Ansible Fundamentals Quiz

Questions and Answers

What is a key benefit of using Ansible according to the course overview?

• Ansible guarantees complete automation without any human intervention.
• Ansible provides seamless initial configuration and management of tasks. (correct)
• Ansible is primarily designed for real-time system monitoring.
• Ansible eliminates the need for any configuration files.

What language do Ansible Playbooks use for defining automated tasks?

• YAML (correct)
• Python
• JSON
• XML

Which aspect is NOT covered in the Ansible Fundamentals course?

• Troubleshooting techniques for Ansible.
• Ansible security protocols. (correct)
• How to set up Ansible.
• Understanding Ansible inventories and variables.

What concept is important for understanding Ansible's configuration management?

Infrastructure as Code (IaC) (D)

What does the course aim to achieve by its conclusion?

Participants will master automation and system management skills. (C)

Which topic will be explored after Ansible inventories and variables in the course?

Ansible roles and templates. (B)

Why is Ansible considered a powerful tool in system management?

It allows the automation of complex tasks with ease. (B)

What learning goal is set for the first module of the Ansible course?

To understand how Ansible compares with other configuration management platforms. (A)

What is the primary format used for Ansible playbooks?

YAML (A)

What is required on managed nodes for Ansible to function correctly?

A valid Python version (C)

Which protocol is primarily used by Ansible for managing Linux/Unix environments?

SSH (A)

In what context is 'Infrastructure as Code' described?

Using machine-readable files to provision infrastructure (A)

Which of the following is a common requirement for YAML usage in Ansible?

Consistent indentation is crucial (C)

What defines the 'control node' in Ansible's architecture?

The central management source for deploying playbooks (C)

What type of diagram represents Ansible's module capabilities?

Module gallery (C)

Which of these is NOT a competitor of Ansible?

Jenkins (C)

Which principle is NOT part of Ansible's design philosophy?

Mandatory graphical user interface (B)

What file type is primarily utilized to describe configuration in Ansible?

YAML (B)

In the context of Ansible, what does a playbook primarily contain?

Configuration settings (D)

What happens when indentation in a YAML file is inconsistent?

The file will not validate and fail to work (B)

Which of the following statements is true regarding Ansible's modules?

Modules extend the capabilities of configuration management (C)

What is the highest level of abstraction in managing Playbooks?

A collection (A)

What is the function of a role when it comes to Playbooks?

To decompose a specific use case into its components (C)

Which package manager should be used on an Ubuntu machine to install Ansible?

APT (A)

Which command is primarily used to invoke a Playbook?

ansible-playbook (B)

What can be used in conjunction with the ansible-playbook command for automation?

Continuous Integration/Continuous Deployment pipelines (A)

What is the purpose of using PIP in the context of Ansible?

To install and manage Python packages (A)

What is the primary goal of Configuration Management?

To systematically manage and control changes in IT systems. (D)

How can you run Playbooks on a schedule if not using a full CI/CD platform?

Using the cron command (D)

What does the term 'Ansible Core' refer to?

The essential command-line tools and core modules of Ansible (D)

When was Ansible originally developed?

2012 (A)

What is the purpose of tags within a Playbook?

To filter which tasks should be executed based on specified criteria (B)

If a systems administrator prefers minimal installations, which Ansible distribution is most appropriate?

Ansible Core (A)

What does Ansible seek to prevent when managing configurations?

Configuration drift. (A)

Which directive is used to run a Playbook under different user credentials?

remote_user (D)

What is the output of the command 'docker pull ansible/ansible:latest'?

It retrieves the latest Ansible stable build from Docker Hub (B)

What does the become directive allow you to do when running Playbooks?

Run tasks as a different user (C)

Why is it important to have an inventory file in Ansible?

To contain a list of servers to be managed (C)

What type of products does Red Hat offer related to Ansible?

A paid version called Ansible Automation Controller. (C)

How does one specify a custom inventory when running a Playbook?

By using a command line parameter for the inventory (C)

Which of these distributions can Ansible manage?

Linux, macOS, and Windows. (C)

Which operating system is mentioned as having compatibility with Ansible control nodes?

Windows (A)

Ansible is built primarily for which programming ecosystem?

Python (C)

What command-line skill is recommended for an Ansible administrator?

Bash shell scripting. (D)

What does the ansible-pull command do?

Pulls Playbooks from a central source for execution (A)

How can a developer contribute to Ansible and its projects?

By modifying the source code available on GitHub. (A)

What command can be used to start a new Docker container for Ansible?

docker run ‑it ansible/ansible:latest (B)

What is the primary use of Jinja2 templates in roles?

To modularize variables for conditional logic and looping (D)

To manage a Windows machine using Ansible, what is a necessary requirement?

Python installed on the Windows machine (D)

What does the term Ansible originate from?

A fictional system from a science fiction novel. (B)

How can Ansible Vault be integrated into a Playbook?

By using the vault-password-file parameter (A)

Ansible can operate on which of the following environments?

Bare metal, virtual machines, and cloud systems. (B)

What happens if you use the 'skip tags' option in a Playbook execution?

Only tasks not marked with specified tags will run (C)

In an Ansible project structure, what file is essential before publishing playbooks?

Configuration file (C)

What is Ansible AWX?

The free version of Ansible Automation Controller. (A)

What is a common reason for using the 'battery included' option when installing Ansible?

To include the most popular modules and plugins (B)

In what manner does Red Hat provide Ansible solutions?

Via open-source and paid subscription models. (D)

Which tool is specifically used to manage packages in Python for Ansible?

PIP (C)

What is the primary purpose of Ansible modules?

To execute system commands and manage resources (B)

What is necessary for Ansible to resolve configuration when invoking a playbook?

Ansible commands in the search path (D)

Which component is NOT managed by Ansible?

Mobile applications. (B)

Which version of Ansible does Red Hat manage?

The paid enterprise version. (A)

Which of the following statements regarding Ansible plugins is true?

