Network Automation with Ansible

Questions and Answers

What is the primary focus of the course 'Automating Networks with Ansible the Right Way'?

• Fundamentals of Python programming for network engineers.
• System administration tasks using Ansible on Linux-based systems.
• Advanced MPLS configurations and troubleshooting.
• Designing, implementing, operating, and troubleshooting automation solutions in a complex network using Ansible. (correct)

Which of the following is a key difference when using Ansible for network automation compared to system administration?

• System administration relies heavily on SSH transport, while network automation requires additional connectivity methods.
• Network automation often involves devices without native Python support, requiring module logic to run on the control machine. (correct)
• Ansible is primarily designed for system administration, making it less effective for network automation.
• Network devices always have Python installed locally, simplifying module execution.

In the context of the Globomantics network scenario, what is the main purpose of MPLS VPNs?

• To provide internet access to all Globomantics customers.
• To simplify BGP route exchanges between Globomantics and its customers.
• To eliminate the need for route targets in network configurations.
• To enable multitenancy by keeping customer data separate across geographically dispersed sites. (correct)

How do route targets (RTs) contribute to multitenancy in an MPLS network?

They act as numeric tags applied to BGP routes to determine VPN membership and isolation. (B)

Which Ansible component is used to define global runtime settings, such as the location of the inventory file and log storage?

The Ansible configuration file. (A)

What is the purpose of the Ansible inventory file?

To enumerate all of the hosts and groups of hosts being managed by Ansible. (D)

In Ansible, what is a 'playbook'?

A file containing a list of plays, which define automation tasks. (C)

Within an Ansible playbook, what is the purpose of a 'task'?

To perform a specific action on a managed host, typically using a module. (C)

Which variable is used to inform Ansible's SSH logic about the type of network device it is connecting to?

ansible_network_os (B)

What file format is commonly used for Ansible variable files?

YAML (B)

Why is disabling fact gathering a common practice in network-oriented Ansible playbooks?

Networking modules typically run on the control machine, making fact gathering on target routers unnecessary. (C)

What is the benefit of using a playbook-level configuration file instead of the global Ansible configuration file?

It improves portability and version control by keeping configurations contained within the project code. (A)

What is the primary purpose of 'retry files' in Ansible?

To list failed hosts for re-running tasks specifically on those hosts. (C)

In Ansible, what is the purpose of the group_vars folder?

To store variables that are automatically inherited by hosts within a specific group. (D)

What is the function of the register keyword in an Ansible task?

To store the result of a task execution in a variable for later use. (A)

What is the purpose of the debug module in Ansible?

To print information, such as variable values, to the console during playbook execution. (A)

In Ansible, what is the purpose of a 'handler'?

To execute tasks conditionally, only when notified by another task. (B)

What does it mean for an operation to be 'idempotent' in the context of Infrastructure as Code?

The operation only makes changes when necessary, avoiding unnecessary modifications on subsequent runs. (A)

What is the primary goal of Infrastructure as Code (IaC)?

To automate and manage infrastructure using code and declarative configuration files. (C)

What is the purpose of 'version control' in an IaC environment?

To track and manage changes to infrastructure code, allowing for rollback and collaboration. (A)

What benefit does Infrastructure as Code provide in multi-vendor network environments?

It provides a common framework for interfacing with different devices, abstracting away vendor-specific command differences. (A)

What is Continuous Integration and Continuous Deployment (CI/CD) in the context of IaC?

An automated process for testing and deploying infrastructure changes to production. (D)

What is a significant business benefit of adopting Infrastructure as Code?

Improved quality by reducing variability and allowing for more time for cognitive tasks. (A)

What is the purpose of the host_vars directory in Ansible?

To store variables specific to individual hosts. (B)

What is Jinja2 primarily used for in Ansible?

To create configuration templates using loops, conditional logic, and variable substitution. (A)

What is the purpose of the notify keyword in an Ansible task?

To call a handler, which is conditionally executed based on events. (B)

When using the ios_config module, what does the save_when: changed option accomplish?

It saves the running configuration to the startup configuration only if changes were made during the task. (D)

What is the benefit of using the cli_config module in Ansible?

It is platform-agnostic and can handle any network CLI by relying on the Ansible network OS field. (A)

When is it most appropriate to use feature-specific Ansible modules (e.g., ios_vrf) instead of generic configuration management modules (e.g., ios_config)?

When needing fewer moving parts and a less complex design for a specific task. (D)

Why can removing stale configurations be challenging when using CLI-based Infrastructure as Code solutions?

Ansible does not want to make assumptions about what to remove, as this could be dangerous. (D)

What is the primary purpose of custom filters in Ansible?

To extend Ansible's functionality with custom Python code for data manipulation. (A)

Why is it beneficial to use custom filters for complex data manipulations in Ansible?

