Ansible is a powerful, open-source tool for automating and configuring IT infrastructure. It helps developers and operations teams perform complex IT tasks easily, without extensive programming. Ansible uses SSH—Secure Shell, a protocol for secure remote access—to manage thousands of servers, and does so without requiring a special program (agent) to be installed on those servers.
During Ansible training, participants learn how to automate processes such as software deployment, system updates, and service coordination. Ansible’s simple installation process, flexibility, and integration with tools such as Docker and DevOps systems contribute to its popularity among organizations. This guide explores what Ansible is and highlights its key features.
What is Ansible?
Ansible is a free, open-source tool for automating configuration management and software deployment. Written in Python, it communicates over SSH and does not require agents on target nodes. This design makes Ansible lightweight and efficient for DevOps processes such as managing a VPS or running containers.
Since Ansible is widely regarded as a simple, secure, and scalable solution for IT teams, this article provides a deeper look into its installation, architecture, and usage.
How Does Ansible Work?
Ansible is an open-source tool in the IT automation domain that sends a series of commands and tasks to target systems using a simple YAML-based syntax. This process automates configuration, software deployment, and service coordination. Ansible communicates with hosts via SSH, so there is no need to install an agent on the target servers.
This feature, known as “Agentless” (meaning no extra software is needed on managed systems), makes Ansible easier to install and set up than similar tools. All tasks are defined in Playbooks, which are text files using the YAML format. YAML (YAML Ain’t Markup Language) is a way to structure data in a readable way. These files can contain a series of tasks, modules (pre-written actions Ansible can perform), and variables. The goal is for systems to remain in the desired state with minimal unnecessary changes, enabling reliable large-scale operations.
Ansible Architecture
Red Hat outlines the key components of Ansible’s architecture as follows:
Control Node: The device where Ansible runs, responsible for issuing commands and managing all operations.
Managed Nodes: Servers managed via SSH, which do not require an agent to be installed on them.
Inventory: A file that stores the list of servers and their groupings. The Inventory is usually written in YAML (a readable data format) or INI (a simple configuration file format).
Modules, Playbooks, and Plugins: Modules execute specific tasks; Playbooks contain collections of tasks; and Plugins provide additional capabilities.
Idempotent: Idempotency is a property where running the same operation multiple times produces the same result—no unintended changes occur with repeated runs. For example, running a Playbook repeatedly won’t alter systems that are already correctly set up.
What are the Uses of Ansible?
Ansible is an all-in-one automation tool, designed to handle tasks such as configuration management (setting up and maintaining computer systems), software deployment (installing software on multiple computers), and more. In Ansible training, it is presented as a powerful solution for coordinating thousands of servers. Configuration management ensures that all systems remain in a specific, desired state and follow predefined settings.
Software deployment, whether for a simple web server or complex clusters, is done with precision and speed. Ansible also integrates with CI/CD tools and containerization technologies, making it an efficient solution for companies or organizations that use cloud infrastructure or buy a VPS. It helps reduce errors and increases productivity.
Features of Ansible
The key features of Ansible include the following:
- Agentless and SSH protocol: No need to install agents on target machines; communication is via SSH.
- Easy to learn and use: Ansible’s clear syntax makes it accessible for newcomers.
- Idempotency: This means Ansible won’t make unnecessary changes. If a Playbook is run multiple times, it ensures systems already in the desired state remain unchanged. Only systems that need updating will be modified.
- DevOps integration: Works well with Jenkins, GitLab CI/CD, and similar tools.
- Scalable management: Efficiently handles small or large-scale server groups.
- Flexible: Supports various configurations, deployments, and scripting needs.
Steps to Install Ansible
Here are the installation steps outlined in the article:
Prerequisites
To follow this tutorial, you need the following:
- An Ansible Control Node: This is the system that serves as the central point of management, communicating with and controlling Ansible hosts via SSH. Your control node can be either a local system or a dedicated Ansible server. This tutorial assumes that your control node is running Ubuntu 20.04. Make sure your control node meets the following requirements:
- A non-root user with sudo access. Follow steps 2 and 3 in the Ubuntu 20.04 server setup guide to create a new user. If you’re using a remote server as the control node, ensure you follow all the steps in the guide. These steps include configuring UFW on the firewall and enabling external access for a non-root user, ensuring the security of your remote server.
- A pair of SSH keys associated with this user.
- One or more Ansible Hosts: Ansible hosts are the machines configured by the control node for automation. This tutorial assumes your hosts are remote Ubuntu 20.04 servers. Ensure each host:
- Has the public SSH key of the control node been added to the authorized_keys file of a system user (either root or a user with sudo access).
Step 1: Installing Ansible
To start using Ansible to manage server infrastructure, you need to install the software on the machine that will act as the control node.
On the control node, first add the official PPA repository of the project to the system’s list of sources:
sudo apt-add-repository ppa:ansible/ansible
When the confirmation message appears, press ENTER. Then, update the system package index to make the packages in this new repository available:
sudo apt update
After this update, you can run the command to install Ansible:
sudo apt install ansible
Now your control node has all the necessary software to manage the hosts. Next, we’ll learn how to add hosts to the control node’s Inventory file so they can be managed.