Plugins extend the functionality of Ansible's core engine. (C)

What command is used to search for roles, collections, or modules on Ansible Galaxy?

ansible-galaxy search (C)

What type of commands are necessary for managing Ansible?

Basic command line interface commands. (B)

Ansible Galaxy can be likened to which of the following repositories?

NPM for Node.js packages (D)

What role does the Ansible Vault plugin play in managing sensitive information?

It retrieves secrets from a secure location. (D)

What is the primary purpose of an Ansible role?

To encapsulate a set of Ansible tasks and configurations. (A)

Which statement best defines the difference between modules and plugins in Ansible?

Modules are used for configuration management; plugins extend core functionality. (B)

To create custom modules in Ansible, which programming language do you need to know?

Python (B)

Which directory must contain a 'main.yml' file as per the Ansible role directory structure?

Tasks (C)

How do handlers function within Ansible roles?

They run only if notified by another task. (B)

What is the function of the built-in connection plugin in Ansible?

To facilitate network connectivity (D)

What command is used to create a new Ansible role?

ansible-galaxy init (D)

Why might one want to avoid authoring a custom module in Ansible?

There are often existing modules that can be used. (B)

What type of content can be found on Ansible Galaxy?

Public and private content shared as roles or collections (C)

Which option correctly describes how to invoke an Ansible role within a playbook?

Declaring roles in the roles section of the playbook. (C)

What type of files are stored in the 'files' directory of an Ansible role?

Scripts and static assets. (A)

In what scenario might you consider hosting your own private Ansible Galaxy?

To have a central repository for your organization’s custom content (D)

Which of the following best describes the action taken when using the command 'ansible-galaxy install'?

Install a specific role or collection (D)

Which templating language is used for Ansible templates?

Jinja2 (D)

Why is it recommended to center configuration management around roles rather than individual playbooks?

Roles promote better flexibility and reusability in complex management needs. (A)

How do variables improve the modularity of Playbooks in Ansible?

By allowing reuse of values throughout Playbooks (B)

What does the 'vars' directory allow you to do in an Ansible role?

Decompose and separate your variables. (A)

What principle should be checked before creating custom modules in Ansible?

Don’t Repeat Yourself (DRY) (A)

What is the correct syntax for using Jinja2 variables in an Ansible template?

{{ variable_name }} (B)

What is a best practice regarding the naming of variables in Ansible?

Use meaningful names to improve clarity. (C)

How does Ansible manage Windows using roles?

Ansible can manage Windows similarly to Linux with specific modules. (D)

Which of these is NOT a standard directory in an Ansible role's directory structure?

Services (C)

What should be done with debug messages before putting playbooks into production?

Remove or suppress debug messages. (B)

What is typically included in the 'meta' directory of an Ansible role?

Documentation for the role. (D)

What is one of the main reasons to keep Ansible source in version control?

To foster collaboration without the risk of overwrites. (D)

Which function does the 'include_role' reserved system variable serve in Ansible CLI?

To invoke a specific role dynamically. (B)

When organizing Ansible artifacts, why is it important to consider multiple environments?

It can multiply the complexity and artifacts needed. (D)

What type of guide should a team consider to ensure consistency in best practices?

A coding style guide (A)

Why would you use Ansible templates?

To generate dynamic configuration files with real values. (B)

In Ansible, what is the benefit of using built-in modules from Ansible Galaxy?

They reduce the risk as they are open source and plain text. (B)

What should you do if your roles and collections involve proprietary infrastructure?

Keep them private and do not share. (B)

What does YAML require regarding formatting in Ansible?

It requires consistent formatting and whitespace. (A)

What is the primary focus of Ansible best practices?

To create a unified approach to scripting that minimizes errors. (C)

Which aspect of variable management is essential when working with multiple environments?

Variables should be well-documented to prevent confusion. (A)

What is a primary function of the ansible_host variable in an inventory?

To provide a simplified alias for a complicated DNS name (C)

What is an advisable approach when creating custom modules in Ansible?

Look for existing solutions before creating your own. (A)

In which scenario would you prefer to use group variables over host variables?

When multiple hosts require the same variable settings (A)

What is the highest precedence in Ansible variable precedence hierarchy?

Role defaults (D)

Why might you want to use a separate YAML file for group variables?

To enhance the readability and organization of variable definitions (A)

Which syntax is used to reference variables in an Ansible playbook?

{{ variable }} (C)

What should be the primary focus when organizing Ansible inventory?

To enhance clarity and maintainability of configurations (A)

Which option describes the purpose of roles in Ansible?

To encapsulate configurations and related elements like variables (C)

What is the rationale behind separating global and host-specific variables?

To avoid conflicts and enhance variable management (A)

What is the first location that Ansible checks for configuration settings?

The presence of the environment variable ansible_config (D)

What does the variable precedence rule dictate about conflicting variables?

Variables will be prioritized based on their scope level (A)

In what format can Ansible inventory files be created?

Both INI and YAML formats (C)

How can you implement best practices for managing secrets in Ansible?

By using encrypted vaults for sensitive information (B)

What keyword does Ansible use to target all managed nodes in a playbook?

all (D)

What is the main purpose of the vars_files element in an Ansible playbook?

To load external variable files for variable definitions (B)

What is a key disadvantage of using Ansible without an automation controller?

Lack of centralized management and reporting (D)

Why is it important to keep Ansible projects in source code control?

To avoid exposing sensitive data in plain text (A)

Which of the following is NOT a characteristic of host variables?

They are defined in a separate group file (B)

What is the primary purpose of an Ansible playbook?

To define configurations and automate tasks (A)

What advantage do roles provide in Ansible related to playbook organization?

They allow for a modular approach to configuration management (B)

Which of the following describes a significant aspect of playbooks in Ansible?

Multiple related playbooks can exist within a project (B)

What should be avoided when committing files into source code control?

Sensitive data like passwords and API keys (B)

What does the ansible.cfg configuration file typically dictate?

Settings for running Ansible commands (A)

What is a potential benefit of using a centralized command and control platform with Ansible?

