You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
What is Ansible
What is Ansible
Ansible is an open-source automation tool developed by Red Hat that simplifies configuration management, application deployment, orchestration, and infrastructure as code (IaC). It is designed to be minimal, consistent, and easy to learn, using human-readable YAML files to describe automation tasks.
A Brief History
- 2012 --- Michael DeHaan creates Ansible and releases it as open source
- 2013 --- Ansible, Inc. is founded to provide commercial support
- 2014 --- Ansible Galaxy launches as a community hub for sharing roles
- 2015 --- Red Hat acquires Ansible, Inc. for approximately $150 million
- 2017 --- Ansible Tower is rebranded; AWX (the open-source upstream) is released
- 2019 --- Ansible Collections are introduced to modularise content
- 2023 --- Ansible Lightspeed with IBM watsonx Code Assistant launches
- Today --- Ansible is one of the most widely adopted automation tools in the DevOps ecosystem
Why Ansible?
1. Agentless Architecture
Unlike tools such as Chef or Puppet, Ansible does not require an agent to be installed on managed nodes:
- Communicates over SSH (Linux/Unix) or WinRM (Windows)
- No background daemons consuming resources on managed hosts
- Reduces security surface --- fewer open ports and running services
- Simplifies bootstrapping --- just need SSH access and Python
2. Push-Based Model
Ansible uses a push model by default:
| Model | How It Works | Examples |
|---|---|---|
| Push | The control node pushes configuration to managed nodes on demand | Ansible |
| Pull | Agents on managed nodes periodically pull configuration from a server | Puppet, Chef |
Tip: Ansible can also operate in a pull mode using
ansible-pull, which clones a Git repository and runs a local playbook on a schedule.
3. Human-Readable Automation
Ansible uses YAML (Yet Another Markup Language) for its automation files, making them easy to read, write, and version-control:
- name: Install and start nginx
hosts: webservers
tasks:
- name: Install nginx
apt:
name: nginx
state: present
- name: Start nginx service
service:
name: nginx
state: started
enabled: true
4. Idempotency
Ansible tasks are idempotent --- running them multiple times produces the same result. If a package is already installed or a service is already running, Ansible will not make unnecessary changes.
Configuration Management vs Orchestration
| Concept | Description | Ansible Feature |
|---|---|---|
| Configuration Management | Ensuring servers are in a desired state | Playbooks, Roles |
| Orchestration | Coordinating tasks across multiple systems | Plays, serial, delegation |
| Provisioning | Creating infrastructure resources | Cloud modules, Terraform integration |
| Application Deployment | Deploying and updating applications | Playbooks, rolling updates |
Ansible can handle all four, making it a versatile tool in the DevOps toolchain.
Ansible vs Other Tools
| Feature | Ansible | Puppet | Chef | Salt |
|---|---|---|---|---|
| Architecture | Agentless (SSH) | Agent-based | Agent-based | Agent or agentless |
| Language | YAML | Puppet DSL | Ruby DSL | YAML / Jinja2 |
| Model | Push (default) | Pull | Pull | Push and Pull |
| Learning Curve | Low | Medium | High | Medium |
| Master Required | No (control node only) | Yes (Puppet Server) | Yes (Chef Server) | Yes (Salt Master) |
| Idempotent | Yes | Yes | Yes | Yes |
| Windows Support | Yes (WinRM) | Yes | Yes | Yes |
Key Terminology
| Term | Definition |
|---|---|
| Control Node | The machine where Ansible is installed and from which automation is run |
| Managed Node | A target machine managed by Ansible (also called a host) |
| Inventory | A list of managed nodes organised into groups |
| Module | A unit of code that Ansible executes on managed nodes (e.g., apt, copy, service) |
| Task | A single action using a module |
| Play | A set of tasks applied to a group of hosts |
| Playbook | A YAML file containing one or more plays |
| Role | A reusable, self-contained collection of tasks, variables, files, and templates |
| Facts | System information automatically gathered from managed nodes |
| Handler | A task triggered by a notification from another task |
How Ansible Works
Control Node Managed Nodes
+----------------+ +-----------------+
| ansible or | SSH/WinRM | Target Host 1 |
| ansible-playbook| -----------> | (no agent) |
| | +-----------------+
| Inventory | +-----------------+
| Playbooks | SSH/WinRM | Target Host 2 |
| Roles | -----------> | (no agent) |
+----------------+ +-----------------+
- You write a playbook describing the desired state
- Ansible connects to managed nodes via SSH
- Ansible copies small programs (modules) to the managed nodes
- Modules execute, make changes if needed, and return results
- Ansible removes the temporary modules and reports results
Use Cases
- Server provisioning --- configure new servers with the right packages, users, and services
- Application deployment --- deploy applications with zero-downtime rolling updates
- Security hardening --- enforce security baselines across all servers
- Cloud infrastructure --- provision and manage AWS, Azure, GCP, and other cloud resources
- Network automation --- configure routers, switches, and firewalls
- Container orchestration --- manage Docker, Kubernetes, and Podman environments
- Compliance --- ensure systems comply with regulatory standards (PCI, HIPAA, SOC2)
Summary
Ansible is an agentless, push-based automation tool that uses human-readable YAML to describe infrastructure as code. Its low learning curve, idempotent design, and broad ecosystem make it one of the most popular tools in the DevOps landscape. In the next lesson, we will install Ansible and run our first commands.