What is Ansible?

Ansible is an open-source automation tool used for configuration management, application

deployment, task automation, and orchestrating complex IT processes. It allows you to define tasks
and configurations in a declarative manner using YAML files, making it easier to manage and
automate the setup and maintenance of servers and infrastructure. Ansible is agentless, meaning it
doesn't require software to be installed on the target machines, and it can be used for various IT
operations, including server provisioning, software installation, and system updates.

Why Ansible?

There are several reasons why organisations choose to use Ansible for automation:

1. **Simplicity**: Ansible uses a simple, human-readable YAML syntax for defining tasks and
configurations, making it easy to understand and use.

2. **Agentless**: Ansible doesn't require an agent to be installed on target machines, which

simplifies deployment and management.

3. **Idempotent**: Ansible ensures that tasks can be run multiple times without causing issues,
making it safer and more predictable.

4. **Wide Applicability**: It can be used for a wide range of automation tasks, including
configuration management, application deployment, cloud provisioning, and more.

5. **Open Source**: Ansible is open-source, which means it's cost-effective and has a strong
community and ecosystem.

6. **Integration**: It integrates with a variety of cloud providers, networking devices, and other
infrastructure components.

7. **Reusability**: Playbooks and roles in Ansible can be reused, saving time and effort in creating
automation scripts.

8. **Scalability**: Ansible can manage both small and large infrastructures, making it suitable for
businesses of all sizes.

9. **Auditability**: Ansible provides logs and tracking of changes, enhancing security and
compliance.

10. **Community and Support**: It has an active community, with a wealth of resources and
community-contributed roles, and there are also commercial offerings for professional support.

These features make Ansible a popular choice for automating and managing IT infrastructure, as it
simplifies complex tasks and ensures consistency across systems.

Benefits of Ansible?
Ansible is an open-source automation and configuration management tool that simplifies IT
operations by automating repetitive tasks and ensuring consistency in system configurations. Here's
an overview of Ansible:

1. **Agentless**: Ansible operates without requiring agent software to be installed on target

machines. It uses SSH for Linux/Unix systems and WinRM for Windows systems to establish
connections.

2. **Declarative**: Automation tasks are defined in Ansible playbooks using a declarative YAML
syntax. You specify the desired state of the system, and Ansible takes care of achieving and
maintaining that state.

3. **Playbooks**: Playbooks are Ansible's automation scripts. They contain a series of tasks that are
executed sequentially or in parallel on target hosts. Playbooks are easy to read and can be version-
controlled.

4. **Modules**: Ansible modules are reusable, standalone scripts that perform specific tasks, such
as managing packages, users, files, and services. Ansible provides a wide range of built-in modules,
and you can also create custom ones.

5. **Roles**: Roles are a way to organize and reuse playbooks and tasks. They help in structuring
your automation code for better manageability and reusability.

6. **Inventory**: Ansible uses an inventory file to define the hosts it will manage. You can group
hosts, apply variables, and dynamically generate inventories from external sources.

7. **Idempotent**: Ansible ensures idempotence, meaning running a playbook multiple times won't
produce unexpected results. It only makes necessary changes to bring the system to the desired
state.

8. **Orchestration**: Ansible can orchestrate complex tasks and workflows by defining

dependencies between different playbooks and tasks.

9. **Integration**: Ansible integrates with a wide range of technologies, including cloud providers
(AWS, Azure, Google Cloud), networking devices, databases, and more.

10. **Community and Ecosystem**: Ansible has a strong and active community that contributes
roles, modules, and resources. There are also commercial offerings for support and additional
features.

11. **Security**: Ansible helps manage SSH keys and offers security best practices to protect
automation workflows.

12. **Auditing and Logging**: Ansible provides detailed logs and reporting to track changes and
maintain a record of tasks performed.

13. **Scalability**: It can be used to manage a few servers or scale to thousands, making it suitable
for organizations of all sizes.
Ansible is a powerful tool for automating system administration, configuration management,
application deployment, and orchestration. Its simplicity, agentless nature, and extensive community
support have made it a popular choice for IT automation.

Terminology of Ansible?

Ansible has several key terminologies that are important to understand when working with the tool:

1. **Control Node**: The machine where Ansible is installed and from which automation tasks are
executed. It's also where you define and run playbooks.

2. **Managed Node**: The target machine or host where Ansible performs tasks. It can be a server,
network device, or any system you want to automate.

3. **Inventory**: A list of managed nodes that Ansible can connect to. It's defined in an inventory
file and can include groups, variables, and dynamic inventories.

4. **Playbook**: A YAML file that contains a series of tasks to be executed on one or more managed
nodes. Playbooks are the main building blocks of Ansible automation.

5. **Task**: An individual action defined within a playbook. Tasks can include module invocations,
file operations, package management, and more.

6. **Module**: Reusable, standalone scripts that perform specific tasks on managed nodes. Ansible
provides a wide range of built-in modules, such as "apt," "yum," and "service."

7. **Role**: A pre-defined and reusable set of playbooks, tasks, and variables that organize
automation logic. Roles make it easier to structure and manage complex automation projects.

8. **Fact**: System information gathered from managed nodes, which can be used in playbooks and
templates. Facts are collected by Ansible automatically.

9. **Handler**: A special type of task used to trigger actions, like restarting a service, based on the
outcome of other tasks. Handlers are typically defined at the end of a playbook.

10. **Ad-Hoc Command**: One-off commands that can be run directly from the command line
without the need for a playbook. Useful for quick tasks or troubleshooting.

11. **Idempotence**: The property that ensures that running a task or playbook multiple times will
not change the system's state after the initial application.

12. **Inventory File**: A file where you define your managed nodes, groups, and variables. Ansible
reads this file to know which hosts to manage.