It provides enhanced management and reporting features (B)

Why is following proper syntax important when using Ansible?

Incorrect syntax can lead to failures in executing playbooks (A)

What does the README.md file typically remind users about Ansible projects?

Keep projects in source code control (A)

What can be concluded about the complexity of installing Ansible?

It is trivial and comparable to installing simple Linux software (A)

What distinction is made between Ansible modules and plugins?

Modules handle specific tasks, plugins extend functionality (B)

What does the debug module in Ansible help you accomplish?

It allows you to display messages and variable values during execution. (D)

What is the purpose of the 'ansible-config dump' command?

To view all configuration settings and parameters. (C)

In a scenario where you want to escalate privileges for a specific user in Ansible, which command would you use?

become: true, become_user: Apache (D)

What method is suggested to capture the output of a shell command in Ansible?

Use the register module after the command. (B)

Which command allows Ansible to ask for the password for privilege escalation?

--ask-become-pass (B)

How can you provide a variable declared in an encrypted secrets file to a playbook?

By calling 'vars_files' to specify the encrypted file. (B)

Which of the following verbosity levels can be set when running an Ansible playbook?

Four levels of verbosity, from 1 to 4. (A)

What information do you get when running 'ansible --version'?

Ansible version and user environment details. (C)

What advantage is mentioned regarding the Ansible Vault compared to enterprise solutions?

It provides encrypted storage at no cost. (D)

What should you consider when using the debug module in production?

It may introduce overhead and unnecessary information. (A)

What does idempotency in Ansible Playbooks refer to?

The capability to pick up where a task leaves off after a failure. (B)

What does using the 'privilege escalation' feature in Ansible typically involve?

Specifying a different Ansible user for privileged tasks. (C)

Which keyword in Ansible Playbooks refers to all hosts in the specified inventory?

all (D)

What is normally included in the artifacts of different staged environments in Ansible roles?

Environment-specific scripts and configuration files. (B)

Why should the debug declaration be commented out or removed in production environments?

It can lead to performance degradation and clutter output. (B)

In the context of Ansible Playbooks, what is the primary purpose of a module like APT?

To facilitate software installation and management. (C)

What does the 'become' directive in an Ansible Playbook signify?

To elevate privileges for specific tasks. (A)

Which aspect of Ansible Playbooks helps ensure they are modular and reusable?

They are encapsulated, allowing for ongoing use. (B)

What does the term 'desired state' refer to in the context of Ansible Playbooks?

The expected configuration outcome after a Playbook runs. (A)

How do Playbooks compare to CLI commands in Ansible?

Playbooks encapsulate multiple tasks for better management. (B)

What is a significant advantage of using roles in Ansible Playbooks?

They allow for more atomic decomposition of Playbooks. (A)

What does the 'state' keyword generally signify in Ansible modules?

The configuration result expected after the task. (B)

How does one typically retrieve help or documentation for a specific Ansible module?

By using the Ansible Doc command tool. (D)

What is a task in the context of an Ansible Playbook?

A single action that needs to be performed. (C)

In a Playbook, which component acts as the overarching title for a group of tasks?

Play (D)

Which module would be appropriate for removing a configuration file in an Ansible task?

file (C)

What defines the structure of an Ansible Playbook?

Hierarchical representation with nesting. (A)

What distinguishes the 'become user' directive from the 'become' directive?

It specifies under which user account the task should run. (C)

What is a significant advantage of using Ansible Tower for larger businesses?

It provides centralized management and reporting. (D)

Which service is primarily used for remoting in a Windows environment under Ansible?

Windows Remote Management (WinRM) (C)

What is the default location for the Ansible configuration file in a typical setup?

/etc/ansible/ansible.cfg (D)

In which format can the Ansible inventory file be structured?

INI or YAML format (C)

Which command is used to deploy a playbook to your inventory in Ansible?

/usr/bin/ansible-playbook (A)

What role does the control node serve in an Ansible architecture?

It executes playbooks and manages configurations. (A)

What kind of access control is available in Ansible Tower?

Role-based access control (RBAC) (C)

Which protocol is commonly used by Ansible for secure connections?

Secure Shell (SSH) (B)

Which version of Python is mentioned as running in the lab environment for Ansible?

Python 3.8 (D)

What is a potential drawback of having multiple automation controllers?

Increased complexity and lack of scalability. (B)

What is the main purpose of the Ansible command-line tool located at /usr/bin/ansible?

To perform ad-hoc tasks on managed nodes. (C)

What is the role of SSH key authentication in Ansible's non-interactive sign-in?

To authenticate users without a password prompt (D)

What is one of the main reasons for using SSH over WinRM for managing nodes?

SSH is simpler and allows key-based authentication. (D)

Which of the following is NOT a best practice for managing secrets in Ansible?

Keeping secrets in plain text within playbooks (C)

What does RBAC stand for in the context of Ansible Tower?

Role-Based Access Control (C)

What is the appropriate way to define a variable in Ansible YAML syntax?

variable_name: value (B)

Where is the default location for the Ansible inventory file?

/etc/ansible (D)

What describes a dynamic inventory in Ansible?

A method to retrieve cloud-based hosts automatically (D)

What character is used to reference variables in Ansible playbooks?

{{ }} (D)

Which term best describes an Ansible inventory?

A simple text file listing managed nodes (D)

Which element is NOT considered an advantage of using Ansible roles?

Increased execution speed (A)

What is a common restriction when naming variables in Ansible?

Variable names must begin with a letter (A)

Which feature enhances the usability of Ansible inventories for larger enterprises?

Dynamic inventory scripts that automate host retrieval (B)

What is a fact in the context of Ansible?

A predefined variable containing system information (A)

What syntax does Ansible support for the inventory file format?

INI format with basic regular expressions (C)

What is a primary function of using Ansible variables in playbooks?

To provide placeholders for dynamic content (B)

Which statement about Ansible's handling of group and host-level variables is true?

