Configuring Ansible Hosts file

Ansible tracks all servers/devices it manages using a “hosts” file. But before we could configure this file we need to configure how our Ansible management host communicates with target¬†servers.

One option is to configure SSH Password-less login between our Ansible host and target servers. Let’s create a Public and Private key using ssh-keygen on the Ansible host.

Configure ssh key

[root@ansible ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
9f:48:14:e7:72:7d:dc:fe:ee:01:8f:46:13:1a:9e:be root@ansible
The key's randomart image is:
+--[ RSA 2048]----+
| . . |
| + . . . |
| o o...o .|
| . o. +... |
| S + + .|
| . o... = .|
| . o. o o.|
| o ..|
| E .o|
[root@ansible ~]#

Copy the public key to the remote host using ssh-copy-id.

[root@ansible ~]# ssh-copy-id -i ~/.ssh/
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is ff:cd:87:c9:d1:c2:e7:26:f8:c7:24:77:11:9a:c1:9a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh ''"
and check to make sure that only the key(s) you wanted were added.

[root@ansible ~]#

As suggested, try logging into the remote machine.

[root@ansible ~]# ssh root@
Last login: Mon Mar 27 12:02:00 2017
[root@undercloud ~]#

Now that we have configured how Ansible host communicates with our target servers, let’s open the ¬†hosts file with root privileges

vi /etc/ansible/hosts

Ansible hosts file contains several examples. At the end of the file, add the following.


Now that we have our hosts set up and enough configuration details to allow us to successfully connect to our hosts, we can try out our very first command.

[root@ansible ~]# ansible -m ping all | SUCCESS => {
 "changed": false, 
 "ping": "pong"
[root@ansible ~]#

This is a basic test to make sure that Ansible has a connection to all of its hosts.


Leave a Reply