Step 2: Setting Up the Inventory File
The Inventory file contains information about the hosts you manage with Ansible. Hosts are computers or servers that Ansible can configure. This file can include anywhere from a few to hundreds of servers, and hosts can be organized into groups and subgroups. You can also define variables in the Inventory that are specific to certain hosts or groups. Variables are placeholders for values you can reuse in Playbooks and templates. Some variables, such as ansible_python_interpreter, specify which Python interpreter to use, thereby affecting how Playbooks are executed.
To edit the default Inventory, open the /etc/ansible/hosts file on the control node:
sudo nano /etc/ansible/hosts
Note: By default, Ansible creates an Inventory file at /etc/ansible/hosts, but you can also create a custom Inventory file in any location. When running commands or Playbooks, you must specify the file path using the -i parameter. Using a custom Inventory for each project reduces the risk of running a Playbook on the wrong group.
The default Inventory file includes examples that you can use as templates. The following example defines a group called [servers] with three different servers, each having an alias. Make sure to replace the IPs with the actual IPs of your hosts:
[servers] server1 ansible_host=203.0.113.111 server2 ansible_host=203.0.113.112 server3 ansible_host=203.0.113.113
[all:vars] ansible_python_interpreter=/usr/bin/python3
The [all:vars] subgroup sets the ansible_python_interpreter variable so that all hosts in this Inventory use Python 3 instead of Python 2.7, since Python 2.7 is no longer available in newer Ubuntu versions.
After editing, save the file and exit (CTRL+X, then Y and ENTER).
To view the Inventory, you can run:
ansible-inventory --list -y
This command will display the Inventory structure, including groups, hosts, and their associated variables.
Step 3: Testing the Connection
After setting up the Inventory, it’s time to check if Ansible can connect to the servers and execute commands over SSH.
In this tutorial, the root account is used, as it is typically the only active account on freshly provisioned servers. However, if you have a regular sudo user on the hosts, it’s better to use that.
To test the connection, run the following command:
ansible all -m ping -u root
This command uses Ansible’s built-in ping module to check the following:
- Host accessibility
- Validity of SSH credentials
- Ability to run Ansible modules with Python
If the operation is successful, the output will contain the message “ping”: “pong”, indicating that the connection and the module execution are working as expected.
Step 4: Running Ad-Hoc Commands (Optional)
Once the connection is successfully established, you can execute Ad-Hoc commands or Playbooks on the servers.
For example, to check the disk space on all servers, you can run:
ansible all -a "df -h" -u root
To install the latest version of the Vim editor on all hosts, use the following command:
ansible all -m apt -a "name=vim state=latest" -u root
You can also target specific hosts or groups, like in the following example:
ansible servers -a "uptime" -u root
In this example, the uptime command will run only on hosts in the [servers] group.
How to Work with Ansible
Ansible is an open-source IT automation tool, written in Python, that allows you to configure systems, deploy software, and automate complex processes—such as Ansible training—through organizational workflows.
Both versions—Community Ansible and the Ansible Automation Platform—are built on a similar architecture:
- Control Node: This is the machine or server where Ansible is installed and where command execution, such as Playbooks, is controlled.
- Managed Nodes: These are the devices that the control node interacts with, and Ansible operates on them without installing any agent. Ansible sends the required small modules to these nodes, executes them, and then cleans up, maintaining the connection via SSH or WinRM. This agentless nature makes Ansible installation and operation simple and lightweight.
Ansible modules are designed to bring the system to the desired state without making unnecessary changes. This is why Ansible has the Idempotent feature: running a Playbook repeatedly will make changes only when necessary; otherwise, the system’s state remains unchanged.
For managing devices that cannot run modules directly (such as some routers or networking equipment), Ansible interacts only with the control node. In the enterprise version, technologies such as automation mesh can distribute tasks across execution nodes, preserving scalability in complex environments.
Connection Process:
- Inventory File: Ansible first checks the Inventory file to know which hosts to manage.
- Authentication: Using authentication information (such as SSH keys or other methods), it connects to these hosts and executes tasks.
- External Resources: If needed, Ansible can connect to resources such as Vault (for secure password management), central authentication systems like LDAP or Kerberos, and even cloud solutions such as AWS, Azure, or Google Cloud.
Conclusion
In this article, we’ve explored in detail what Ansible is, how it works, and the benefits it offers in the DevOps space. With its simple architecture and agentless nature, Ansible makes the installation and management of servers—whether physical, cloud-based, or even buying a VPS—fast and secure. By using the SSH protocol, supporting numerous modules, and offering Idempotency, Ansible has become a reliable tool for automating infrastructure. Its integration with tools such as Docker and Jenkins makes it ideal for running advanced, scalable processes. For teams seeking speed, security, and error reduction, Ansible is an ideal choice.
FAQs
- Why use Ansible?
Ansible, due to its agentless nature, quick setup, and SSH compatibility, does not require additional software to be installed on the hosts. This reduces costs, increases security, and simplifies the management of servers such as VPS or cloud servers. - How does Ansible work?
From the control node, Ansible retrieves the list of hosts from the Inventory file and connects to them via SSH. It then executes the necessary modules and brings the system to the desired state without making unnecessary changes. - Is Ansible only for servers?
No. In addition to servers, Ansible can manage and automate network devices, cloud services, databases, containers, and even applications. This flexibility is what makes it a popular tool in DevOps.