Group-level variables override host-level variables (A)

Flashcards

What is Ansible?

An open-source software automation tool used for managing and configuring computer systems. It simplifies deployment, manages hosts, and orchestrates complex system tasks.

Why Ansible?

Ansible is a popular choice due to its simplicity, agentless architecture, and human-readable YAML language.

Infrastructure as Code (IaC)

The practice of managing infrastructure through code, allowing for consistent, repeatable deployments.

What are Ansible Playbooks?

Ansible Playbooks are files written in YAML that define automated tasks. They are executed in a predefined sequence to manage configurations on your hosts.

What are Ansible Modules?

Ansible modules are reusable components that perform specific tasks, such as installing software, configuring services, or managing files.

What is Ansible Inventory?

A central location where you define all the hosts you want to manage with Ansible. It stores information about your systems, including their names, IP addresses, usernames, and connection methods.

What are Ansible Variables?

Variables in Ansible allow you to store reusable data like hostnames, usernames, passwords, and other configuration parameters. They make your Playbooks more dynamic and adaptable.

What are Ansible Roles?

Roles are collections of related tasks and variables that are organized into reusable units. They simplify complex tasks by breaking them down into smaller, manageable pieces.

What is Configuration Management (CM)?

Configuration management (CM) is a process used to systematically organize and manage changes within an IT system.

What is Configuration Drift?

Configuration drift occurs when a system's current state deviates from its intended configuration.

How does Ansible help with Configuration Management?

Ansible helps maintain consistency by ensuring servers remain in their desired configuration state.

What systems can Ansible manage?

Ansible can manage various operating systems, including Linux, macOS, and Windows.

What language is Ansible written in?

Ansible is a Python application.

What is Red Hat Ansible Automation Controller?

Red Hat Ansible Automation Controller (formerly Ansible Tower) provides centralized control and management of Ansible.

What is Ansible AWX?

Ansible AWX is the free and open-source version of Ansible Automation Controller.

What types of targets can Ansible manage?

Ansible can manage diverse targets, including bare metal servers, virtual machines, and containers.

What is an Ansible playbook?

Ansible uses a "playbook" to define tasks to be performed on managed nodes.

How does Ansible connect to managed systems?

Ansible uses SSH to connect to and manage target systems.

Describe Ansible's basic architecture.

Ansible's basic architecture consists of control nodes, managed nodes, and playbooks.

What syntax does Ansible use for playbooks?

Ansible uses a "YAML" syntax for writing playbooks.

Control Node

The machine responsible for managing other machines in Ansible. It holds the playbooks and config files.

Inventory

A YAML or INI file that contains a list of managed nodes or devices that Ansible will configure.

Playbook

A YAML format text file containing instructions for configuring managed nodes. It specifies tasks and actions to perform.

Module

A pre-built unit of code designed to perform a specific configuration task within Ansible.

YAML (YAML Ain't Markup Language)

A human-readable, data serialization language often used as an alternative to JSON.

Configuration Management

The process of locking down and defining the desired configuration of a system, ensuring consistency across multiple machines.

Ansible

A command-line based configuration management tool that uses a 'push' model to manage nodes.

SSH (Secure Shell)

Ansible's primary communication protocol for managing Linux and Unix based nodes.

WinRM (Windows Remote Management)

A protocol used for managing Windows machines within an Ansible configuration.

Puppet

A competing configuration management platform that uses a 'pull' model for managing nodes.

Chef

A powerful configuration management tool that uses a 'pull' model and is known for its focus on automation.

SaltStack

A popular configuration management tool that leverages remote execution and is designed for large, complex deployments.

HashiCorp Terraform

An open-source infrastructure as code tool that focuses on managing cloud resources, not just configuration.

Octopus Deploy

A deployment automation platform that focuses on deploying software to multiple environments.

Ansible Architecture

Ansible Architecture is a Python application that leverages SSH to manage infrastructure. Its components include a control node (the server from which you manage), managed nodes (those being configured) in your inventory, and playbooks that define automation tasks.

Managed Node

Managed nodes are the servers or devices that you're configuring with Ansible. They are listed in your inventory and receive commands from the control node.

WinRM

WinRM is the Windows Remote Management service, which allows you to manage Windows hosts with Ansible. It uses an older XML and SOAP-based architecture for remote control.

Python Requirement

Ansible relies on Python as its core programming language. Both control nodes and managed nodes need Python installed to run Ansible properly.

Ansible CLI (Command-Line Interface)

The Ansible command-line tool is the primary way to interact with Ansible. It allows you to execute playbooks, manage inventory, and perform various Ansible actions.

Where are Playbook files stored?

Playbook files are stored in the '/usr/bin/ansible-playbook' directory, allowing you to execute playbooks and automate your infrastructure.

Ansible Configuration Files

Ansible uses configuration files to define settings and customize its behaviour. These files are usually stored in the '/etc/ansible/ansible.cfg' directory.

Ansible Configuration Path

The /etc/ansible directory is where global Ansible configuration files and inventory files are typically stored. This provides system-wide settings for Ansible.

Inventory File Location

Inventory files define the managed nodes that you want to configure. They can be stored in different locations, but '/etc/ansible/hosts' is a common path.

APT

A package manager used on Ubuntu systems for installing, updating, and managing software packages.

YUM

A package manager used on Red Hat Enterprise Linux (RHEL) for installing, updating, and managing software packages.

PIP

A package manager for Python that allows you to install, upgrade, and manage Python packages.

Ansible Core

A distribution of Ansible that provides essential core modules, command-line tools, and the basic functionality of Ansible.

Full Ansible

A distribution of Ansible that includes a wide range of modules, plugins, and roles for a more complete Ansible experience.

Ansible Modules

A unit of work or a self-contained task within an Ansible playbook. They perform specific actions like installing software, managing files, or configuring services.

Ansible Playbooks

A text file written in YAML that defines a collection of tasks to be executed by Ansible on remote hosts. They automate configuration, deployment, and management of systems.