Custom filters simplify playbook syntax and reduce overall complexity by leveraging Python's flexibility. (D)

What does the filters function in a custom Ansible filter module return?

A dictionary mapping Ansible filter names to Python function names. (B)

What is the purpose of regular expressions (regex) in the context of network automation?

To match input strings against generic patterns and extract specific data fields. (D)

What is the primary goal of unit testing custom filters in Ansible?

To pass static data to individual code segments and assert the results, preventing regressions. (B)

What is the benefit of using Ansible itself for unit testing custom filters?

It's simpler and validates real-life applications of the filter without abstract test suites. (A)

In mathematical set theory, what does the 'set difference' operation (A - B) determine?

Elements that exist in set A but not in set B. (B)

How can set difference be used to solve the problem of unwanted configurations?

It can be used to surgically determine which configurations need to be removed. (A)

When using the rt_diff filter, which list isn't looped over?

The running config VRF dictionary keys in the filter. (D)

What is the key benefit of using Ansible roles?

They enable encapsulation of Ansible components into self-contained, reusable packages. (B)

What is Ansible Galaxy?

A website with version control, and code repository where roles can be uploaded and shared within the Ansible community. (C)

Which of the following best describes the role of Pluralsight's course 'Automating Networks with Ansible the Right Way'?

Detailing the automation of intricate network solutions using Ansible. (B)

What is a key recommendation for maximizing the learning experience in the 'Automating Networks with Ansible the Right Way' course?

Basic Python coding skills and networking knowledge. (B)

Regarding Ansible's applicability in network automation compared to other IT systems, what is a primary consideration?

Network devices often lack native Python support, affecting module execution. (A)

In the context of network automation using Ansible, what is the significance of understanding various connectivity methods beyond SSH?

Network devices offer a wide array of connectivity methods, influencing automation strategies. (B)

What is the key architectural benefit of MPLS VPNs in the Globomantics network scenario?

Providing multitenancy and segregation of customer data. (B)

How do route targets (RTs) enable customized connectivity in an MPLS network?

By selectively importing or exporting routes to define VPN membership and topology. (D)

What is the role of routers R1 and R2 in the Globomantics MPLS network automation project?

Connecting directly to customer sites and enforcing route target policies. (D)

How does Ansible's configuration file relate to playbook execution?

It defines global runtime settings that affect the entire playbook, but can be overridden. (A)

Within the Ansible framework, how are individual group and host variables utilized during playbook execution?

They are consumed primarily at the task level to parameterize module behavior. (D)

When configuring Ansible to connect to network devices, what is the purpose of the ansible_network_os variable?

To instruct Ansible's SSH logic about the type of network device. (C)

Why is it preferable to use a playbook-level configuration file over the global Ansible configuration file in network automation projects?

Playbook-level configurations improve portability and version control of project settings. (C)

How is a Python virtual environment beneficial in the context of Ansible network automation?

It isolates project dependencies, ensuring consistent Ansible and Python versions. (A)

What is the purpose of using the ios_command module in Ansible for network automation?

To run exec level commands on Cisco IOS devices and retrieve their output. (D)

What approach should be used to extract the standard output from the structured data when using the ios_command module?

Reference the stdout key with appropriate list indexing in the registered variable. (C)

What is the function of the run_once task-level directive in Ansible?

It executes a task only one time, regardless of the number of hosts in the play. (D)

What is the purpose of Infrastructure as Code (IaC)?

Managing and provisioning infrastructure through code, rather than manual processes. (B)

Which of the following is a core component of Infrastructure as Code?

Declaring the desired state of the infrastructure. (D)

Why is the concept of 'idempotence' crucial in Infrastructure as Code (IaC)?

It makes sure that an operation when executed multiple times only makes changes when necessary. (C)

How does Infrastructure as Code leverage abstraction in multivendor network environments?

By providing per-platform templates and a common framework for interfacing with devices. (C)

How does version control enhance troubleshooting in an Infrastructure as Code environment?

By providing a centralized repository of all changes with difference checking capabilities. (C)

What is the potential impact of Continuous Integration and Continuous Deployment (CI/CD) on network management in an IaC context?

It automates the testing and deployment of network changes, making modifications routine. (B)

What is a key business benefit of adopting Infrastructure as Code?

Achieving a faster, more stable network at a lower total cost. (D)

In Ansible, what is the purpose of the host_vars directory?

To define variables specific to individual hosts. (A)

What is the primary function of Jinja2 templates in Ansible-based Infrastructure as Code?

Transforming structured data into CLI commands using loops, conditional logic, and variable substitution. (A)

When using the ios_config module in Ansible, what is the function of the notify keyword?

To trigger a handler conditionally based on task status. (A)

When deploying Infrastructure as Code to network devices, why can removing stale configurations be a challenge?