13. **Vault**: Ansible Vault is a feature for encrypting sensitive data within playbooks or variable
files, providing an extra layer of security.

14. **Callbacks**: Customizable output and notification plugins that control how Ansible reports the
results of tasks and playbooks.
15. **Roles Path**: The directory where Ansible looks for roles. By default, it's set to "roles/" in your
Ansible project directory.

16. **Fact Gathering**: The process of collecting system information from managed nodes, which
can be used as variables within playbooks.

These are some of the core terminologies in Ansible, and understanding them is essential for
effectively using Ansible for automation and configuration management.

Setup of Ansible

). Here are the general steps to set up Ansible:

1. **Choose a Control Node**:

- Select a machine (physical or virtual) to be your Ansible control node. This should be a Linux
system, as Ansible is primarily designed for Unix-like systems.

2. **Install Ansible**:
- You can install Ansible on the control node using your system's package manager. For example, on
a Debian-based system, you can use `apt`:
```
sudo apt update
sudo apt install ansible
```
- On Red Hat-based systems, you can use `yum`:
```
sudo yum install ansible
```

3. **Verify Installation**:
- After installation, confirm that Ansible is working by running:
```
ansible --version
```

4. **Set Up SSH Keys**:

- Ansible uses SSH to connect to managed nodes. Ensure that the control node can SSH into
managed nodes without a password. You can achieve this by creating SSH keys and copying your
public key to the managed nodes.
- Generate an SSH key pair on the control node if you don't already have one:
```
ssh-keygen
```
- Copy the public key to the managed nodes. You might use `ssh-copy-id` for this:
```
ssh-copy-id user@managed_node
```

5. **Create an Inventory File**:

 - The inventory file lists the managed nodes that Ansible will work with. You can create an
inventory file (e.g., `inventory.ini`) and define your hosts and groups. Example:
```
[web]
webserver1 ansible_host=192.168.1.10
webserver2 ansible_host=192.168.1.11

[db]
dbserver ansible_host=192.168.1.20
```

6. **Test the Connection**:

- You can test the connection to managed nodes using the `ansible` command. For example:
```
ansible -m ping -i inventory.ini all
```

7. **Create Playbooks**:
- Write Ansible playbooks to automate tasks on your managed nodes. Playbooks are written in
YAML and describe the tasks you want to perform.

8. **Run Playbooks**:
- Execute playbooks using the `ansible-playbook` command. For example:
```
ansible-playbook -i inventory.ini myplaybook.yml
```

9. **Scaling and Customization**:

- As your Ansible usage grows, you can organize your playbooks into roles, use variables, and
explore advanced features to tailor Ansible to your specific needs.

10. **Security and Best Practices**:

- Ensure that you follow security best practices when handling sensitive data in playbooks, and
consider using Ansible Vault for encryption.

These steps provide a basic setup for Ansible. Depending on your specific use case and environment,
you may need to adjust your Ansible configuration and infrastructure accordingly.

Difference between Command Line and Playbook.

The key difference between the command line and a playbook in Ansible lies in how you interact
with Ansible to perform automation tasks:

1. **Command Line**:
- **Ad-Hoc Commands**: The command line is where you can run ad-hoc Ansible commands.
These are one-off commands executed directly from the terminal to perform quick tasks without the
need for creating playbooks.
- **Quick and Simple**: Ad-hoc commands are suitable for simple and immediate tasks. For
example, you can use ad-hoc commands to check server status or restart a service on a remote
machine.
 - **Limited Complexity**: Ad-hoc commands are less suitable for complex, multi-step automation
tasks.

2. **Playbook**:
- **Automation Scripts**: Playbooks are YAML files that contain a series of tasks and roles. They
provide a structured way to define and run automation scripts in Ansible.
- **Structured Automation**: Playbooks are ideal for more complex automation scenarios. You can
define dependencies, use variables, loops, and conditionals, and structure your automation logic
effectively.
- **Reusability**: Playbooks and roles are reusable and can be version-controlled, making them
suitable for automating recurring tasks and managing infrastructure.

In summary, you'd use the command line for quick, one-off tasks and simple checks, while you'd
create playbooks for structured, complex automation tasks and to manage your infrastructure in a
more organized and reusable manner. The choice between them depends on the specific automation
needs and the complexity of the task at hand.

Commands of Ansible.

Ansible provides a command-line interface for executing various tasks and commands. Here are
some common Ansible command examples:

1. **Running Ad-Hoc Commands**:

- To ping all hosts in your inventory:

```
ansible all -m ping
```

- To gather system facts from a specific host:

```
ansible <hostname> -m setup
```

- To copy a file to remote hosts:

```
ansible all -m copy -a "src=localfile.txt dest=/path/remotefile.txt"
```

- To install a package on remote hosts using a package manager:

```
ansible all -m yum -a "name=httpd state=present" # For Red Hat based systems
```

2. **Running Playbooks**:

- To execute a playbook:
```
ansible-playbook myplaybook.yml
 ```

- To specify an inventory file for a playbook:

```
ansible-playbook -i inventory.ini myplaybook.yml
```

- To limit playbook execution to a specific host or group:

```
ansible-playbook -i inventory.ini myplaybook.yml --limit myhost
```

3. **Using Ansible-Vault**:

- To encrypt a variable file with Ansible Vault:

```
ansible-vault encrypt myvars.yml
```

- To edit an encrypted variable file:

```
ansible-vault edit myvars.yml
```

4. **Managing SSH Keys**:

- To add an SSH key to a remote host (useful for passwordless authentication):

```
ssh-copy-id user@remote_host
```

These are just a few examples of Ansible commands. Ansible offers a wide range of modules and
options for various automation tasks, and you can tailor commands to your specific needs, making it
a powerful tool for managing and automating IT infrastructure.