Back to Blog
DevOpsAnsibleInfrastructure as CodeTutorial

Automate Configuration Management with Ansible

Complete DevOps tutorial on Ansible. Learn playbooks, roles, inventory, ad-hoc commands, idempotency.

Daniel Urbano
October 22, 2025
10 min read
Automate Configuration Management with Ansible

Automate Configuration Management with Ansible

Introduction

Ansible is a powerful open-source tool designed for configuration management, application deployment, and task automation. It enables DevOps and Site Reliability Engineers (SREs) to define the desired state of infrastructure and applications using simple, human-readable YAML files called playbooks. Ansible's agentless architecture allows it to manage systems without needing additional software installed on the target machines, making it lightweight and efficient.

Automation is a cornerstone of DevOps practices, and configuration management is vital for maintaining consistent environments across development, testing, and production. By utilizing Ansible, teams can ensure that their infrastructure is reproducible and scalable, reducing the risk of human error and enabling faster deployment cycles. Key scenarios for using Ansible include provisioning servers, deploying applications, and orchestrating complex workflows across multiple systems.

Prerequisites

Before diving into Ansible, ensure you have the following prerequisites:

  • Software:
    • Ansible installed (version 2.9 or later)
    • Python (version 3.6 or later) installed on your control machine
  • Cloud Subscriptions (if applicable):
    • Access to cloud providers (AWS, Azure, GCP) for provisioning resources
  • Permissions:
    • Sufficient privileges to deploy and manage servers
  • Tools:
    • SSH client for connecting to remote servers

You can install Ansible using pip:

pip install ansible

Core Concepts

Definitions

  • Playbook: A YAML file that defines a set of tasks to be executed on managed hosts.
  • Role: A way of organizing playbooks and associated files into reusable components.
  • Inventory: A file that contains information about the managed nodes (hosts).
  • Ad-hoc commands: Quick commands executed on remote hosts without creating a playbook.

Architecture

Ansible operates in a master-slave architecture where the control machine (master) communicates with managed nodes (slaves) over SSH. It does not require a server or agent on managed nodes, making it lightweight.

When to Use

Use Ansible when:

  • You need to automate repetitive tasks.
  • You want to ensure consistency across environments.
  • You seek to simplify complex deployments and orchestration.

Limitations

  • Ansible may not be as fast as agent-based tools for large-scale deployments.
  • Complex workflows can sometimes become unwieldy in playbooks.

Pricing Notes

Ansible is open-source and free to use. However, Red Hat offers Ansible Automation Platform for enterprise features and support.

Syntax/Configuration

Basic Commands

Inventory File

An inventory file defines the managed nodes:

[web]
server1 ansible_host=192.168.1.10
server2 ansible_host=192.168.1.11

[db]
dbserver ansible_host=192.168.1.20

Simple Playbook

A basic playbook to install Nginx on all web servers:

---
- name: Install Nginx
  hosts: web
  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present

Ad-Hoc Command

Running an ad-hoc command to ping all hosts:

ansible all -m ping

Parameter Tables

Parameter Description
hosts Target group from the inventory
tasks List of actions to be performed
ansible_host IP address of the managed node
state Desired state of the package

Practical Examples

Example 1: Basic Playbook

Create a playbook to install Apache:

---
- name: Install Apache
  hosts: web
  tasks:
    - name: Install Apache
      apt:
        name: apache2
        state: present

Run it with:

ansible-playbook install_apache.yml

Example 2: Using Variables

Define variables in a playbook:

---
- name: Install specified package
  hosts: web
  vars:
    package_name: nginx
  tasks:
    - name: Install package
      apt:
        name: "{{ package_name }}"
        state: present

Example 3: Roles

Create a role for Nginx:

ansible-galaxy init nginx

In nginx/tasks/main.yml:

- name: Install Nginx
  apt:
    name: nginx
    state: present

Use the role in a playbook:

---
- name: Deploy Nginx
  hosts: web
  roles:
    - nginx

Example 4: Handlers

Define a handler to restart Nginx upon configuration change:

---
- name: Configure Nginx
  hosts: web
  tasks:
    - name: Copy Nginx config
      template:
        src: nginx.conf.j2
        dest: /etc/nginx/nginx.conf
      notify: Restart Nginx

  handlers:
    - name: Restart Nginx
      service:
        name: nginx
        state: restarted

Example 5: Idempotency

Ansible ensures that tasks are idempotent. For instance, running the following playbook multiple times will not reinstall Nginx if it's already installed:

