Today, we’ll break down Ansible, an open-source IT automation engine for DevOps, in simple terms. Imagine you need to apply the same security patch across 100 servers. Logging into each server manually would be a nightmare, right? This is where Ansible comes in. Today, we’ll dive deep into Ansible, a powerful tool for IT infrastructure automation.
1. What is Ansible?
Ansible is an open-source IT automation engine that automates provisioning, configuration management, application deployment, orchestration, and many other IT processes. Created by Michael DeHaan in 2012 and acquired by Red Hat in 2015, it has become widely adopted in enterprise environments.
The standout feature of Ansible is its simplicity. You can get started quickly without complex setup, and even system administrators without coding experience can learn it easily. When I first encountered Ansible, I was able to create simple server automation within a day.
2. Why Choose Ansible? (5 Key Advantages)
Agentless Architecture
Ansible uses an agentless architecture, meaning you don’t need to install any software on the nodes you want to manage. Unlike other tools like Chef or Puppet that require agents on every managed server, Ansible only needs SSH protocol. No more installing and managing agents across 100 servers!
Human-Readable YAML Syntax
Ansible uses human-readable YAML templates, allowing users to automate repetitive tasks without learning advanced programming languages. For example, installing Nginx on a server looks like this:
- name: Install Nginx
apt:
name: nginx
state: latest
It reads almost like plain English.
Secure SSH-Based Communication
Ansible uses SSH protocol to connect to servers and execute tasks. It connects to remote machines using SSH keys, and root login is not required. Since it leverages SSH that we already use for server management, no additional security setup is needed.
Idempotency Guarantee
Ansible tasks are idempotent. This means running the same task multiple times produces the same result. For example, running a “create user account” task 10 times will only create the account once. If the desired state is already achieved, Ansible changes nothing.
Fast Deployment Time
Ansible has a much shorter learning curve compared to other automation tools. You can create basic automation tasks in a few hours and apply them in production within days.
3. Understanding Core Components
To use Ansible effectively, you need to understand a few key concepts.
Control Node
The system where Ansible is installed. This is where you run commands like ansible or ansible-inventory. Your laptop or a management server can be a control node.
Requirements:
- Python 3.8 or newer
- Nearly any UNIX-like system (Linux, macOS, BSD)
- Windows via WSL (Windows Subsystem for Linux)
Managed Nodes
The remote systems or hosts that Ansible controls. These are the target servers you want to automate.
Requirements:
- Python installed (usually pre-installed)
- SSH access
- No Ansible agent needed
Inventory
A logically organized list of managed nodes. This file defines which servers you want to manage.
Basic Inventory example:
[webservers]
web1.example.com
web2.example.com
web3.example.com
[databases]
db1.example.com
db2.example.com
[production:children]
webservers
databases
You can group servers for easier management.
Modules
Programs that Ansible uses to perform automation tasks. They represent the desired state of the system.
Ansible includes hundreds of built-in modules:
apt,yum: Package managementcopy,file: File managementservice: Service managementuser,group: User/group managementmysql_db,postgresql_db: Database management
You can also write custom modules in any language that returns JSON, such as Ruby, Python, or Bash.
Playbook
Ansible Playbooks provide a repeatable, reusable configuration management and multi-machine deployment system. They’re essentially recipes for your automation tasks.
4. Installing Ansible – Practical Guide
Let’s install Ansible. Here are instructions for different operating systems.
Linux (Ubuntu/Debian) Installation
You can install Ansible using pipx or pip. The recommended method is pipx:
# Install pipx (if not already installed)
sudo apt update
sudo apt install pipx
pipx ensurepath
# Install Ansible
pipx install --include-deps ansible
Or use pip:
# Install Python and pip
sudo apt update
sudo apt install python3 python3-pip
# Install Ansible
python3 -m pip install --user ansible
If you prefer package managers:
sudo apt-add-repository ppa:ansible/ansible
sudo apt update
sudo apt install ansible
Linux (CentOS/RHEL) Installation
# Add EPEL repository
sudo yum install epel-release
# Install Ansible
sudo yum install ansible
macOS Installation
# Using Homebrew (easiest)
brew install ansible
# Or using pip
python3 -m pip install --user ansible
Windows Installation
Windows requires WSL (Windows Subsystem for Linux):
# Run PowerShell as Administrator
wsl --install
# After WSL restart, inside Ubuntu
sudo apt update
sudo apt install python3 python3-pip
python3 -m pip install --user ansible
Verify Installation
ansible --version
If the version displays correctly, installation is successful!
5. First Ansible Practice – Hello World
Let’s use Ansible with the simplest example.