Ansible Configuration File (ansible.cfg)

The configuration file used by Ansible to specify network credentials, inventories, and other settings.

Ansible Inventory

A file that lists target systems or hosts that Ansible should manage. It includes details like IP addresses, usernames, and connection methods.

Ansible Roles

A collection of closely related tasks and variables that can be bundled and used repeatedly within playbooks.

Ansible Variables

A feature within Ansible that allows you to store and reuse values that are common across multiple playbooks.

Managing Windows Systems with Ansible

A powerful feature in Ansible that enables management of Windows systems through SSH or WinRM connections.

Windows Subsystem for Linux (WSL)

A subsystem that allows you to run Linux environments directly on Windows, enabling the installation and use of Linux-based tools like Ansible on Windows machines.

Ansible Project Structure

A recommended project structure that helps organize Ansible playbooks, configuration files, and related components within a project directory.

What is the Ansible Inventory?

A central location that lists all the hosts you want Ansible to manage. It contains information like hostnames, IP addresses, and connection details.

What is the "all" keyword?

This is a special keyword in Ansible that targets all hosts in your inventory when running a playbook.

What are groups in Ansible Inventory?

This allows you to organize your hosts into groups based on their purpose, making it easier to manage related servers.

What is the INI format for Ansible Inventory?

You can use this format to create your Ansible inventory, providing a straightforward and simple way to list your hosts.

What is the YAML format for Ansible Inventory?

This is another way to create your Ansible inventory, offering more flexibility and structure compared to the INI format.

Where should I look for the Ansible config file?

Ansible looks for the configuration file here first, it's the preferred way to customize Ansible settings.

What is the "ansible.cfg" configuration file?

This file acts as the default configuration for Ansible, allowing you to customize settings and behaviors.

Where does Ansible look for "ansible.cfg" if ansible_config is not set?

Ansible uses this directory to look for the configuration file, the next place to find your settings.

Where does Ansible look for "ansible.cfg" after the current directory?

This location is searched for the configuration file, Ansible looks here as part of its search for settings.

Where is the global Ansible configuration file stored?

This location is the last resort for finding the configuration file, Ansible will look here if all else fails.

What are Ansible plugins?

This is a type of Ansible module that extends its functionality, typically focusing on specific areas like network automation.

What is a "README.md" file?

This is a file used for version control, it provides information about an Ansible project, including its purpose and how to use it.

What is Ansible Galaxy?

Ansible Galaxy is a repository (like a library) for sharing and finding Ansible content, including roles and collections.

What are Ansible collections?

Ansible collections are a way to organize and share related modules, plugins, and roles together.

What is the 'DRY' principle?

Don't Repeat Yourself (DRY) is a software development principle that encourages reusing code to avoid redundancy.

What is the 'connection' plugin?

The connection plugin facilitates network connectivity with managed nodes. It uses SSH for Linux and WinRM for Windows.

What is the Ansible Vault plugin?

Ansible Vault plugin helps securely store and retrieve secrets like API tokens and passwords, preventing them from being exposed in plain text.

Why use variables in Ansible?

Variables in Ansible can be used to store reusable data, making playbooks more dynamic and adaptable.

Do I need to create my own modules to use Ansible?

You can download pre-built modules from Ansible Galaxy for common tasks, even if you don't create your own.

How do I find and install Ansible content?

You can use the ansible-galaxy CLI command to search and install roles, collections, and modules from public or private repositories.

Where does the Ansible software run?

Ansible Server, which is the control node, runs the Ansible software and manages the target systems.

How does Ansible communicate with servers?

Ansible uses SSH (Secure Shell) for most connections to Linux or Unix-based servers.

What does 'idempotent' mean in Ansible?

The ability of a Playbook to run multiple times and always produce the same desired state, even if previous runs were interrupted or incomplete.

What makes Ansible Playbooks reusable?

A key advantage of Ansible Playbooks, allowing them to be reused across multiple projects and environments.

What is the 'state' property in Ansible Modules?

A feature of Ansible Modules that specifies the desired state of a resource. It can be 'present' (ensure resource exists) or 'absent' (ensure resource is removed).

What is the 'become' directive in Ansible?

The directive in Ansible Playbooks that allows tasks to run with elevated privileges (like root).

What does the 'all' keyword refer to in Ansible Inventory?

A keyword in Ansible Inventory that designates all the hosts in a group.

How is indentation used in Ansible Playbooks?

A standard technique in Ansible Playbooks that leverages indentation (whitespace) to define the structure and relationships between tasks.

What is an Ansible playbook collection?

A collection of playbooks that define a complete infrastructure, including installation, configuration, and deployment processes.

What is the 'apt' Ansible module used for?

A common way to install software packages using Ansible, particularly for Debian-based systems.

What is the 'ansible-doc' command used for?

A built-in Ansible Command tool that provides help and documentation for Ansible modules.

What is the 'file' Ansible module with state='absent' used for?

A specific kind of Ansible Module that allows deleting files as part of a Playbook.

What is Configuration Management in Ansible?

A core concept in Ansible that focuses on managing and maintaining consistency in system configurations.

Host Variables

Variables associated with a specific host in your Ansible inventory.

Group Variables

Variables applied to a group of hosts defined in your Ansible inventory.

Ansible Inventory Files

Files that define all the hosts you want to manage with Ansible. They contain details like hostnames, IP addresses, and connection methods.

ansible_host Variable

A reserved system variable that allows you to define a shorter, user-friendly alias for a host's complex DNS hostname or IP address.

Host Variable Files

YAML files that define specific variables for individual hosts. They are stored in a directory named 'host_vars' within your Ansible project.

Vars Section in a Playbook

A YAML section in your Ansible playbook where you declare variables that are accessible within that playbook.

Ansible Variable Precedence

The order of precedence for variables when multiple variables with the same name are defined at different levels.

Role Default Variables

Variables defined at the role level, taking precedence over variables from inventory or group levels.

vars_files Element in Playbook

A feature in Ansible that allows you to import variables defined in separate YAML files.

