Mastering Configuration Management using

Ansible
ANSIBLE:
an open-source automation tool that simplifies IT tasks such as
configuration management, application deployment, and
infrastructure orchestration. It is known for being agentless, meaning
it doesn’t require any software or daemons to be installed on managed
nodes.
Key Features:
• Agentless Architecture
• Simple and Declarative Language
• Idempotency
• Cross-Platform
• Extensibility
• Community Support

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Why Choose Ansible?

In today’s fast-paced IT environments, managing servers,

applications, and infrastructure manually isn’t just
inefficient—it’s prone to errors. Ansible steps in as the go-to
automation tool, offering simplicity and flexibility that meet
modern IT needs.
Ansible is more than just an automation tool—it’s a
game-changer. By eliminating manual errors, saving time, and
enabling consistency, it empowers IT teams to focus on
innovation instead of repetitive tasks

Key Concepts of Ansible:

• Inventory (Static and Dynamic)
• Modules
• Tasks
• Roles
• Playbooks
• Variables
• Handlers
• Facts
• Collections
• Templates
• Vault
• Galaxy collections

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Prerequisites:
• A supported OS version
• Python version 3.6 or later
• Access to an internet connection

Follow the below link for installing ansible

https://docs.ansible.com/ansible/latest/installation_guide/index.htm
l
Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1
Installing Ansible on Ubuntu Machine:
• sudo apt update -y
# It will update the apt package on machine
• sudo apt install python3
# Installing python on machine
• sudo apt install ansible
# Installing ansible on machine
• ansible –version
# checking ansible version

After installing ansible on ubuntu machine create the conf file

1. create a directory for ansible
-> mkdir /home/ubuntu/ansible
2. in this directory creating ansible.cfg file
-> vim ansible.cfg
3. ansible.cfg contains the all configuration items such as
inventory, playbooks, user and password & more

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Ansible.cfg contains below details:
Inventory: where your hosts are placed
Remote_user: username
Playbooks: where playbooks are stored
Keys & Password: To connect hosts
More and more based on the management

Playbooks:
Playbooks are YAML files that group tasks into plays. They
define what tasks to run, on which hosts, and in what order.

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Role:
Roles provide a structured way to organize playbooks, tasks,
variables, and other files. They are reusable and ideal for large-
scale projects.
Role creation in Ansible:
Syntax: ansible-galaxy role init <role_name>
Example: ansible-galaxy role init webserver

Role’s In Ansible: Structure

Role contains:
Main.yml, vars, files, handlers, templates, meta, default, tests.

For more details about playbooks and roles:

https://github.com/suryaT1/Ansible_automation
Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1
 Yes, we can manage and configure the services
which are present on AWS by using Ansible.

Refer below Document:

https://galaxy.ansible.com/ui/repo/published/amazon/aws/d
ocs/

Prerequisites:

Installing AWS CLI on machine:

• sudo apt install snapd

• sudo snap install aws-cli --classic
• aws --version
• aws configure
• aws configure list

aws required packages:

• sudo apt install python3-venv
• python3 -m venv ansible_venv
• source ansible_venv/bin/activate
• pip install boto3 botocore
• python -c "import boto3; print(boto3.__version__)"
• deactivate

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Once above prerequisites completed successfully on ubuntu machine
Then run the simple playbook to test

Example: creation of ec2 machine on AWS by ansible playbook.

Playbook details:
https://github.com/AnsibleMaker/AnsibleVthAWS/blob/main/create
EC2.yml

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Above playbook will run on ansible control node (ubuntu machine)
and using aws credentials which were stored in aws configure.
on earlier page we have provided inventory details via static files
while dealing cloud technologies such as AWS, Azure, IBM cloud etc.
always best practise is using the “Dynamic Inventory “.

What is diff b/w Static vs Dynamic Inventory?

The difference between Static Inventory and Dynamic Inventory in

Ansible is primarily in how the list of hosts (or servers) is managed
and retrieved

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Static Inventory:
Below is the example of how static inventory looks.

Dynamic Inventory:

Below is the example of how dynamic inventory looks

Here we are calling ec2 instance details using plugins and as well
filters beign used for to get the target machines specificly.
Regions : where the ec2 devices are hosted
Filters: Getting devices based on specificly
Hostnames: Ansible try to login with either name or IP

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Using dynamic inventory playbook :
Main.yml

Ansible.cfg

Key points :
• If dealing with Dynamic inventory we need to make sure
the ansible.cfg inventory has to be updated with the
playbook where we updated the aws inventory.
• aws_ec2.yaml playbook contains the aws data using
ansible modules
• main.yml playbook runs on ec2 machines
• ansible.cfg contains ansible configuration settings
more details about dynamic playbook
https://github.com/AnsibleMaker/dynamic_inventory/tree/main

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Using ansible to create EC2 machine:
Module used: amazon.aws.ec2_instance

• https://galaxy.ansible.com/ui/repo/published/amazon/aws/content/mod
ule/ec2_instance/?keywords=ec2

Github:
https://github.com/AnsibleMaker/AnsibleVthAWS/tree/main

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Ansible Vault:

is a feature in Ansible that allows you to store sensitive data, such

as passwords, API keys, and certificates, securely within your Ansible
projects. This enables you to use encrypted variables, files, or
credentials in your playbooks, reducing the risk of exposing sensitive
information
Playbook: https://github.com/AnsibleMaker/Ansible_Vault/tree/main
Cmnds to create vault:

ansible-vault create <file name>

create Create new vault encrypted file

decrypt Decrypt vault encrypted file

edit Edit vault encrypted file

view View vault encrypted file

encrypt Encrypt YAML file

encrypt_string Encrypt a string

rekey Re-key a vault encrypted file

PROXY /BASTION CONNECTIVITY:

Proxy/Bastion Connectivity in Ansible is commonly used when you
need to connect to servers that are not directly accessible from your
local machine or the Ansible control node, but are accessible through
a jump server or bastion host. A bastion host is a secure server used
to access other servers within a private network, typically behind a
firewall.

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

Key Concepts for Proxy/Bastion in Ansible:
• Bastion Host: A server that acts as an intermediary between the
Ansible control node and the target hosts in a private network.
• SSH Proxy: This involves configuring SSH to use the bastion host
as a proxy when connecting to the target server.

Git: https://github.com/AnsibleMaker/ansible_proxy/tree/main

Using Proxy/Bastion connectivity with Ansible allows you to

securely manage and automate tasks on servers that are not
directly accessible from your control node.

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1

References :

Ansible documentation: https://docs.ansible.com/ansible/latest/

To check syntax online: https://www.yamllint.com/
Ansible document for AWS:
https://galaxy.ansible.com/ui/repo/published/amazon/aws/conten
t/
GitHub: https://github.com/AnsibleMaker
AWS_CLI: https://docs.aws.amazon.com/cli/
GIT_REPO: https://github.com/orgs/AnsibleMaker/repositories

Author: SURYA TATIKAYALA || Mail: [email protected] |Git: https://github.com/suryaT1