to Use Ansible: A Reference Guide
• How To Use Ansible Vault to Protect Sensitive Playbook Data
• An Introduction to Configuration Management pinch Ansible