Group Variables Files

YAML files that define variables for entire groups of hosts. These variables are applied to all hosts within that group.

Deployment Automation

A process that helps to automate the configuration and deployment of application code.

Ansible Collections

A collection of playbooks and assets like roles, variables, and templates that are packaged together to simplify the deployment and configuration of applications.

What is an Ansible collection?

A collection is a high-level abstraction in Ansible that groups together multiple roles to perform complex configuration management tasks. It can also include custom modules, plugins, and documentation.

What is an Ansible role?

A role is a reusable unit in Ansible that encapsulates a specific task or functionality. It typically includes Playbook code, variables, Jinja2 templates, and other resources needed to achieve a single goal.

How do you run an Ansible Playbook?

The ansible-playbook command is the primary way to execute Ansible Playbooks. It takes the Playbook file as an argument and applies the tasks to the target systems.

How can Ansible integrate with CI/CD pipelines?

Continuous Integration/Continuous Deployment (CI/CD) pipelines are automated workflows that build, test, and deploy software applications. Ansible Playbooks can seamlessly integrate with these pipelines, allowing you to automate tasks within your CI/CD process.

What is Ansible Vault?

Ansible Vault is a tool that allows you to securely store and retrieve sensitive data, such as passwords and API keys. It encrypts these values to protect them from unauthorized access.

What are Ansible tags?

Tags are labels that you can apply to tasks within an Ansible Playbook. They let you selectively execute only specific tasks based on the tags you specify when running the Playbook.

What is the Ansible 'become' directive?

The become directive in Ansible allows you to execute tasks with elevated privileges on target systems. This is useful when you need to perform administrative tasks that require root or other elevated user access.

What are Ansible tasks?

Ansible tasks are the individual actions or commands that are defined within a Playbook. They are executed in the order specified in the Playbook and represent the building blocks of your automation.

What is privilege escalation in Ansible?

Privilege escalation in Ansible refers to running tasks with elevated privileges, such as root or a specific administrator account. This is often required for tasks that need to modify system settings or install software.

What architecture does Ansible follow?

Ansible's agentless architecture means that it does not require any software agents to be installed on the target systems. It manages systems using SSH or WinRM, making it lightweight and easy to deploy.

What is an Ansible Inventory?

A simple text file listing target nodes for Ansible to manage. It typically resides in the /etc/ansible directory on your Linux machine.

What is an Ansible Variable?

A placeholder for a value in Ansible. It can be defined in inventory files, playbooks, roles, or even at runtime. This allows flexibility and customization within your Ansible workflows.

What is the 'all' group in Ansible Inventory?

A default group containing all hosts listed in the inventory file. It also includes individually listed hosts not part of a group.

How does Ansible Inventory use Regular Expressions?

Ansible Inventory enables basic regular expression syntax. This means you can specify a range of hosts using patterns. For instance, www0-9 would include hosts named www0 to www9.

What is a Dynamic Inventory in Ansible?

A script that dynamically generates an Ansible inventory at runtime. This is useful for dealing with constantly changing or large cloud environments.

How does Ansible connect to hosts?

A method used by Ansible to connect to and manage target systems using SSH. This allows Ansible to interact with and control remote hosts securely.

What is a Group Variable in Ansible?

A type of variable in Ansible that applies to a specific group of hosts. This helps manage settings based on the group's characteristics.

What is a Host Variable in Ansible?

A type of Ansible variable that applies only to a single host in your inventory. It allows for fine-grained configuration adjustments.

How are variables defined in Ansible?

Ansible variables can be assigned values using a key-value pair structure written in YAML syntax. For example: install_path: /opt/myapp.

How do you reference an Ansible variable?

To reference a variable in Ansible, you place its name within double curly braces. For example, {{ install_path }} references the install_path.

Can Ansible variables have complex values?

Ansible variables can be assigned lists and dictionaries as values. This makes it possible to store structured data for more complex configurations.

What is an Ansible variable's scope?

Ansible variables can be defined at different scopes: host level, group level, or even within your playbook. The variable scope influences which hosts or groups the variable applies to.

What is Configuration Management?

A way to manage configurations across your infrastructure, ensuring consistency and reducing potential errors.

What is Red Hat Ansible Automation Platform?

Red Hat Ansible Automation Platform (formerly Ansible Tower) is a centralized platform for managing and orchestrating your Ansible deployments. It provides features like job scheduling, inventory management, and reporting.

What is the 'tasks' directory in an Ansible role?

A directory within a role that holds the main tasks defined in a YAML file named 'main.yml'.

What is 'main.yml' in the 'tasks' directory?

A file in the 'tasks' directory of an Ansible role that contains the tasks to be executed, defined in YAML format.

What are Ansible Handlers?

Special tasks in Ansible that only run when a task that changed something triggers a notification.

What is the 'templates' directory in an Ansible role?

A directory in an Ansible role that contains files with placeholders for dynamic values using the Jinja2 templating language.

What is the 'files' directory in an Ansible role?

A directory in an Ansible role that stores static assets like scripts or configuration files.

What is the 'vars' directory in an Ansible role?

A directory in an Ansible role where you define variables specific to the role, making your playbooks more reusable.

What is the 'defaults' file in an Ansible role?

A file that contains default values for variables in an Ansible role, providing default settings if no other values are specified.

What is the 'meta' directory in an Ansible role?

A directory in an Ansible role that holds documentation and metadata about the role, typically in YAML format.

What is 'ansible-galaxy init' used for?

A command-line tool used to create and initialize new Ansible roles within your project directory, providing a pre-built framework.

How do you invoke an Ansible role within a playbook?

A section within a playbook that indicates which roles should be executed, allowing you to reuse and combine roles efficiently.

How can you invoke an Ansible role in an ad-hoc manner?

A command-line feature that enables you to execute an Ansible role directly, bypassing a full playbook.

What is an Ansible Template?

A file that contains configuration parameters written in the Jinja2 templating language, making it dynamic and adaptable.

