Ansible

Ansible is a system that helps automatically manage servers in a computer network. It facilitates delivery and deployment, that is, the transfer and launch of software products on servers.

With Ansible, developers, system administrators, and network engineers can quickly configure servers to run software. This is easier and more convenient than manual configuration, especially if you have many servers or a highly distributed network.

The name “ansible” comes from the science fiction books of Ursula Le Guin: that’s what they called devices for communication in space.

The system is open source and free, so any developer can view its source code and adapt it to their needs.

What is Ansible, and why is it needed?

Ansible is a system that operates on the “infrastructure as a code” principle. This approach describes server infrastructure using code and configuration files. Information about server settings, permissions, and installed software is stored in dedicated files.

• A developer can write configuration files themselves and configure the server manually. However, if there are many servers, this process can be quite lengthy and labor-intensive. 
• You can write scripts that configure the servers, but this is also not the best solution – you will have to write many different scripts, since the servers have different systems and capacities.

That’s why developers have come up with automated configuration management systems, and Ansible is one of them. In such systems, all you need to do is describe the desired state and how to achieve it. The system will automatically handle everything necessary and configure the server itself. As a result, the complex configuration becomes much simpler and faster.

Features of Ansible

There are many automated configuration management systems, each with its own unique features. Ansible operates on a slightly different principle than other popular solutions.

Push instead of pull. A network of multiple servers often looks like this: there are master machines and slaves. The standard approach in configuration management systems is called pull: slaves “pull” information from the master. In Ansible, it’s the opposite; by default, a push approach is used: the master server itself “pushes” information to the slaves. In practice, the difference is that it’s the slaves, not the master, that need to be accessible. However, Ansible can also be configured to use pull mode if needed.

Using an SSH infrastructure. Configuration management systems typically require a dedicated environment to operate. Ansible, by contrast, works with an existing SSH environment—the standard, secure protocol for remote server management. This makes Ansible more versatile: no additional software needs to be installed for the system to work. All it requires is Python.

Declarativity. Ansible uses a declarative approach to writing code. This means that the developer doesn’t need to describe the program’s actions directly, but rather the result it should achieve. How exactly this will be achieved is no longer necessary, which again reduces setup time.

Information collection. One important thing to remember when getting started with Ansible is that it will always collect information about servers unless you specify otherwise. This isn’t a bad thing, but it can sometimes be overkill.

How Ansible Works

Ansible’s architecture itself is quite simple. The system consists of:

• From the main management server, Ansible is installed, and commands are issued from there. Users, the database, and cloud systems connect to the server, and commands can be issued to it using playbooks—we’ll discuss them below.
• dependent servers, or hosts – they can be configured and set up from the main one.

The management server contains an API, modules, and plugins for working with various software solutions, as well as an inventory from which it retrieves host information. We’ll talk about the inventory a little later.

A set of modules for working with server software

Ansible has a fairly extensive set of modules for interacting with various software components. This means it can work out of the box with a huge range of software commonly used on servers. For example:

• with databases and DBMS ;
• cloud systems and storage;
• template engines and popular file formats;
• package managers like apt, pip, or npm;
• programs for notifications and monitoring;
• the kernel and other Linux components.

For all of this, Ansible has its own set of modules, available immediately after installation. Therefore, to work with popular server software using Ansible, you usually don’t need to download additional libraries or tools. It handles components right out of the box.

Hosts: storing a list of servers

One of Ansible’s components is the inventory, a special storage location where Ansible stores host information. By default, this storage is located at /etc/ansible/hosts on Linux systems. The hosts file contains a list of dependent servers. These can be grouped and named: database servers, DNS servers, and so on. You can also assign “parent” and “child” groups.

You can specify individual parameters and variables for each host. However, defining them in the hosts file is considered a bad practice, as it would make the file too large and difficult for developers to understand. Therefore, Ansible has several additional variable storage options:

• group_vars stores variables specific to certain groups.
• hosts_vars contains host variables;
• <role>/vars describes variables for a specific role. We’ll talk about roles a bit later.