---
- name: Ensure Nginx is installed
  hosts: web
  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present

Example 6: Looping

Use loops to install multiple packages:

---
- name: Install multiple packages
  hosts: web
  tasks:
    - name: Install packages
      apt:
        name: "{{ item }}"
        state: present
      loop:
        - nginx
        - git
        - curl

Example 7: Templates

Using Jinja2 templates to configure files:

---
- name: Configure web server
  hosts: web
  tasks:
    - name: Deploy index.html
      template:
        src: index.html.j2
        dest: /var/www/html/index.html

Example 8: Conditional Execution

Execute tasks based on conditions:

---
- name: Conditional task execution
  hosts: web
  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present
      when: ansible_os_family == "Debian"

Real-World Scenarios

Scenario 1: Multi-Tier Application Deployment

Deploy a multi-tier application (frontend, backend, database) using a combination of roles and playbooks:

  1. Inventory: Define groups for each tier.
  2. Playbooks: Create separate playbooks for each tier, ensuring dependencies are managed.
  3. Orchestration: Use Ansible to orchestrate the deployment order.

Scenario 2: Configuration Drift Management

Use Ansible to continually enforce configuration compliance:

  1. Playbooks: Regularly run playbooks to ensure server configurations match the desired state.
  2. Reporting: Utilize Ansible's output to generate reports on compliance.

Scenario 3: Cloud Provisioning

Provision and configure resources in cloud environments (e.g., AWS, Azure) using Ansible:

  1. Inventory: Use dynamic inventory scripts to manage cloud instances.
  2. Playbooks: Automate the entire lifecycle of cloud resources, from creation to configuration.

Best Practices

  1. Use Roles for Reusability: Organize playbooks into roles for easier management and reuse across projects. ✅
  2. Version Control: Store playbooks in a version control system to track changes and collaborate effectively. 🔧
  3. Test Playbooks: Use tools like Molecule to test roles and playbooks in isolated environments. 💡
  4. Document Playbooks: Maintain clear documentation for each playbook and role for future reference. ✍️
  5. Limit Privilege: Use Ansible's become feature with caution to limit privileges and enhance security. ⚠️

Common Errors

  1. SSH Connection Issues:

    • Error: UNREACHABLE! => {"msg": "SSH Error: ..."}
    • Cause: Incorrect SSH configuration or network issues.
    • Fix: Ensure SSH keys are correctly configured and the target host is reachable.

  2. Module Not Found:

    • Error: ERROR! the requested module 'apt' was not found in ansible's module path
    • Cause: Missing or incorrectly installed Ansible modules.
    • Fix: Verify Ansible installation and module availability.

  3. Permission Denied:

    • Error: Permission denied (publickey).
    • Cause: Incorrect SSH key or insufficient permissions.
    • Fix: Ensure the correct SSH key is used and the user has the necessary permissions.

  4. Syntax Errors:

    • Error: ERROR! Syntax Error while loading YAML.
    • Cause: Incorrect YAML formatting.
    • Fix: Validate YAML syntax using online tools or linters.

Related Services/Tools

Tool/Service Description Pros Cons
Puppet Configuration management tool Strong reporting Requires an agent
Chef Automates infrastructure management Code-driven configurations Steeper learning curve
SaltStack Event-driven automation and configuration management Scalable architecture Complex setup
Terraform Infrastructure as Code (IaC) tool Strong cloud integration State management complexity
Kubernetes Container orchestration platform Great for microservices Learning curve

Automation Script

Here's a simple bash script to automate the installation of Ansible and a basic playbook execution:

#!/bin/bash
# Script to install Ansible and run a basic playbook

# Update system packages
sudo apt update

# Install Ansible
sudo apt install -y ansible

# Create a simple inventory file
cat <<EOL > inventory.ini
[web]
localhost ansible_connection=local
EOL

# Create a basic playbook
cat <<EOL > install_nginx.yml
---
- name: Install Nginx
  hosts: web
  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present
EOL

# Run the playbook
ansible-playbook -i inventory.ini install_nginx.yml

Conclusion

In this tutorial, we've explored the fundamentals of Ansible for automating configuration management. By leveraging playbooks, roles, and inventory files, DevOps teams can ensure that their infrastructure is consistent and easily managed. The practical examples provided illustrate various capabilities of Ansible, while best practices and common errors guide you towards effective and error-free automation.

Next Steps

  • Explore the official Ansible documentation for deeper insights.
  • Experiment with more complex playbooks and roles.
  • Consider integrating Ansible with CI/CD pipelines for continuous deployment.

References