How to Install Ansible on RHEL 8

Ansible is the leading open-source automation engine for configuration management, application deployment, and orchestration. On RHEL 8, you can install Ansible from the Extra Packages for Enterprise Linux (EPEL) repository or directly via pip3, giving you flexibility depending on your environment. This tutorial walks through both installation methods, basic inventory configuration, and running your first ad-hoc commands against managed hosts. By the end you will have a working Ansible control node ready for playbook development.

Prerequisites

• RHEL 8 server or workstation with a non-root sudo user
• Python 3 installed (python3 --version to verify)
• Internet access or an internal mirror with EPEL 8 packages
• At least one additional host (physical, VM, or container) to use as a managed node
• SSH access between the control node and managed nodes

Step 1 — Enable EPEL 8 and Install Ansible

The recommended method on RHEL 8 is to install Ansible from the EPEL repository, which provides pre-built RPMs that integrate cleanly with the system Python.

sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf install -y ansible
ansible --version

The output of ansible --version should display the installed version, the config file path, the Python interpreter, and the default module path.

Step 2 — Install Ansible via pip3 (Alternative Method)

If you prefer the latest upstream release or are working in a virtual environment, install Ansible using pip3.

sudo dnf install -y python3 python3-pip
pip3 install --user ansible
ansible --version

The --user flag installs Ansible into ~/.local/bin. Ensure that directory is in your PATH by adding export PATH="$HOME/.local/bin:$PATH" to your ~/.bashrc and sourcing it.

Step 3 — Configure the Inventory File

The inventory file tells Ansible which hosts to manage. The default location is /etc/ansible/hosts, but you can store it anywhere and reference it with -i.

sudo mkdir -p /etc/ansible
sudo tee /etc/ansible/hosts > /dev/null <<'EOF'
[webservers]
web01 ansible_host=192.168.1.10
web02 ansible_host=192.168.1.11

[dbservers]
db01 ansible_host=192.168.1.20

[all:vars]
ansible_user=rhel_user
ansible_python_interpreter=/usr/bin/python3
EOF

Step 4 — Configure ansible.cfg

A project-level ansible.cfg overrides the global defaults and keeps settings close to your playbooks.

cat > ~/ansible.cfg <<'EOF'
[defaults]
inventory      = /etc/ansible/hosts
remote_user    = rhel_user
host_key_checking = False
retry_files_enabled = False

[privilege_escalation]
become       = True
become_method = sudo
become_user  = root
EOF

Step 5 — Set Up Passwordless SSH Authentication

Ansible communicates over SSH. Distributing your public key to each managed node avoids repeated password prompts during automation.

# Generate an SSH keypair if you don't already have one
ssh-keygen -t ed25519 -C "ansible-control" -f ~/.ssh/id_ansible -N ""

# Copy the public key to each managed host
ssh-copy-id -i ~/.ssh/id_ansible.pub [email protected]
ssh-copy-id -i ~/.ssh/id_ansible.pub [email protected]
ssh-copy-id -i ~/.ssh/id_ansible.pub [email protected]

# Tell SSH which key to use (add to ~/.ssh/config)
cat >> ~/.ssh/config <<'EOF'
Host 192.168.1.*
    IdentityFile ~/.ssh/id_ansible
    StrictHostKeyChecking no
EOF

Step 6 — Run Ad-Hoc Commands

Ad-hoc commands let you execute a single module across your inventory without writing a playbook. They are ideal for quick checks and one-off tasks.

# Ping all hosts to verify connectivity
ansible all -m ping

# Check uptime on all hosts
ansible all -m shell -a 'uptime'

# Check uptime on just the webservers group
ansible webservers -m shell -a 'uptime'

# Gather facts from a single host
ansible web01 -m setup

# Install a package on all web servers
ansible webservers -m dnf -a 'name=httpd state=present' --become

# Restart a service
ansible webservers -m service -a 'name=httpd state=restarted' --become

Conclusion

You have installed Ansible on RHEL 8 using both the EPEL repository and pip3, configured the inventory and ansible.cfg, distributed SSH keys for passwordless authentication, and validated connectivity with ad-hoc commands. Your control node is now fully operational and ready for playbook-driven automation at scale.

Next steps: Write Ansible Playbooks for Server Automation on RHEL 8, Set Up a Jenkins CI/CD Pipeline on RHEL 8, and Manage Secrets with Ansible Vault on RHEL 8.