Ansible Playbook: hosts, tasks, and more

Playbooks in Ansible are script files. They are created in the human-readable YAML format and contain information about the desired outcome and on which machines. While they are not necessary for simple tasks, playbooks are generally considered the foundation of Ansible. Examples of playbook scripts in their simplest form look something like this:

— (beginning of document)

— hosts: <server name to which changes should be applied>

— tasks: <the state to which the server should be brought>

These are the basic parameters of an Ansible playbook, but there are others—they are specified before executing tasks to clarify commands or provide instructions. For example:

• vars: <variables to be used when executing the script>;
• user / remote_user: <username for authorization in the system on the server; in new versions, the remote_user parameter is used, in older versions it is simply user>;
• sudo: <execute a command on behalf of another user, usually the root superuser, the parameter takes the values ​​yes and no>;
• gather_facts: <whether to collect host information, default is yes: Ansible collects data about servers unless otherwise specified>.

Roles: automation of routine

Roles are an Ansible tool for solving common tasks faster. Instead of a tasks block, you can specify a role in a playbook: a template set of tasks and variables. This is useful if, for example, you need to assign the same task to different servers and don’t want to write multiple task blocks.

Ansible Features

Thanks to its convenient structure, Ansible is quite easy to work with. The process looks something like this:

1. Fill in the hosts file, specify a list of dependent servers, their domain names, or IP addresses.
2. Specify the variables needed for connection. For example, a server might require a username. By default, communication between servers is via SSH using a key.
3. Write a playbook, specifying which hosts need to be worked with and what to do. Save the playbook to a file.
4. Give Ansible a command to run the playbook.

And for some actions, playbooks aren’t needed at all. For example, you can get information about a specific host with a simple console command. And if you need to perform the same actions in different playbooks, roles can help.

The result is a convenient and simple yet functional system. The developer can:

• issue a command to one host, a group of hosts, or all nodes at once;
• define a standard set of variables to use repeatedly;
• write roles and reuse command sets;
• Use playbooks to issue complex commands and refine them.

There’s no need to install any special software on dependent servers; popular server programs work out of the box. We won’t go into too much detail about how it works, but sometimes a couple of lines of code are all it takes to configure multiple servers.

Benefits of Ansible

Ease of learning. Ansible is quite easy to learn, with a relatively low entry barrier, an active and welcoming community, and detailed documentation. Furthermore, the system is popular, often used for server management, and its relatively simple codebase also helps with learning curves.

Easy-to-understand languages. Ansible itself is written in Python and also uses the YAML format. Both of these languages ​​have human-readable syntax and are easy to navigate, and Python is natively supported on many Linux systems. Python is also one of the most popular languages ​​in the world, meaning it’s widely known. Additional modules for Ansible can be written in any language.

A wide range of components. Thanks to a large number of modules and plugins, Ansible can work with popular server software out of the box, eliminating the need to download multiple, complex auxiliary programs.

SSH operation. While configuration systems typically require a dedicated environment, Ansible can operate over the standard SSH protocol, eliminating the need to install any separate software on secondary servers to communicate with it. Standard communication tools between computers are sufficient.

Flexible configuration. With pull and push functionality, support for parallel requests, and a wide range of command and variable configurations, Ansible offers a wealth of features. Working with it is easy, and the system already offers solutions for many common tasks.

Disadvantages of Ansible

Lack of state management. Many management systems have state management: tracking what’s currently happening on dependent servers. For example, state management helps keep track of which dependencies are installed on different hosts to avoid conflicts. Ansible doesn’t have this: it simply runs the tasks it’s assigned to without monitoring the host’s state. This is inconvenient for some.

Lack of a user-friendly GUI. Initially, Ansible was a purely command-line program. A graphical interface version was later released, but it’s still quite crude and unfinished, lacking full functionality and occasionally prone to errors. Therefore, whenever possible, it’s best to use Ansible from the console.

Poor Windows compatibility. Ansible initially supported only Unix-like operating systems, including Linux. Starting with version 1.7, Windows support was added, but it’s still incomplete. It requires PowerShell, and on Windows, you’ll still need to install the Linux module.

How to get started with Ansible

To install Ansible, you need Python installed on your computer. Many Linux distributions include Python by default, but if your system doesn’t have it, you’ll need to install it first. We don’t recommend trying Ansible on Windows, as it’s more complex and less convenient.

Then you can download and install Ansible with one command in the console: 

sudo apt install ansible

Then you can start defining the hosts file and mastering playbooks. To successfully work with Ansible, you’ll need to learn YAML—though it’s a fairly simple format that can be mastered in a day. Ansible’s command syntax and capabilities are described in detail in its documentation.