What is the Jinja2 templating language?

A powerful templating engine used in Ansible for creating dynamic content in templates, supporting variables and control structures.

What is the 'ansible.windows.win_template' module?

A built-in Ansible module used for creating files with Jinja2 template content, populating them with variables and configuration.

What is the 'debug' module used for in Ansible?

Ansible provides a module called 'debug', which is very helpful during troubleshooting. It allows you to output messages and check variable values as your playbook runs.

What is the 'register' module used for?

The 'register' module serves as a way to capture and store outputs or results from Ansible tasks, which can later be used for debugging, validation, or further actions.

What does the 'become' directive do in Ansible?

In Ansible, the 'become' directive grants tasks elevated privileges, typically enabling them to run as root or a designated user with sudo capabilities.

How does Ansible Vault work?

Ansible Vault is an inbuilt tool that provides a basic way to encrypt and store sensitive data, like passwords and API keys, within a separate secrets file.

How do you encrypt data in Ansible Vault?

To encrypt secrets in Ansible Vault, you typically use the 'ansible-vault create' command, specifying a password to secure the file.

How do you use encrypted secrets in your playbook?

Ansible Vault uses 'vars_files' in your playbook to load encrypted secrets from a file. This file is then decrypted at runtime using a password.

How is the Ansible Vault password used?

When you run a playbook that uses encrypted secrets, Ansible will prompt you for the vault password using the 'ask-vault-pass' option. This ensures the secret is only revealed at runtime.

Does Ansible have any way to interactively ask for the password during playbook execution?

Ansible allows you to use the 'ask-become-pass' command to interactively prompt the user for the password during a playbook run, if you are using password-based authentication for privilege escalation.

How do you actually run an Ansible playbook?

The 'ansible-playbook' command lets you launch and execute your Ansible Playbooks. It orchestrates the automation defined in the playbook file.

Why check the Ansible version before running playbooks?

It's a good idea to check the Ansible version and configuration on the control machine before running playbooks, as the versions can vary wildly between systems and can be a common source of errors.

How do you see all Ansible configuration settings?

The 'ansible-config dump' command prints out the complete Ansible configuration settings, which can be helpful for troubleshooting or auditing.

How do you see only the changed configuration settings?

The 'ansible-config dump --only-changed' command only shows Ansible configuration settings that have been modified from their default values.

What is the purpose of verbose output in Ansible?

Verbose output levels in Ansible allow you to control how much information is displayed during playbook execution. This makes it easier to pinpoint issues and follow commands, as there are more details available.

How can you determine your Ansible version and configuration?

The 'ansible --version' command provides details about the Ansible installation, including the version, configuration file location, and other relevant information.

Version control for Ansible code

Putting your Ansible code in a version control system like Git allows multiple people to work simultaneously without accidental overwrites and provides a history for easy rollback.

Importance of comments and whitespace

Writing comments and using whitespace in your Ansible YAML playbooks makes them easier to read and understand, even for someone who didn't write them.

Meaningful variable names

Giving variables meaningful names makes it easier to understand what they are used for, especially when you're trying to debug your playbooks.

Structuring playbooks into Roles

Organizing your playbooks into roles allows you to reuse code, make your playbooks more manageable, and promote code reuse.

Leveraging existing Ansible Modules

Using pre-built Ansible modules from the community or directly from Ansible instead of writing your own can save time and effort, improving your overall efficiency and reducing the risk of errors.

Suppressing debug messages

It's crucial to remove debug messages from your playbooks before putting them into production to avoid cluttering the output and making it difficult to diagnose real issues.

Implementing an Ansible style guide

Having a consistent style guide for your team's Ansible code helps ensure everyone writes code in a similar way, making it easier to read and maintain.

Separate inventory files for different environments

When working with multiple environments, like production, staging, and development, it's essential to separate your inventory files to manage each differently.

Using variables for different environments

Utilize variables at different levels to control specific settings for different groups or individual hosts in your inventory. This minimizes redundancy and helps keep configurations consistent.

Organizing your Ansible code

Having a well-organized directory structure, with separate folders for inventories, roles, variables, and other artifacts, makes it easier to find and manage your Ansible code.

Roles for better organization

Roles are a key part of organization in Ansible. By separating your tasks into roles, you achieve better code reuse and maintainability, making it easier to manage complex configurations.

Connecting to different hosts

Ansible allows users to customize their connection methods, including the use of SSH and WinRM. This versatility allows you to manage a variety of hosts, from Linux to Windows.

The importance of Ansible Galaxy

Ansible Galaxy is a central repository where you can find and install Ansible roles and collections created by the community. This helps you leverage the power of shared resources.

DRY principle in Ansible

Dry principle eliminates redundant code to make your Ansible playbooks cleaner and more efficient. Instead of repeating the same tasks, you leverage existing code blocks.

Ansible Vault plugin

Ansible's Vault plugin enables the secure storage and retrieval of sensitive information, such as passwords and API keys, preventing them from being directly exposed in the configuration files.

The power of variables in Ansible

Variables are essential for making Ansible playbooks dynamic and adaptable. They allow you to reuse values across multiple playbooks, eliminating the need for repetition.

Study Notes

Ansible Fundamentals Course Overview

• Ansible is a powerful open-source automation tool for managing and configuring computer systems.
• It simplifies tasks like deploying software, managing hosts, and orchestrating complex systems.
• The course covers setting up Ansible, playbooks, modules, inventories, variables, roles, templates, best practices, and troubleshooting.
• The course aims to provide a thorough but general overview, equipping students with fundamental Ansible skills and leveraging advanced features for effective systems management.

