You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Ansible is an open-source automation framework that uses YAML playbooks to define automation tasks. It is agentless — it connects to devices over SSH or APIs without requiring any software to be installed on the managed devices. This makes it ideal for network automation, where you cannot install agents on routers and switches.
| Feature | Benefit for Network Engineers |
|---|---|
| Agentless | No software to install on network devices |
| YAML-based | Human-readable, no programming required |
| Idempotent | Safe to run repeatedly without side effects |
| Multi-vendor | Modules for Cisco, Arista, Juniper, Palo Alto, and more |
| Community | Thousands of modules and roles on Ansible Galaxy |
| Extensible | Write custom modules in Python |
| Version control | Playbooks stored in Git like any other code |
┌─────────────────────────────────────────┐
│ Control Node │
│ (Linux/macOS with Ansible installed) │
│ │
│ inventory.yaml playbook.yaml │
│ group_vars/ host_vars/ │
│ roles/ templates/ │
└────────────┬────────────────────────────┘
│
SSH / NETCONF / API
│
┌───────┼───────────┐
▼ ▼ ▼
[Router] [Switch] [Firewall]
Managed Managed Managed
Nodes Nodes Nodes
| Component | Description |
|---|---|
| Control node | The machine where Ansible runs (Linux or macOS) |
| Managed nodes | The devices being automated (routers, switches, firewalls) |
| Inventory | List of managed devices and their variables |
| Playbook | YAML file defining tasks to execute |
| Module | A unit of work (e.g., cisco.ios.ios_config) |
| Role | Reusable, structured set of tasks |
| Collection | Package of modules, roles, and plugins |
# Install Ansible
pip install ansible
# Install network collections
ansible-galaxy collection install cisco.ios
ansible-galaxy collection install arista.eos
ansible-galaxy collection install junipernetworks.junos
The inventory defines which devices to manage:
# inventory.yaml
all:
children:
routers:
hosts:
core-rtr-01:
ansible_host: 192.168.1.1
core-rtr-02:
ansible_host: 192.168.1.2
vars:
ansible_network_os: cisco.ios.ios
ansible_connection: ansible.netcommon.network_cli
ansible_user: admin
ansible_password: secret
ansible_become: true
ansible_become_method: enable
ansible_become_password: enable_secret
switches:
hosts:
access-sw-01:
ansible_host: 192.168.1.10
access-sw-02:
ansible_host: 192.168.1.11
vars:
ansible_network_os: arista.eos.eos
ansible_connection: ansible.netcommon.network_cli
ansible_user: admin
ansible_password: secret
A playbook defines a list of tasks to run against inventory hosts:
# show_version.yaml
---
- name: Gather device information
hosts: routers
gather_facts: false
tasks:
- name: Run show version
cisco.ios.ios_command:
commands:
- show version
register: version_output
- name: Display output
ansible.builtin.debug:
msg: "{{ version_output.stdout_lines[0] }}"
# Run the playbook
ansible-playbook -i inventory.yaml show_version.yaml
# configure_ntp.yaml
---
- name: Configure NTP on all routers
hosts: routers
gather_facts: false
tasks:
- name: Set NTP servers
cisco.ios.ios_config:
lines:
- ntp server 10.0.0.50
- ntp server 10.0.0.51
save_when: modified
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.