Complete Guide: Installing Ansible and Java 8 on Ubuntu 20.04

Table of Contents#

Overview#

This guide provides detailed instructions for installing and configuring Ansible and Java 8 on Ubuntu 20.04. Whether you’re setting up a development environment or preparing for automation tasks, this guide covers everything from basic installation to advanced configuration.

System Architecture#

1
graph TB
2
    subgraph "Control Node"
3
        A[Ansible Control Node]
4
        B[Java 8 Runtime]
5
        C[SSH Keys]
6
    end
7

8
    subgraph "Managed Nodes"
9
        D[Node 1]
10
        E[Node 2]
11
        F[Node N]
12
    end
13

14
    subgraph "Configuration"
15
        G[Inventory File]
16
        H[Playbooks]
17
        I[Variables]
18
    end
19

20
    A --> D
21
    A --> E
22
    A --> F
23
    A --> G
24
    G --> H
25
    H --> I
26
    C --> D
27
    C --> E
28
    C --> F
29

30
    style A fill:#4ecdc4,stroke:#087f5b,stroke-width:2px
31
    style B fill:#ffd43b,stroke:#fab005,stroke-width:2px
32
    style G fill:#74c0fc,stroke:#1971c2,stroke-width:2px

Prerequisites#

Before proceeding, ensure you have:

Ubuntu 20.04 LTS system (physical or virtual)
Root or sudo access
Internet connection for package downloads
At least 2GB RAM and 10GB disk space
Basic understanding of Linux command line

Installing Ansible#

Step 1: Update System Packages#

1
# Update package index
2
sudo apt update
3

4
# Upgrade existing packages
5
sudo apt upgrade -y
6

7
# Install software properties common
8
sudo apt install -y software-properties-common

Step 2: Add Ansible Repository#

1
# Add official Ansible PPA
2
sudo apt-add-repository ppa:ansible/ansible
3

4
# Update package index again
5
sudo apt update

Step 3: Install Ansible#

1
# Install Ansible
2
sudo apt install -y ansible
3

4
# Verify installation
5
ansible --version
6

7
# Check Python version (Ansible requires Python)
8
python3 --version

Step 4: Configure Ansible User#

1
# Create dedicated Ansible user
2
sudo useradd -m ansible
3
sudo passwd ansible
4

5
# Add to sudo group
6
sudo usermod -aG sudo ansible
7

8
# Configure sudoers for passwordless sudo
9
echo "ansible ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/ansible

Setting Up SSH Keys#

Generate SSH Keys#

1
# Switch to ansible user
2
sudo su - ansible
3

4
# Generate SSH key pair
5
ssh-keygen -t rsa -b 4096 -C "ansible@control-node"
6

7
# View public key
8
cat ~/.ssh/id_rsa.pub

Distribute SSH Keys to Managed Nodes#

1
# Copy SSH key to managed nodes
2
ssh-copy-id ansible@managed-node-ip
3

4
# Test SSH connection
5
ssh ansible@managed-node-ip
6

7
# For multiple nodes, use a loop
8
for host in node1 node2 node3; do
9
    ssh-copy-id ansible@$host
10
done

Configuring Ansible Inventory#

Edit Inventory File#

1
# Create custom inventory directory
2
sudo mkdir -p /etc/ansible/inventories/production
3

4
# Edit inventory file
5
sudo nano /etc/ansible/inventories/production/hosts

Add the following content:

1
[web_servers]
2
web1 ansible_host=192.168.1.10 ansible_user=ansible
3
web2 ansible_host=192.168.1.11 ansible_user=ansible
4

5
[db_servers]
6
db1 ansible_host=192.168.1.20 ansible_user=ansible
7
db2 ansible_host=192.168.1.21 ansible_user=ansible
8

9
[all:vars]
10
ansible_python_interpreter=/usr/bin/python3
11
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
12

13
[web_servers:vars]
14
http_port=80
15
max_clients=200
16

17
[db_servers:vars]
18
mysql_port=3306
19
max_connections=100

Ansible Configuration File#

Create or edit /etc/ansible/ansible.cfg:

