Ansible is a powerful open-source automation tool used to configure systems, deploy software, and orchestrate more advanced IT tasks. One of the core advantages of Ansible is its ability to manage multiple servers without needing to manually log in to each system. A common way to enable this automation is by using passwordless SSH authentication with public keys, simplifying the management of remote systems.

In this blog, we'll discuss how to set up passwordless SSH authentication between an Ansible control node and a target machine using SSH keys, followed by an Ansible playbook to install and manage services like Nginx.

What is Ansible?

Ansible is a simple IT automation tool that allows you to automate cloud provisioning, configuration management, application deployment, and many other tasks. It works by pushing configurations to target machines using SSH without the need for an agent on the remote machine. You can create a playbook in YAML format to define the desired state and run it to apply the changes across all your hosts.

Passwordless Authentication using SSH Keys

Passwordless authentication simplifies connecting to remote machines and running tasks automatically without needing to enter a password. You do this by creating an SSH key pair on your Ansible control node and copying the public key to the target machine’s authorized_keys file.

Steps to Set Up SSH Key-based Authentication:

Generate SSH Key Pair on Ansible Control Node: Run the following command to generate an SSH key pair:
```
 ssh-keygen
```

The command generates a public and private key pair in your .ssh directory.\

Copy Public Key to Target Machine: Copy the public key to the authorized_keys file on the target machine.
Verify Passwordless Login: Test passwordless authentication by trying to SSH into the target machine:
```
 ssh user@target_machine_ip
```

Example Playbook: Installing and Starting Nginx

Once passwordless authentication is configured, we can use Ansible to automate tasks on the target machine. Below is an example playbook that installs and starts Nginx on the target machine.

Here are the changes in the target server :

Using other commands to retrieve data :

Ansible Documentation

Ansible Documentation can be really be helpful while dealing with commands.

As a DevOps Engineer we can not always learn every single command, so guiding your way through the documentation is a really crucial aspect.

Using these to write commands :

Result on the target machine :

Grouping the IPs

Since it is not recommended to write multiple inventory files we group the IP Addresses together.

And mention the particular group of IPs we want to consider for the operations that are to be performed on the target servers :

Writing Ansible Playbooks

Playbooks are written in YAML format , Here’s an example for nginx deployment

---
- name: Install and Start Nginx
  hosts: all
  become: true

  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present

    - name: Start Nginx
      service:
        name: nginx
        state: started

Command to Run the Playbook:

ansible-playbook -vvv -i inventory first-playbook.yml

This command runs the playbook on the specified hosts listed in the inventory file. The -vvv option enables verbose mode to help with debugging and understanding what’s happening under the hood.

Result on the target server :

Why Use Ansible Roles?

As your automation tasks grow, a single playbook might become difficult to maintain. This is where Ansible Roles come into play. Roles help you organize tasks, handlers, variables, and files into a structured format, making your playbooks more readable and scalable.

Here’s how you can create an Ansible role:

ansible-galaxy role init kubernetes

This command initializes a role structure for kubernetes, allowing you to manage different tasks more effectively.

Thank you for reading through my extensive blog! And one more thing—never stop learning!

Introduction to Passwordless Authentication with Ansible