Get Started: Configure Ansible on an Azure VM

This article shows how to install Ansible on a Centos VM in Azure.

In this article, you learn how to:

Prerequisites

• Azure subscription: If you don't have an Azure subscription, create a free account before you begin.

• Azure service principal: Create a service principal, making note of the following values: appId, displayName, password, and tenant.

Create a virtual machine

1. Create an Azure resource group.

   • Azure CLI
   • PowerShell

   az group create --name QuickstartAnsible-rg --location eastus
   

   You might need to replace the --location parameter with the appropriate value for your environment.

2. Create the Azure virtual machine for Ansible.

   • Azure CLI
   • PowerShell

   az vm create \
   --resource-group QuickstartAnsible-rg \
   --name QuickstartAnsible-vm \
   --image OpenLogic:CentOS:7.7:latest \
   --admin-username azureuser \
   --admin-password <password>
   

   Replace the <password> your password.

3. Get the public Ip address of the Azure virtual machine.

   • Azure CLI
   • PowerShell

   az vm show -d -g QuickstartAnsible-rg -n QuickstartAnsible-vm --query publicIps -o tsv
   

Connect to your virtual machine via SSH

Using the SSH command, connect to your virtual machine's public IP address.

ssh azureuser@<vm_ip_address>

Replace the <vm_ip_address> with the appropriate value returned in previous commands.

Install Ansible on the virtual machine

Ansible 2.9 with the azure_rm module

Run the following commands to configure Ansible 2.9 on Centos:

#!/bin/bash

# Update all packages that have available updates.
sudo yum update -y

# Install Python 3 and pip.
sudo yum install -y python3-pip

# Upgrade pip3.
sudo pip3 install --upgrade pip

# Install Ansible.
pip3 install "ansible==2.9.17"

# Install Ansible azure_rm module for interacting with Azure.
pip3 install ansible[azure]

Ansible 2.10 with azure.azcollection

Run the following commands to configure Ansible on Centos:

#!/bin/bash

# Update all packages that have available updates.
sudo yum update -y

# Install Python 3 and pip.
sudo yum install -y python3-pip

# Upgrade pip3.
sudo pip3 install --upgrade pip

# Install Ansible az collection for interacting with Azure.
ansible-galaxy collection install azure.azcollection

# Get required modules for Ansible on Azure list
wget https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt

# Install Ansible modules for Azure
sudo pip3 install -r requirements-azure.txt

Key points:

• Ansible control node requires Python 2 (version 2.7) or Python 3 (versions 3.5 and higher) installed. Ansible 4.0.0 and ansible-core 2.11 has a soft dependency on Python 3.8, but functions with lower versions. However, Ansible 5.0.0 and ansible-core 2.12 will require 3.8 and newer.

Create Azure credentials

To configure the Ansible credentials, you need the following information:

• Your Azure subscription ID and tenant ID
• The service principal applicationID, and secret

Configure the Ansible credentials using one of the following techniques:

• Option 1: Create an Ansible credentials file
• Option 2: Define Ansible environment variables

Option 1: Create Ansible credentials file

In this section, you create a local credentials file to provide credentials to Ansible. For security reasons, credential files should only be used in development environments.

For more information about defining Ansible credentials, see Providing Credentials to Azure Modules.

1. Once you've successfully connected to the host virtual machine, create and open a file named credentials:

   mkdir ~/.azure
   vi ~/.azure/credentials
   

2. Insert the following lines into the file. Replace the placeholders with the service principal values.

   [default]
   subscription_id=<your-subscription_id>
   client_id=<security-principal-appid>
   secret=<security-principal-password>
   tenant=<security-principal-tenant>
   

3. Save and close the file.

Option 2: Define Ansible environment variables

On the host virtual machine, export the service principal values to configure your Ansible credentials.

export AZURE_SUBSCRIPTION_ID=<your-subscription_id>
export AZURE_CLIENT_ID=<security-principal-appid>
export AZURE_SECRET=<security-principal-password>
export AZURE_TENANT=<security-principal-tenant>

Test Ansible installation

You now have a virtual machine with Ansible installed and configured!

This section shows how to create a test resource group within your new Ansible configuration. If you don't need to do that, you can skip this section.

• Option 1: Use an ad-hoc ansible command
• Option 2: Write and run an Ansible playbook

Option 1: Use an ad-hoc ansible command

Run the following ad-hoc Ansible command to create a resource group:

#Ansible 2.9 with azure_rm module
ansible localhost -m azure_rm_resourcegroup -a "name=ansible-test location=eastus"

#Ansible 2.10 with azure.azcollection
ansible localhost -m azure.azcollection.azure_rm_resourcegroup -a "name=<resource_group_name> location=<location>"

Replace <resource_group_name> and <location> with your values.

Option 2: Write and run an Ansible playbook

1. Save the following code as create_rg.yml.

   Ansible 2.9 with azure_rm module

   ---
   - hosts: localhost
       connection: local
       tasks:
       - name: Creating resource group
           azure_rm_resourcegroup:
           name: "<resource_group_name"
           location: "<location>"
   

   Ansible 2.10 with azure.azcollection

   - hosts: localhost
     connection: local
     collections:
      - azure.azcollection
     tasks:
     - name: Creating resource group
         azure_rm_resourcegroup:
         name: "<resource_group_name"
         location: "<location>"
   

   Replace <resource_group_name> and <location> with your values.

2. Run the playbook using ansible-playbook.

   ansible-playbook create_rg.yml
   

Read more about the azure.azcollection.

Clean up resources

Next steps