1
[defaults]
2
inventory = /etc/ansible/inventories/production/hosts
3
remote_user = ansible
4
host_key_checking = False
5
retry_files_enabled = False
6
gathering = smart
7
fact_caching = jsonfile
8
fact_caching_connection = /tmp/ansible_facts_cache
9
fact_caching_timeout = 86400
10

11
[privilege_escalation]
12
become = True
13
become_method = sudo
14
become_user = root
15
become_ask_pass = False
16

17
[ssh_connection]
18
ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
19
pipelining = True

Installing Java 8#

Step 1: Install OpenJDK 8#

1
# Update package index
2
sudo apt update
3

4
# Install OpenJDK 8 JDK (includes JRE)
5
sudo apt install -y openjdk-8-jdk
6

7
# Verify installation
8
java -version
9
javac -version

Step 2: Configure Java Environment#

1
# Set JAVA_HOME environment variable
2
echo 'export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64' >> ~/.bashrc
3
echo 'export PATH=$PATH:$JAVA_HOME/bin' >> ~/.bashrc
4

5
# Reload bashrc
6
source ~/.bashrc
7

8
# Verify environment variables
9
echo $JAVA_HOME

Step 3: Manage Multiple Java Versions#

1
# Check all installed Java versions
2
sudo update-alternatives --list java
3

4
# Configure default Java version
5
sudo update-alternatives --config java
6

7
# Configure default javac version
8
sudo update-alternatives --config javac

Testing the Installation#

Test Ansible Connection#

1
# Ping all hosts
2
ansible all -m ping
3

4
# Ping specific group
5
ansible web_servers -m ping
6

7
# Run ad-hoc command
8
ansible all -a "uname -a"
9

10
# Check disk space on all hosts
11
ansible all -m shell -a "df -h"

Create Test Playbook#

Create test-playbook.yml:

1
---
2
- name: Test Playbook
3
  hosts: all
4
  gather_facts: yes
5
  tasks:
6
    - name: Display system information
7
      debug:
8
        msg: "{{ ansible_hostname }} - {{ ansible_distribution }} {{ ansible_distribution_version }}"
9

10
    - name: Check Java installation
11
      command: java -version
12
      register: java_version
13
      ignore_errors: yes
14

15
    - name: Display Java version
16
      debug:
17
        msg: "Java is installed: {{ java_version.stderr }}"
18
      when: java_version.rc == 0
19

20
    - name: Ensure Apache is installed (web servers only)
21
      apt:
22
        name: apache2
23
        state: present
24
      when: inventory_hostname in groups['web_servers']

Run the playbook:

1
# Run playbook
2
ansible-playbook test-playbook.yml
3

4
# Run with verbose output
5
ansible-playbook -vvv test-playbook.yml
6

7
# Run with check mode (dry run)
8
ansible-playbook --check test-playbook.yml

Test Java Installation#

Create HelloWorld.java:

1
public class HelloWorld {
2
    public static void main(String[] args) {
3
        System.out.println("Hello from Java " + System.getProperty("java.version"));
4
        System.out.println("Running on " + System.getProperty("os.name"));
5
    }
6
}

Compile and run:

1
# Compile
2
javac HelloWorld.java
3

4
# Run
5
java HelloWorld

Advanced Configuration#

Ansible Vault for Secrets#

1
# Create encrypted variables file
2
ansible-vault create group_vars/all/vault.yml
3

4
# Edit encrypted file
5
ansible-vault edit group_vars/all/vault.yml
6

7
# Use in playbook
8
ansible-playbook playbook.yml --ask-vault-pass

Dynamic Inventory Script#

Create dynamic_inventory.py:

1
#!/usr/bin/env python3
2
import json
3
import argparse
4

5
def get_inventory():
6
    inventory = {
7
        'web_servers': {
8
            'hosts': ['web1', 'web2'],
9
            'vars': {
10
                'http_port': 80
11
            }
12
        },
13
        '_meta': {
14
            'hostvars': {
15
                'web1': {
16
                    'ansible_host': '192.168.1.10'
17
                },
18
                'web2': {
19
                    'ansible_host': '192.168.1.11'
20
                }
21
            }
22
        }
23
    }
24
    return inventory
25

