Ansible for Beginners : Automate Your RHEL System Administration

Published On: 16 May 2025

Objective

Red Hat Enterprise Linux (RHEL) system administrators are increasingly adopting automation to improve efficiency and consistency in their workflows. Ansible is a powerful automation tool that integrates configuration management, application deployment, and system administration into one easy-to-use platform. Whether you’re preparing for the Red Hat Certified System Administrator (RHCSA) exam or looking to enhance your automation skills, this guide introduces you to using Ansible for automating common RHEL system administration tasks.

Why Learn Ansible?

Ansible is a leading automation tool used by system administrators, DevOps engineers, and IT professionals. Here’s why you should learn it:

  • Simplicity: Ansible uses YAML—a human-readable data format—for defining automation tasks through playbooks. It is intuitive and easy to learn, even for those with minimal programming knowledge.

  • Efficiency: Automates repetitive administrative tasks like package installation, user management, and system updates. This reduces manual intervention and minimizes human errors.

  • Consistency: Ansible ensures uniform configuration across all servers by applying predefined playbooks, which reduces configuration drift and improves system stability.

  • Scalability: From managing a handful of servers to thousands, Ansible scales seamlessly. It’s ideal for growing IT infrastructures with minimal overhead.

  • Cost-effectiveness: Being open-source and agentless, Ansible requires no additional software on managed nodes. It communicates over existing protocols like SSH, reducing setup complexity and cost.

  • Versatility: Beyond server configuration, Ansible automates network management, cloud provisioning, security enforcement, and application deployment.

What is Ansible?

Ansible is an agentless IT automation tool that helps manage servers by automating tasks. Unlike other configuration management tools that require agents, Ansible communicates with managed nodes via SSH and uses YAML-based playbooks to define tasks.

Key Features of Ansible:

  1. Agentless:

Traditional configuration management tools like Puppet or Chef require agents to be installed on every managed node. Whereas, Ansible does not need any additional software on target machines. It uses existing protocols such as SSH for Linux and WinRM for Windows to communicate and execute commands. This helps cuts overhead, eliminates compatibility issues, and simplifies maintenance as there’s no need to manage extra software on managed nodes.

  1. Declarative Language:

Ansible uses YAML to define system configurations. YAML is human-readable and easy to understand which makes it simple for users to write playbooks without requiring deep programming knowledge. Instead of writing complex scripts administrators define the desired state of a system and Ansible ensures the system is configured accordingly.

  1. Scalability:

Ansible is designed to scale efficiently from a few nodes to thousands of servers. Its simple inventory system helps you can organize servers into groups and apply configurations across multiple machines. Large organizations use Ansible to manage enterprise-wide IT infrastructures with less effort.

  1. Idempotency:

Idempotency means that running the same Ansible playbook multiple times will not cause unintentional changes. If a configuration is already applied, Ansible does nothing, which ensures that the system remains in the wanted state without out of work executions. This prevents unnecessary modifications and guarantees consistency across deployments.

  1. Secure:

Ansible powers SSH for secure communication, removing the need for additional security layers or credential storage on managed nodes. It supports features like vault encryption for sensitive data (e.g., passwords and API keys) to increase security. Unlike agent-based tools that require open ports and additional security configurations, Ansible lessens security risks by using existing authentication mechanisms.

Setting Up Ansible on RHEL

Prerequisites:

  • A RHEL-based system with root or sudo access

  • Python (usually pre-installed)

  • SSH access to managed nodes

If you'd prefer not to set up multiple RHEL nodes locally, you can get hands-on practice with Ansible using the RHCE Labs available at RHCSA.Guru.

Installation Steps: 

  1.   To update your system run the following command 

sudo dnf update -y                    # Update all packages on the system

       2. To install Ansible use this command

sudo dnf install -y ansible          # Install Ansible

      3. Verify the Installation by clicking the Ansible version

ansible --version                    # Verify installation

Configuring Ansible

  • Setting Up Inventory

Ansible uses an inventory file to define the managed host. The default inventory file is located at /etc/ansible/hosts. In this file, system administrators list the IP addresses or hostnames of the machines they want Ansible to manage.

  • Edit the file inventory: Open the inventory file using text editor: 

sudo nano /etc/ansible/hosts         # Open inventory file in nano editor

  • Add the managed nodes:


[webservers]                         # Group name for web servers
192.168.1.10                         # IP of first web server
192.168.1.11                         # IP of second web server
[dbservers]                          # Group name for database servers
192.168.1.20                         # IP of database server

This structure groups your servers logically for targeted automation.

  • Test Connectivity:

ansible all -m ping                  # Ping all managed hosts to test SSH connectivity

This command tests if the Ansible control node can communicate with the managed nodes.

Writing Your First Playbook

An Ansible playbook is a YAML file containing tasks to automate system administration.

Create a new playbook file and add the following YAML code to install Apache on web servers:


---
- name: Install Apache on Web Servers
  hosts: webservers                  # Target all servers in the 'webservers' group
  become: yes                        # Run tasks with sudo privileges
  tasks:
    - name: Install httpd            # Install Apache package
      dnf:
        name: httpd
        state: present               # Ensure the package is installed
    - name: Start and Enable Apache  # Start and enable Apache to run on boot
      service:
        name: httpd
        state: started
        enabled: yes

Save this as install_apache.yml and run:

ansible-playbook install_apache.yml

Automating Common RHEL Tasks

Example 1: User Management:


---
- name: Create a user
  hosts: all                         # Apply to all managed servers
  become: yes
  tasks:
    - name: Add user john            # Create a user named john
      user:
        name: john
        state: present               # Ensure user exists

Run it:

ansible-playbook create_user.yml

Example 2: Package Management:


---
- name: Install Vim
  hosts: all
  become: yes
  tasks:
    - name: Install vim              # Ensure vim is installed
      dnf:
        name: vim
        state: present

Run the playbook: 

ansible-playbook install_vim.yml

Example 3: System Updates:

Update all packages to the latest version:


---
- name: Update all packages
  hosts: all
  become: yes
  tasks:
    - name: Update packages          # Update all packages to latest version
      dnf:
        name: "*"
        state: latest

Run the playbook:

ansible-playbook update_system.yml

Conclusion

 Ansible simplifies RHEL System Administration by automating repetitive tasks, ensuring consistency and improving efficiency. By using Ansible playbooks, IT administrators can mechanize software installations, system updates, and configuration management effortlessly. Start experimenting with Ansible today and modernize your system administration everyday jobs!