Step 1: Create Inventory File
Create a working directory and inventory file:
mkdir ~/ansible-practice
cd ~/ansible-practice
Create inventory file:
[test_servers]
localhost ansible_connection=local
Using localhost lets you practice without additional servers.
Step 2: Run Ansible Ad-hoc Commands
Execute simple commands without a playbook:
# Ping test
ansible -i inventory test_servers -m ping
# Check disk usage
ansible -i inventory test_servers -m shell -a "df -h"
# Check current time
ansible -i inventory test_servers -m command -a "date"
Step 3: Write Your First Playbook
Create hello-world.yml:
---
- name: My First Ansible Playbook
hosts: test_servers
tasks:
- name: Ping hosts
ansible.builtin.ping:
- name: Print Hello World message
ansible.builtin.debug:
msg: "Hello! Welcome to the world of Ansible!"
- name: Check current date and time
ansible.builtin.command: date
register: current_date
- name: Display date
ansible.builtin.debug:
var: current_date.stdout
Step 4: Run the Playbook
ansible-playbook -i inventory hello-world.yml
Each task runs in order and you’ll see the results!
6. Real-World Example – Automated Web Server Setup
Let’s tackle a common real-world scenario: automatically installing and configuring an Nginx web server.
Prepare Project Directory Structure
First, create the project directory structure:
mkdir -p ~/ansible-webserver/{templates,files}
cd ~/ansible-webserver
Production Inventory File
Create production_inventory file:
[webservers]
web1.example.com ansible_user=ubuntu
web2.example.com ansible_user=ubuntu
web3.example.com ansible_user=ubuntu
[webservers:vars]
ansible_ssh_private_key_file=~/.ssh/id_rsa
Create Nginx Configuration Template
Create templates/nginx-site.j2:
server {
listen {{ nginx_port }};
server_name _;
root /var/www/{{ site_name }};
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
Web Server Setup Playbook
Create webserver-setup.yml:
---
- name: Web Server Setup and Deployment
hosts: webservers
become: yes # Use sudo privileges
vars:
nginx_port: 80
site_name: "mywebsite"
tasks:
- name: Update system packages (Ubuntu/Debian)
ansible.builtin.apt:
update_cache: yes
when: ansible_os_family == "Debian"
- name: Install Nginx
ansible.builtin.apt:
name: nginx
state: latest
when: ansible_os_family == "Debian"
- name: Create web directory
ansible.builtin.file:
path: "/var/www/{{ site_name }}"
state: directory
owner: www-data
group: www-data
mode: '0755'
- name: Create index.html file
ansible.builtin.copy:
content: |
<!DOCTYPE html>
<html>
<head>
<title>{{ site_name }}</title>
</head>
<body>
<h1>Website automatically deployed with Ansible!</h1>
<p>Server hostname: {{ ansible_hostname }}</p>
<p>Deployment time: {{ ansible_date_time.iso8601 }}</p>
</body>
</html>
dest: "/var/www/{{ site_name }}/index.html"
owner: www-data
group: www-data
mode: '0644'
- name: Create Nginx site configuration file
ansible.builtin.template:
src: templates/nginx-site.j2
dest: "/etc/nginx/sites-available/{{ site_name }}"
notify: Reload Nginx
- name: Enable site
ansible.builtin.file:
src: "/etc/nginx/sites-available/{{ site_name }}"
dest: "/etc/nginx/sites-enabled/{{ site_name }}"
state: link
notify: Reload Nginx
- name: Disable default site
ansible.builtin.file:
path: /etc/nginx/sites-enabled/default
state: absent
notify: Reload Nginx
- name: Start Nginx and enable on boot
ansible.builtin.service:
name: nginx
state: started
enabled: yes
handlers:
- name: Reload Nginx
ansible.builtin.service:
name: nginx
state: reloaded
Execute the Playbook
# Syntax check
ansible-playbook webserver-setup.yml -i production_inventory --syntax-check
# Dry run (test without making changes)
ansible-playbook webserver-setup.yml -i production_inventory --check
# Actual execution
ansible-playbook webserver-setup.yml -i production_inventory
7. Advanced Ansible Features
Variables
Variables make playbooks more flexible:
---
- name: Variables Example
hosts: all
vars:
app_name: "myapp"
app_version: "1.0.0"
deploy_path: "/opt/{{ app_name }}"
tasks:
- name: Create deployment directory
ansible.builtin.file:
path: "{{ deploy_path }}"
state: directory
- name: Display version info
ansible.builtin.debug:
msg: "Deploying {{ app_name }} version {{ app_version }}"
Loops
Use loops to repeat tasks across multiple items:
- name: Install multiple packages
ansible.builtin.apt:
name: "{{ item }}"
state: present
loop:
- vim
- git
- curl
- htop
- tmux
- name: Create multiple users
ansible.builtin.user:
name: "{{ item.name }}"
