ansible

Purpose

Ansible is an open-source automation tool that configures IT infrastructure, deploys applications, and orchestrates tasks using agentless YAML playbooks. It ensures idempotent operations, meaning runs produce the same result regardless of initial state, and operates over SSH without installing agents on target hosts.

When to Use

Use Ansible for repeatable infrastructure tasks in DevOps pipelines, such as provisioning servers, managing configurations across fleets, or deploying apps in dynamic environments. Apply it when you need agentless automation, like updating software on remote machines, orchestrating multi-step workflows, or integrating with CI/CD tools, but avoid it for real-time monitoring where tools like Prometheus are better suited.

Key Capabilities

Agentless Execution: Connects via SSH or WinRM; specify hosts in inventory files (e.g., /etc/ansible/hosts) with formats like [web:children] for grouping.
Idempotent Playbooks: Write YAML files that define tasks; e.g., a task to install a package only if absent.
Modules and Roles: Use built-in modules like
```
apt
```
for package management; organize code into roles for reusability, stored in directories like roles/webserver/tasks/main.yml.
Variables and Templates: Define vars in YAML (e.g., { "http_port": 80 }) and use Jinja2 templates for dynamic configs, like generating nginx.conf from a template.
Orchestration: Handle dependencies with plays that sequence tasks across hosts, ensuring ordered execution.

Usage Patterns

To automate tasks, create a playbook (e.g., site.yml) defining plays with hosts, tasks, and vars. Run it using ansible-playbook command. For dynamic inventories, use scripts that output JSON, like pulling from AWS EC2. Structure projects with an inventory file, group_vars for host-specific vars, and roles for modular code. Always test playbooks with --check flag first to simulate changes without applying them.

Common Commands/API

Run a Playbook:
```
ansible-playbook site.yml --check --diff
```
to simulate and show changes; add
```
-l web
```
to limit to a host group.
Ad Hoc Commands:
```
ansible web -m ping
```
to test connectivity; use
```
-a "uptime"
```
for arbitrary commands.

Manage Roles:

ansible-galaxy install geerlingguy.apache

to pull roles; build custom roles with

ansible-galaxy init role_name

Inventory and Vars: Set vars via
```
-e "var1=value1"
```
or environment vars like
```
export ANSIBLE_HOST_KEY_CHECKING=False
```
to bypass host key verification.
API Integration: Ansible's Python API via
```
ansible_runner
```
library; e.g., import ansible_runner and run
```
interface.run(playbook='site.yml', extravars={'key': 'value'})
```
to execute programmatically. For authentication, use env vars like
```
$ANSIBLE_PRIVATE_KEY_FILE=/path/to/key.pem
```
for SSH keys or
```
$ANSIBLE_BECOME_PASS
```
for sudo passwords.

Integration Notes

Integrate Ansible with CI/CD tools like Jenkins by triggering playbooks via scripts; e.g., in a Jenkinsfile:

sh 'ansible-playbook deploy.yml -e "env=prod"'

. For cloud providers, use dynamic inventories; e.g., configure AWS with

export AWS_ACCESS_KEY_ID=$AWS_KEY

and run

ansible-playbook -i ec2.py site.yml

. Combine with Terraform by running Ansible post-provisioning; ensure vars are passed via files or env vars. Use version control: store playbooks in Git and pull them in pipelines.

Error Handling

In playbooks, use blocks with rescue and always clauses; e.g.:

- block:
    - debug: msg="Task succeeded"
  rescue:
    - debug: msg="Error occurred"
  always:
    - debug: msg="Cleanup step"

Check command exit codes; e.g., in scripts:

ansible-playbook site.yml && echo "Success" || echo "Failed"

. For common issues, enable verbose output with

-vvv

to debug SSH connections or module failures. Use facts gathering to handle variable errors, and set

ignore_errors: yes

for non-critical tasks, but only when appropriate to avoid masking issues.

Concrete Usage Examples

Deploy a Web Server on Ubuntu Hosts: Create a playbook (webserver.yml) with tasks to install Apache:

- hosts: webservers
  tasks:
    - name: Install Apache
      apt:
        name: apache2
        state: present

Run it with:

ansible-playbook webserver.yml -i inventory.txt --become

to elevate privileges.

Configure Multiple Hosts for NTP: Write a playbook (ntp_config.yml) to sync time:

- hosts: all
  tasks:
    - name: Install NTP
      yum:
        name: ntp
        state: latest
    - name: Start NTP service
      service:
        name: ntpd
        state: started

Execute:

ansible-playbook ntp_config.yml -l ntp_hosts

to target specific groups.

Graph Relationships

Related to: terraform (for infrastructure as code), kubernetes (for container orchestration), jenkins (for CI/CD integration), all within the devops-sre cluster.
Dependencies: Often pairs with vault for secret management.
Conflicts: Avoid with tools like Puppet if agent-based management is preferred.

ansible

NPX Install

Tags

SKILL.md Content

ansible

Purpose

When to Use

Key Capabilities

Usage Patterns

Common Commands/API

Integration Notes

Error Handling

Concrete Usage Examples

Graph Relationships