Ansible is a tool for managing a fleet of machines. There might be some tasks that you have to execute on every machine in your data center.



Instead of logging in in every machine via SSH, we write an Ansible playbook that describes all tasks in a YAML file.

- name: Installing packages
  hosts: web
  become: yes
  gather_facts: no
    - name: Install git
          name: git
          state: present
          update_cache: yes
    - name: Install ALSA
          name: alsa
          state: present
          update_cache: yes
    - name: Install ALSA Dev
          name: libasound2-dev
          state: present
          update_cache: yes
    - name: Install Jack
          name: jackd2
          state: latest
          update_cache: yes

By default Ansible logs into every machine via SSH. hosts: web tells ansible to execute following tasks on all machines in the inventory group web. Installing packages with APT requires superuser permissions. become: yes tells Ansible to become root. The default method for this is sudo.

The biggest benefit over shell scripts is that it is possible to describe the state of a machine. In the example four packages will be installed. Only jackd2 will be updated if it is already present.



For executing our new playbook Ansible needs to know what machines are in our inventory. The inventory can be written in INI or YAML syntax.



The default location for your inventory file is /etc/ansible/hosts.

For more information for creating your inventory see the official user guide.



A separate inventory file can be set for your project in an Ansible configuration file ansible.cfg:

inventory = hosts
ansible_ssh_user = studio
sudo_user = studio

This file sets the location of your inventory file to ./hosts. Furthermore the default SSH user as well as the sudo user gets set to studio.


Executing a Playbook

Executing our playbook file install_basic.yml:

ansible-playbook install_basic.yml -k -K

For this to work every machine in group web must have a user studio with the same password. The flag -k lets Ansible ask for a SSH password. -K is for the sudo password.

If there's a SSH key for user studio on all machines, no SSH password has to be typed, but the password for sudo is still necessary.