groups: "{{ item.groups }}"
loop:
- { name: 'alice', groups: 'developers' }
- { name: 'bob', groups: 'devops' }
- { name: 'charlie', groups: 'developers' }
Conditionals
Execute tasks only under specific conditions:
- name: Update apt only on Ubuntu
ansible.builtin.apt:
update_cache: yes
when: ansible_distribution == "Ubuntu"
- name: Update yum only on CentOS
ansible.builtin.yum:
name: '*'
state: latest
when: ansible_distribution == "CentOS"
Handlers
Handlers execute only when changes occur, commonly used for service restarts:
tasks:
- name: Modify Nginx configuration
ansible.builtin.copy:
src: nginx.conf
dest: /etc/nginx/nginx.conf
notify: Restart Nginx
handlers:
- name: Restart Nginx
ansible.builtin.service:
name: nginx
state: restarted
Ansible Vault
Encrypt sensitive information like passwords:
# Create encrypted variable file
ansible-vault create secrets.yml
# Encrypt existing file
ansible-vault encrypt vars.yml
# Run playbook with encrypted file
ansible-playbook playbook.yml --ask-vault-pass
# Or use password file
ansible-playbook playbook.yml --vault-password-file ~/.vault_pass.txt
8. Latest Developments in Ansible – October 2025
Red Hat Ansible Automation Platform 2.6 was released in October 2025. Let’s look at the key new features.
AI-Powered Ansible Lightspeed
The Ansible Lightspeed Intelligent Assistant is now integrated directly into the Ansible Automation Platform UI, helping platform administrators install, configure, and maintain their automation environment.
Ask questions in natural language and receive AI-powered answers:
- “How do I configure Event-Driven Ansible?”
- “What is an Execution Environment?”
The system uses large language models (LLMs) to provide quick, accurate, personalized responses.
Automation Dashboard
The new automation dashboard lets you track and visualize key metrics like time savings, ROI (Return on Investment), and job success rates.
Measure the value of your automation in real-time and report to stakeholders.
Self-Service Automation Portal
The self-service automation portal provides a simplified web interface for business users to launch pre-approved automation jobs.
Developers create job templates, and team members can request automation through step-by-step forms without understanding complex playbook logic.
9. Using Ansible in DevOps
Ansible plays a central role in DevOps pipelines. Let’s look at real-world use cases.
CI/CD Pipeline Integration
Use Ansible with Jenkins, GitLab CI, or GitHub Actions for deployment automation:
# .gitlab-ci.yml example
deploy:
stage: deploy
script:
- ansible-playbook -i inventory/production deploy.yml
only:
- main
Infrastructure as Code (IaC)
Managing infrastructure as code enables version control and easier team collaboration:
# infrastructure.yml
- name: AWS EC2 Instance Provisioning
hosts: localhost
tasks:
- name: Create EC2 instances
amazon.aws.ec2_instance:
name: "web-server-{{ item }}"
key_name: mykey
instance_type: t2.micro
image_id: ami-12345678
region: us-east-1
state: running
loop: "{{ range(1, 4) | list }}"
Configuration Management
Manage configurations consistently across multiple environments (development, staging, production):
ansible-project/
├── inventories/
│ ├── development/
│ │ ├── hosts
│ │ └── group_vars/
│ ├── staging/
│ │ ├── hosts
│ │ └── group_vars/
│ └── production/
│ ├── hosts
│ └── group_vars/
├── playbooks/
│ ├── webserver.yml
│ ├── database.yml
│ └── monitoring.yml
└── roles/
├── nginx/
├── mysql/
└── prometheus/
10. Useful Resources for Learning Ansible
If you want to dive deeper into Ansible, here are recommended resources:
Official Documentation
- Ansible Official Documentation – Most reliable information
- Red Hat Learning Platform – Free hands-on labs
- Ansible Galaxy – Reusable roles and collections
Practice Environments
- Ansible official interactive labs: Practice directly in your browser
- GitHub Ansible Examples – Various real-world examples
Community
- Ansible Forum – Questions and answers
- Red Hat Developer Blog – Latest updates and best practices
Ansible has evolved beyond a simple server management tool to become essential for modern IT infrastructure operations. With its agentless architecture, human-readable YAML syntax, and powerful automation capabilities, it’s accessible to everyone from beginners to experts. Start by automating simple tasks and gradually expand to more complex scenarios. Just a few practice sessions can significantly reduce your repetitive workload. 🙂