Installing Ansible

Table of contents

Latest posts

Post cover

Opt-out from Web Archive
April 29, 2024

Post cover

Ansible Workbook
April 27, 2024

Post cover

Self-Hacking: How I learned to love the Cold again
April 26, 2024

Post cover

EVE-NG Workbook (Amazon Kindle)
April 25, 2024

Post cover

Cybersecurity: fashion or strategy
April 11, 2024

Categories

Category cover

Automation
34 posts

Category cover

Notes
19 posts

Category cover

Security
19 posts

Category cover

Personal Security
14 posts

Category cover

Infrastructure
10 posts

Category cover

CISO
9 posts

Category cover

OT/ICS
5 posts

Category cover

UNetLab
3 posts

Category cover

Write-up
3 posts

Category cover

Books
2 posts

Category cover

OSInt
2 posts

Category cover

My life
1 posts

Installing Ansible

Andrea Dainese
September 24, 2023
Automation
Post cover

Ansible is distributed as a Python module installable via PIP. The installation process is straightforward but warrants some considerations.

Typically, the automation host, the system from which all automation scripts originate, is one of the most critical systems within an infrastructure. It can access all systems that need to be automated and often, for convenience, contains the credentials for these devices. While credentials are stored in specific password managers, more often than not, they are found in plaintext.

For simplicity and clarity, the simplest playbooks contain device credentials. They are designed to focus on the automation aspect rather than the security of the system, which will be discussed in specific articles.

However, we can start with a best practice: creating a dedicated Python environment for Ansible and tracking the versions of installed packages. Ansible, like many other software, is continuously evolving, and playbooks written today may not function correctly with future versions.

The version of Ansible we will use requires Python 3.9, which is not installable via APT on Ubuntu Linux 20. Therefore, we need to install it manually from sources:

cd /usr/src
wget https://www.python.org/ftp/python/3.9.16/Python-3.10.8.tgz
tar xzf Python-3.10.8.tgz
cd Python-3.10.8/
./configure --enable-optimizations
make -j 4
sudo make altinstall

The updated packages.txt file is available in the DevNetOps course material, which can be used to install the necessary dependencies for all available labs.

sudo apt-get install -y < packages.txt

In general, it’s preferable to have a dedicated user for Ansible usage to ensure its environment is configured and reliable. Let’s create a new user:

sudo useradd -m -d /opt/ansible -s /bin/bash ansible
sudo su - ansible

Now, we can prepare the Python environment and install Ansible:

python3.10 -m venv .venv
source .venv/bin/activate
pip install ansible ansible-pylibssh
pip freeze | grep ansible
ansible --version

The updated requirement.txt file is available in the DevNetOps course material, which can be used to install the necessary dependencies for all available labs.

pip -r requirement.txt

Remember to activate the newly created Python environment before running Ansible:

source .venv/bin/activate

You can deactivate the environment using the following command:

deactivate

Since we’re using a dedicated user, we can load the virtual environment directly at login by adding the following command to .bashrc:

source .venv/bin/activate