26
if __name__ == '__main__':
27
    parser = argparse.ArgumentParser()
28
    parser.add_argument('--list', action='store_true')
29
    parser.add_argument('--host', action='store')
30
    args = parser.parse_args()
31

32
    if args.list:
33
        print(json.dumps(get_inventory()))
34
    elif args.host:
35
        print(json.dumps({}))

Make it executable and test:

1
chmod +x dynamic_inventory.py
2
ansible -i dynamic_inventory.py all -m ping

Security Best Practices#

SSH Security#

1
# Configure SSH daemon
2
sudo nano /etc/ssh/sshd_config
3

4
# Recommended settings:
5
PermitRootLogin no
6
PasswordAuthentication no
7
PubkeyAuthentication yes
8
AllowUsers ansible

Ansible Security#

1
graph TD
2
    A[Security Measures] --> B[SSH Keys]
3
    A --> C[Ansible Vault]
4
    A --> D[Limited Sudo]
5
    A --> E[Network Segmentation]
6

7
    B --> F[4096-bit RSA]
8
    B --> G[Passphrase Protected]
9

10
    C --> H[Encrypted Passwords]
11
    C --> I[Encrypted Variables]
12

13
    D --> J[Specific Commands]
14
    D --> K[No Password Required]
15

16
    E --> L[Firewall Rules]
17
    E --> M[VPN Access]
18

19
    style A fill:#ff6b6b,stroke:#c92a2a,stroke-width:2px
20
    style B fill:#74c0fc,stroke:#1971c2,stroke-width:2px
21
    style C fill:#74c0fc,stroke:#1971c2,stroke-width:2px

Troubleshooting#

Common Issues and Solutions#

SSH Connection Refused

1
# Check SSH service
2
sudo systemctl status ssh
3

4
# Check firewall
5
sudo ufw status

Python Interpreter Not Found

1
# Install Python on managed node
2
ansible node -m raw -a "apt update && apt install -y python3"

Java Command Not Found

1
# Update alternatives
2
sudo update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-8-openjdk-amd64/bin/java 1

Debug Commands#

1
# Verbose Ansible output
2
ansible-playbook playbook.yml -vvvv
3

4
# Check Ansible configuration
5
ansible-config dump
6

7
# List all facts
8
ansible hostname -m setup

Performance Optimization#

Ansible Performance Tips#

1
# ansible.cfg optimizations
2
[defaults]
3
forks = 20
4
poll_interval = 15
5
strategy = free
6
gathering = smart
7
fact_caching = jsonfile
8
fact_caching_connection = /tmp
9
fact_caching_timeout = 86400
10

11
[ssh_connection]
12
pipelining = True
13
control_path = /tmp/ansible-%%h-%%p-%%r

Java Performance Tuning#

1
# Set Java heap size
2
export JAVA_OPTS="-Xms512m -Xmx2048m"
3

4
# Enable G1 garbage collector
5
export JAVA_OPTS="$JAVA_OPTS -XX:+UseG1GC"

Monitoring and Maintenance#

Monitoring Script#

1
#!/bin/bash
2
echo "=== Ansible Status ==="
3
ansible --version
4

5
echo -e "\n=== Reachable Hosts ==="
6
ansible all -m ping --one-line
7

8
echo -e "\n=== Java Version on Hosts ==="
9
ansible all -m shell -a "java -version 2>&1 | head -1" --one-line
10

11
echo -e "\n=== System Resources ==="
12
ansible all -m shell -a "free -h && df -h /" --one-line

Conclusion#

You now have a fully configured Ubuntu 20.04 system with Ansible and Java 8 installed. This setup provides:

Ansible automation capabilities for managing multiple nodes
Java 8 runtime for Java-based applications
Secure SSH connectivity between control and managed nodes
Optimized configuration for performance and security

Key takeaways:

Always use SSH keys for authentication
Keep your Ansible playbooks in version control
Use Ansible Vault for sensitive data
Regularly update both Ansible and Java
Monitor your managed nodes for consistency

This foundation enables you to automate infrastructure management, deploy applications, and maintain consistent environments across your systems.