BestHub
search
Sign in
Operations 27 min read

Master Ansible: From Basics to Advanced Automation with Playbooks and Roles

This comprehensive guide introduces Ansible's core concepts, architecture, and key features, then walks through installation, inventory configuration, command usage, module options, playbook creation, handlers, and role-based organization, providing practical examples and code snippets for effective automation across Linux and mixed environments.

Efficient Ops
Efficient Ops
Efficient Ops
Master Ansible: From Basics to Advanced Automation with Playbooks and Roles

Ansible Overview

Ansible is a rapidly popular open‑source automation tool that improves operational efficiency and reduces human error by providing a rich set of built‑in modules and a simple, agent‑less architecture.

Key Characteristics

Developed in Python, making extensions easy for engineers.

Thousands of built‑in modules cover most management tasks.

One command can control thousands of hosts.

Agent‑less operation via SSH.

Adopted by major cloud providers and enterprises.

Ansible Roles

Users: How to use Ansible for automation?

Toolset: What functions can Ansible perform?

Targets: Which hosts can Ansible manage?

Users

Users can interact with Ansible through CMDB integration, public/private APIs (PHP, Python, Perl, etc.), ad‑hoc command sets, or pre‑written Playbooks.

Ansible interaction diagram
Ansible interaction diagram

Toolset

Ansible consists of Inventory, Modules, Plugins, and API.

Playbooks: YAML files that define ordered tasks.

Inventory: Host list, supports grouping.

Modules: Execute specific actions on hosts.

Plugins: Extend functionality (connection, loop, variable, filter).

API: Enables programmatic integration.

Targets

Ansible can manage Linux, non‑Linux systems, and various network devices, both public and private.

Ansible Installation and Configuration

Installation

Installation is straightforward; on RPM‑based systems only Python and SSH are required.

<code># cd /mnt/ansiblerepo/ansiblerepo/repodata/
# vim /etc/yum.repos.d/local.repo
[local]
name=centos
baseurl=file:///mnt/ansiblerepo/ansiblerepo
enabled=1
gpgcheck=0
# yum -y install ansible</code>

Verify Installation

<code># ansible --version
ansible 2.3.1.0
config file = /etc/ansible/ansible.cfg
python version = 2.7.5</code>

SSH Key‑Based Authentication

<code># ssh-keygen -t rsa
# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
# ssh-copy-id -i .ssh/id_rsa.pub [email protected]</code>

Inventory Configuration

The default inventory file is

/etc/ansible/hosts

. Hosts are grouped using brackets, and groups can be referenced in commands.

<code># vim /etc/ansible/hosts
[web]
192.168.100.20
192.168.100.30
[test]
www.benet.com:222
[mail]
yj1.kgc.cn
yj[2:5].kgc.cn</code>

Ansible Commands

Common commands start with

ansible

. Examples:

ansible all -m ping

– checks connectivity.

ansible web -m command -a "systemctl status httpd" --limit "192.168.100.20"

– runs a command on a specific host.

ansible web -m shell -a "echo hello world"

– executes a shell command.

Modules Overview

command : Executes a command without shell features.

shell : Executes a command with full shell support.

copy : Copies files to remote hosts.

hostname : Manages remote hostnames.

yum : Manages packages via yum.

service : Controls services (start, stop, restart).

user : Manages user accounts.

Playbook Configuration

Playbooks are YAML files that describe a series of tasks. They replace repetitive command‑line usage and support handlers, roles, and variables.

<code>---
- hosts: web1
  remote_user: root
  tasks:
    - name: adduser
      user: name=user1 state=present
      tags: [aaa]
    - name: addgroup
      group: name=root system=yes
      tags: [bbb]
- hosts: web2
  remote_user: root
  tasks:
    - name: copy file to web
      copy: src=/etc/passwd dest=/home
      tags: [ccc]
...</code>

Key elements:

hosts – target machines or groups. remote_user – default remote execution user. tasks – list of actions defined by modules. handlers – tasks triggered by notifications. roles – reusable collections of tasks, handlers, files, templates, and variables.

Running Playbooks

<code># ansible-playbook --syntax-check /etc/ansible/a.yml
# ansible-playbook -C /etc/ansible/a.yml   # dry‑run
# ansible-playbook --list-hosts /etc/ansible/a.yml
# ansible-playbook /etc/ansible/a.yml</code>

Handlers and Roles

Handlers execute only when notified by a task, ensuring actions like service restarts happen after configuration changes.

<code>---
- hosts: web1
  tasks:
    - name: change port
      command: sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
      notify: [restart httpd]
  handlers:
    - name: restart httpd
      service: name=httpd state=restarted
...</code>

Roles are stored under

/etc/ansible/roles/

and follow a standard directory layout (files, templates, tasks, handlers, vars, meta, defaults). They enable modular, reusable automation.

Ansible role directory structure
Ansible role directory structure
automationconfiguration managementDevOpslinuxAnsibleRolesPlaybooks
Efficient Ops
Written by

Efficient Ops

This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment