What if Ansible target Nodes do not contain Python installed?

Now-a-days most CI / CD pipelines are integrated with Ansible to perform configuration and management tasks, but this becomes difficult when Python is not installed in client nodes.

Since, ansible is very easy to implement, do not have master concept and it provides agent less connectivity, but there are pre-requisites which needs to be followed before you start using ansible in your environment.

  1. Infrastructure nodes should have ssh port enabled to connect to ansible controller machine on port 22
  2. You must have Python 2 (version 2.7) or Python 3 (versions 3.5 and higher) installed on ansible controller machine and all client nodes to execute the ansible playbook

Now, I will explain the following scenario and how to handle it.

  1. Prepare Ansible Controller and Client nodes to execute ansible playbook
  2. Ansible Controller have Python 2 or 3 but client nodes do not have Python installed
  3. Ansible Controller have Python 2 or 3 but due to some dependency on client nodes if you are not able to use Python version which is required to run ansible playbook on client nodes

Prepare Ansible Controller and Client nodes to execute ansible playbook

If Ansible Controller and Client nodes have Python 2 or 3 installed then in that case you only need ssh connectivity between ansible controller machine and client nodes to execute the ansible playbook.

Note: If you have SELinux enabled on remote nodes, you will also want to install libselinux-python on them before using any copy/file/template related functions in Ansible. You can of course still use the yum module in Ansible to install this package on remote systems that do not have it.

Prepare your normal Linux node as an Ansible Control Node

  1. Create a Linux Server with 2 GB RAM and 4 Core CPU
  2. Create an EPEL yum repo, since ansible RPMs are available from yum which is currently supported Fedora distributions.
  • RHEL/CentOS 6:
  • RHEL/CentOS 7:

Now, Install Ansible package using yum on control node

Verify the Python version on control

[root@mycontrolnode ~]# python — version
Python 2.7.5

Verify the Python version on client node

[root@myclientnode01 ~]# python — version
Python 2.7.5
[root@myclientnode01 ~]#

Execute Ansible adhoc command on control node to test the ansible module on client node, if you are connecting first time from ansible control to client node then you will encounter below error. ERROR###

[root@mylocallab lab]# ansible -i inventory linux -m command -a “df -kh”
10.0.11.151 | FAILED | rc=-1 >>
Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host’s fingerpint to your known_hosts file to manage this host.

To solve this error , you need to uncomment

#host_key_checking = False line in the “/etc/ansible/ansible.cfg” file in control machine.

Now, execute the adhoc command

Ansible Controller have Python 2 or 3 but client nodes do not have Python installed

Above scenario had explained you, how to create an ansible control machine, now you have an ansible control machine but client machine do not have Python install but still you want to execute the ansible playbook on client machine, how you will do it ?

Very simple, before execution of actual playbook tasks, create a small playbook which will execute a task by using “raw” module to install Python on all client nodes.

pre_tasks: Will make sure that after connecting to client node before executing any tasks raw module needs to be executed on all client node.

Note:

  • By default all RHEL and CentOS nodes comes with Python installed
  • If using raw module to bootstrap python onto the machine, disable fact gathering using gather_facts: no
  • This module does not require python on the remote system, much like the Script module. That means this module is not idempotent and whenever this module will execute on client node, it will do the changes on client node.
  • This module is also supported for Windows targets.

Ansible Controller have Python 2 or 3 but due to some dependency on client nodes if you are not able to use Python version which is required to run ansible playbook on client nodes.

This scenario will occurs when you have older OS version with some monolithic application hosted on nodes where Python version is older then required by Ansible, and customer want to manage those nodes using ansible, in this case you can advice following things.

  1. Using ansible “raw” module, ansible control node can still execute some Linux basic command on client nodes which do not have python installed or python older then required by ansible, it will execute a low-down and dirty SSH command over the network, not going through the module subsystem.

Example: Remote node does not have python but still ansible can execute “raw” module to get the disks detail from client node.

2. Upgrade OS of application node, it will upgrade server with latest python version( of course, before OS upgrade customer need to check application support ability on latest OS release)

3. If customer has application dependency and do not want to upgrade OS , then ansible can manage those node using “raw” module and other then “raw” module ansible can not execute other module on client node.

Platform Support Matrix — Red Hat Ansible Engine

Control NodesManaged Nodes

Red Hat Enterprise Linux Server 8 (x86_64 only) and Red Hat Enterprise Linux Server 7.2 and later(x86_64 only)*

Managed Nodes

Red Hat Enterprise Linux 6.3 and later

Red Hat Enterprise Linux 7.2 and later

Red Hat Enterprise Linux Server 8

Ubuntu 14.04 LTS (x86_64 only)

Ubuntu 16.04 LTS (x86_64 only)

Windows Server 2012, 2012 R2

Windows Server 2016

Windows Server 2019

Network Devices:
* Arista EOS
* Cisco IOS, IOS-XE, IOS-XR, NX-OS
* Juniper Junos OS
* VyOS

If this post was helpful, please click the clap 👏 button below a few times to show your support for the author! ⬇