Introduction to Ansible

• Ansible is a free and open-source Configuration Management automation platform.
• It was created by Michael DeHaan in 2012, acquired by Red Hat in 2015.
• Ansible can manage various types of hosts: Linux distributions, macOS, Windows VMs and bare-metal servers, Docker containers, and hardware.
•  Ansible is agentless; managed nodes don't need special agents. 
• Ansible uses SSH and WinRM for communication.
• A key skill for Ansible administrators is bash scripting and comfort with Linux environments.
• Python knowledge enhances Ansible usage.
• Ansible AWX is a free and open-source automation controller.
• Ansible is a Python application; this is important to consider.  
• The word "Ansible" is a fictional word, from the science fiction novel Rocannon's World, meaning "answerable" and "instantaneous communication."

Defining Configuration Management

• Configuration Management (CM) manages and controls changes in IT systems to maintain consistency and performance.
•  Configuration drift is a deviation from the desired system state.
• CM platforms, like Ansible, help prevent and correct configuration drift.

Ansible Basic Architecture

• Ansible architecture consists of managed nodes (targets) and a control node (source of control).
• The inventory defines the scope of machines to be managed (servers, VMs, containers, network devices).
• The inventory file is in YAML or INI format. 
• The control node runs Ansible and pushes (or pulls) playbooks to managed nodes.
• Playbooks are YAML descriptions that define tasks to manage systems. 
• Playbooks and Ansible modules enable declarative configuration management of hosts.
• Playbooks are idempotent, ensuring consistent results even with multiple runs.
• SSH is the default protocol for Linux/Unix environments; WinRM for Windows.

Ansible Competitors

• Ansible's major competitors include Puppet, Chef, SaltStack, Terraform, Octopus Deploy, and PowerShell Desired State Configuration (now Azure Auto-Managed Machine Configuration).

Understanding Infrastructure as Code (IaC)

• IaC manages and provisions IT infrastructure via machine-readable, human-readable files.
• It replaces manual processes with code (YAML) to define infrastructure as desired.
• IaC benefits include reduced human error and repeatable configurations.

Understanding YAML

• YAML is a human-readable data serialization language (alternating to JSON).
• YAML is case-sensitive and indentation-sensitive, using two spaces for indentation.
• Lists use hyphens; dictionaries use key-value pairs.
• Comments use the pound '#' symbol.

Setting up Ansible

• Ansible installation method depends on the OS (APT, YUM, PIP).
• Python is required on both control and managed nodes. 
•  Ansible CLI tools reside in /usr/bin.
•  Installation can be from source or with a Docker container.
• Ansible core provides basic tools and modules.
• The "batteries-included" Ansible install provides a full suite of modules, plugins, and roles.
• Ansible can manage Windows machines, using WSL on Windows hosts. Windows hosts require Python and WinRM or SSH.

Ansible Project Structure

• Ansible project structure isn't mandatory but provides best practice guidelines.
• Files like ansible.cfg (configuration) and inventory files can be located anywhere.
• Ansible uses environment variables (ansible_config), current directory, user home, then system-wide config files, to locate a configuration file.
• The inventory file lists hosts and groups, supporting the 'all' and ungrouped keywords.
• An important hierarchy exists to define playbooks, inventories, and roles.

Ansible Playbooks and Modules

• Ansible Playbooks are YAML task automation scripts.
• Playbooks use a declarative and idempotent approach.
• Playbooks are modular.
• Playbooks consist of tasks, with tasks in one or more plays.
• Playbooks use the YAML format. Playbooks consist of plays.
• Playbooks are useful as declarative configuration management units.
• Playbooks encapsulate configuration tasks for reuse.
• Ansible modules are Python programs that automate specific configuration tasks. They are building blocks.
• Use Ansible Doc to learn about modules.
• Custom modules can extend Ansible's power.

Ansible Modules vs. Plugins

• Ansible modules enable executing commands.
• Ansible modules are the core configuration management components.
• Ansible plugins extend the core's functionality, such as SSH or WinRM connections.
• Custom plugins extend Ansible's features.

Ansible Galaxy

• Ansible Galaxy is a public repository for Ansible roles, which include playbooks, custom variables, and reusable tasks.

Ansible Collections vs. Roles

• Ansible collections are a higher-level package of related roles.
• Ansible roles are smaller, reusable components that encapsulate sets of Ansible tasks and configurations. 

Running Ansible Playbooks

• Ansible Playbooks use the ansible-playbook CLI command.
• Integrate playbooks into CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins).
• Use the cron command for scheduled execution.
• Use ansible-pull for centralized playbook execution.
• Ansible playbooks can be combined with container orchestration (Kubernetes).
• Use tags to selectively target hosts in playbooks.

Ansible CLI Examples

• Specify custom inventories with the -i parameter.
• Use parameters to execute playbooks, such as becoming a certain user.
• Use Ansible Vault for encrypted secrets.

About Privilege Escalation

• Playbook security context is the user running ansible-playbook.
• Ansible uses become and become_user and SSH keys to elevate privilege.
• Use ansible-playbook to specify commands for privilege elevation.
• For non-interactive scenarios, use SSH key authentication.
• Best practice: use a secret store for passwords.

Ansible Best Practices and Troubleshooting

• Store Ansible in version control.
• Use comments and whitespace for readability.
• Use meaningful variable names.
• Organize with playbooks into roles.
• Leverage modules and collections.
• Remove debug statements to avoid clutter.
• Use a style guide and conventions.

Using Ansible Vault

• Ansible Vault encrypts secrets.
• Ansible Vault creates encrypted secrets files; this file can have any name.
• Decrypt secrets interactively using the ansible-vault command.
• Avoid putting secrets into playbooks if you are committing your work to source code repositories.

Ansible Inventories and Variables

• Ansible inventories list managed nodes in a YAML or INI file (usually hosts.ini).
• Dynamic inventories use scripts to fetch hosts, particularly for dynamic cloud environments.
• Ansible variable scopes include host-level and group-level.

Ansible Roles and Templates

• Ansible roles are reusable configuration components.
• Role directory structure contains files like tasks, templates, variables, and meta for maintainability.
• Role structure helps decompose playbooks for reuse.
• Ansible templates use Jinja2 for formatting to configure dynamic aspects of servers.
• Use Ansible templating using YAML to inject static data into files, like config files.