• automation engine for provisioning, configuration management, application deployment orchestration and more
• basic workflow:
  1. connects to machines (inventory)
  2. push module
  3. run tasks in module
  4. remove module upon completion
• does not require additional software on nodes
• uses ssh for communication with nodes
• root login is not required
• configuration uses YAML format
• aware of the state of the machine
• if the state does not match the desired state it will execute the necessary steps to get there
• can run in "check mode" to see what would be executed
• machines to run tasks on are tracked in an inventory

• standalone programs
• can be written in different languages
• must return json
• builtin modules

• documentation
• group machines
• predefined groups are all (containing all machines) and ungrouped (not belonging to any group except all)
• same machine can appear under different groups (multiple groups per machine)
• can define variables for every group (actual value determined by precedence described later on)
• example inventory YAML:

  ---
  all:
    children:
      <group name>:
        hosts:
          <an ip address or hostname>
        vars:
          <some variable>: <some value>
  

• ansible <target> -m <module> [other options]
• run single module on target (default is 'command')
• target can be a group or individual hostname/ip
• notable opions:
  1. -u <user>
  2. -a <additional arguments for the module> (e.g. shell commands to execute when using command module)
  3. -i <non-default inventory file>

• YAML file
• available keywords
• can be checked by linter
• ansible-playbook <playbook file> [other options]
• contain one or more plays:
  • define the desired state of the system
  • contain ordered set of tasks:
    • executed in the order they are written
    • call modules
    • can trigger handler:
      • specific task only after a certain change
      • run once after all other plays in the playbook
• can contain variables:
  • alter execution of the playbook
  • used to account for differences between systems
  • follow precedence for overwriting (from highest to lowest, src):
    1. extra vars (-e "<var>=<value>")
    2. include params
    3. role params
    4. set_facts / registered vars
    5. include_vars
    6. task vars
    7. block vars
    8. role vars
    9. play vars_files
    10. play vars_prompt
    11. play vars
    12. host facts
    13. playbook host_vars/
    14. inventory host_vars/
    15. inventory file
    16. playbook group_vars/
    17. inventory group_vars/
    18. playbook group_vars/all
    19. inventory group_vars/all
    20. inventory file
    21. role defaults (role/defaults/main.yml)
    22. command line values

• playbook that is fully self-contained
• contains all tasks, variables, config templates and other supporting files that are needed

• distribution format for ansible content
• can include playbooks, roles, modules and plugins

(from highest to lowest, src)

1. extra variables (-e)
2. variables (see variable precedence)
3. playbook keywords:
   1. tasks
   2. blocks, includes, roles
   3. play
4. command line options
5. configuration settings:
   1. environment variables
   2. default config