Ansible Fundamentals
Agentless configuration management with Ansible's push model and idempotent modules.
Theory
Ansible configures servers and deploys software. Its defining traits:
- Agentless — it connects over SSH (WinRM on Windows); nothing to install on managed nodes
- Push model — a control node pushes changes to the inventory of hosts
- Idempotent modules — tasks declare desired state (e.g. “package present”), so re-running changes nothing if already correct
- YAML — playbooks are human-readable
Where Terraform provisions infrastructure, Ansible shines at configuring it — installing packages, editing files, managing services. Many teams use both.
Real-World Example
# Ad-hoc command across an inventory
ansible webservers -m ping
ansible webservers -m apt -a "name=nginx state=present" --become# inventory.ini
[webservers]
web1.example.com
web2.example.comHands-On Exercise
- Explain why “agentless” is an advantage for Ansible.
- Write an inventory file with a group of two hosts.
- Run an ad-hoc command (in words) to ensure a package is installed.
- Describe what idempotency means for a re-run of a playbook.
Cheat Sheet▾
| Concept | Detail |
|---|---|
| Transport | SSH (agentless) |
| Model | Push from control node |
| Inventory | Hosts + groups |
| Module | Unit of work (declares state) |
| Idempotent | Re-run = no change if correct |
| Ad-hoc | ansible group -m module -a args |
| Privilege | --become (sudo) |
Common Interview Questions▾
Why is Ansible called agentless, and why does it matter?
It connects over SSH/WinRM and needs nothing installed on managed hosts. That lowers setup, attack surface, and maintenance compared to agent-based tools.
How does Ansible differ from Terraform?
Terraform provisions infrastructure declaratively (and tracks state); Ansible configures existing systems (packages, files, services) via an agentless push model. They’re complementary.
Official Documentation
📝 My notes on this topic
Auto-saves as you type