Master Ansible: From Basics to Advanced Automation without Agents

Ansible

1. Overview

Operations tools can be divided into two categories based on whether they require an agent program:

agent (requires an agent): puppet, func, zabbix

agentless (no agent needed): ansible, fabric

2. Introduction

Ansible is a simple automation and configuration management tool written in Python, built on Paramiko and PyYAML, used for automated application deployment, configuration, and task orchestration (continuous delivery, zero‑downtime updates). A new major version is released roughly every two months.

Ansible vs SaltStack – The biggest difference is that Ansible does not require any client agent on managed hosts; it uses SSH by default. Both provide powerful, flexible system management and state configuration, rich templating and APIs, and good support for cloud platforms and big data.

1. Features

Simple deployment: only the control node needs Ansible installed; managed nodes require no changes. Uses SSH protocol by default. Centralized master‑slave management. Simple configuration, powerful functionality, strong extensibility. Supports API and custom modules; can be extended with Python. Playbooks enable powerful configuration and state management. Good support for cloud platforms and big data. Provides a feature‑rich web UI and REST API via the AWX platform. Idempotent operations: repeated execution yields the same result.

Brief evaluation :

Lightweight, no client agent required; updates are performed only on the control machine.

Batch tasks can be scripted without distributing scripts to remote hosts.

Implemented in Python, easier to maintain than Ruby‑based tools.

Supports sudo.

2. Ansible Architecture Diagram

3. Core Components

Ansible: the core program. Host Inventory: records information of each managed host (SSH port, root credentials, IP, etc.). Can be loaded from a file or CMDB. Playbooks: YAML files that define multiple tasks; used to specify which hosts run which modules. Core Modules: perform actual management tasks; Ansible calls these modules on target hosts. Custom Modules: user‑defined modules written in any language to extend functionality. Connection Plugins: handle communication between Ansible and hosts.

4. Execution Process

3. Basic Environment Installation and Configuration

1. SSH password‑less login configuration

(1) SSH key generation

ansiblemaster: 10.1.6.172 CentOS 7.2

ansibleslave1: 10.1.6.72 CentOS 7.2

ansibleslave2: 10.1.6.73 CentOS 7.2

ansibleslave3: 10.1.6.68 CentOS 6.8

Generate public/private key # ssh-keygen -N '' Distribute keys

# ssh-copy-id [email protected]
# ssh-copy-id [email protected]
# ssh-copy-id [email protected]

Test

Note

[root@ansible_master ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 10.1.6.72
-bash: ssh-copy-id: command not found
Solution: yum -y install openssh-clients

2. Ansible installation and environment

Install # yum install ansible Programs

ansible
ansible-playbook
ansible-doc

Configuration file /etc/ansible/ansible.cfg Host inventory: /etc/ansible/hosts Plugin directory:

/usr/share/ansible_plugins/

3. Ansible command usage

Common options

ansible -m MOD_NAME -a MOD_ARGS
...

4. Ansible inventory configuration

vim /etc/ansible/hosts

Define hosts directly:

blue.example.com
192.168.100.1

Define a group:

[webservers]
alpha.example.org
beta.example.org
192.168.1.100
# wildcard example
www[001:006].example.com

Using password authentication:

[keepalived]
keepalived1 ansible_ssh_host=192.168.146.136 ansible_ssh_pass="test"
keepalived2 ansible_ssh_host=192.168.146.137 ansible_ssh_pass="test"

5. Using ansible-doc

General usage

ansible-doc -l # list modules

ansible-doc -s MOD_NAME # show module help

[root@localhost ~]# ansible-doc -h
Usage: ansible-doc [options] [module...]
...

Testing: success

4. Ansible usage – “command management mode”

Common modules

ping – check host reachability

command – execute a command on remote host (does not support pipe)

ansible storm_cluster -m command -a "ls –al /tmp/resolv.conf"

Options: creates, free_form, chdir, removes, executable

shell – run commands via remote shell, supports pipes

copy – copy files to remote host, can set permissions

(1) copy file
-a "src=  dest=  "
(2) create file from content
-a "content=  dest=  "

file – manage file attributes

-a "path=... state=directory"
-a "path=... src=... state=link"
-a "path=... state=absent"

fetch – retrieve files from remote host

cron – manage cron jobs ansible all -m cron -a "name='sync time' state=absent" yum – install packages (also apt, zypper)

name= package name
state=present|latest|absent

service – manage services ansible all -m service -a 'name=httpd state=started' group – manage groups

- name: add or delete group
action: group
gid: ...
name: ...
state: present|absent

User – manage users

- name: create user
action: user
name: ...
state: present|absent
... (other options)

setup – gather facts from a host

Further content to be continued.