Ansible avoids making assumptions about configuration removal to prevent unintended consequences. (D)

Why are custom filters useful in Ansible playbooks?

They allow the execution of arbitrary Python code for complex data manipulations. (D)

In the context of Ansible, what is the primary role of the filters function within a custom filter module?

To map Ansible filter names to Python function names. (C)

When writing custom filters in Ansible, why is it beneficial to keep advanced logic in Python and task orchestration in Ansible?

It lowers the barrier for entry, allowing junior engineers to manage playbooks while advanced logic is handled by Python. (D)

What is the purpose of regular expressions (regex) in the context of network automation and custom filters?

To match input strings against generic patterns and extract specific data fields. (A)

What is the main benefit of writing unit tests for custom filters in Ansible?

To ensure that changes to the filter don't introduce regressions before running playbooks. (B)

Regarding the use of Ansible for unit testing custom filters, why is this approach effective?

It's simple and validates the real-life application of the filter without an abstract test suite. (C)

How can set difference be used to solve the problem of unwanted configurations in network automation with Ansible?

By surgically determining which configurations need to be removed from the network devices. (A)

What is the function of Ansible Galaxy?

A repository for sharing and consuming Ansible roles within the community. (D)

In the 'Automating Networks with Ansible the Right Way' course, what prior knowledge is recommended for students to succeed?

Basic Python coding skills and fundamental networking knowledge. (A)

How does Ansible's approach to network device management generally differ from its approach to Linux server management?

Network devices often lack native Python support, requiring the control machine to execute modules. (C)

What role does Globomantics play in the context of the network automation scenarios presented in the course?

A network service provider automating customer provisioning. (A)

In an MPLS VPN, what determines the level of connectivity and isolation between different customers?

The configuration of route targets (RTs) associated with VPN routes. (D)

How does the Ansible configuration file influence playbook execution?

It specifies global Ansible runtime settings, such as inventory location. (A)

How do playbooks utilize variables for specific hosts or groups?

Playbooks use group and host variables at the task level. (A)

In Ansible network automation, what is the purpose of disabling fact gathering?

To speed up playbook execution by avoiding unnecessary data collection. (B)

How do you configure a playbook to execute a particular task only once, regardless of the number of hosts?

By using the run_once: true directive at the task level. (A)

Which of the following is a core principle behind Infrastructure as Code?

Defining infrastructure as code for automated management. (B)

How does Infrastructure as Code (IaC) improve consistency and reduce errors in network management?

By automating repetitive tasks and enforcing standardized configurations. (B)

In Ansible, what is the primary purpose of Jinja2 templates within the context of Infrastructure as Code?

To transform structured data into device-specific configurations. (A)

What is a key challenge when applying Infrastructure as Code to network devices, particularly with CLI-based approaches?

Removing stale configurations that are not part of the desired state. (A)

When writing custom filters in Ansible, why is it beneficial to delegate complex logic to Python?

To simplify playbook design and improve readability. (B)

What is the primary purpose of using regular expressions (regex) when writing custom filters for network automation?

To match patterns within text and extract specific data. (C)

Why should you write unit tests when creating custom filters in Ansible?

To identify errors and regressions in filter logic. (B)

When using Ansible to unit test custom filters, what benefit is gained by using Ansible instead of a dedicated testing framework?

It allows testing of the filter in a real-world application context. (C)

How can mathematical set difference be used to solve the problem of unwanted configurations on network devices?

To determine which configurations exist but are not in the desired state. (A)

In the context of Ansible and Infrastructure as Code, what does 'abstraction' enable in multi-vendor network environments?

A common framework for interfacing with different types of devices. (B)

In the context of Ansible, what is the main purpose of roles?

To create reusable, self-contained packages of Ansible components. (B)

According to the course material, what is a significant business advantage of adopting Infrastructure as Code (IaC)?

Faster delivery, improved quality, and lower operational costs. (D)

Flashcards

Ansible configuration file

A configuration file that defines global runtime settings for Ansible, such as the inventory file location and logging options.

Ansible inventory

A file that lists all the hosts and groups of hosts managed by Ansible.

Ansible variable files

Files that store group and host-specific data, often containing configuration settings.

Ansible playbooks

Files containing a list of plays that define the automation tasks to be executed by Ansible.

ansible_network_os

Specifies network device type for SSH.

ansible_user

The username Ansible uses to log in to the network device.

ansible_password

The password associated with the username used to log in to the network device.

group_vars folder

A way of automatically inheriting variables at the group level in Ansible.

ios_command module

A module for running exec-level commands on Cisco IOS devices.

copy module

A module for copying files to managed devices.

stdout

Describes the data structure of Ansible returns.

run_once

Ensures a task runs only once, even across multiple hosts.

inventory_hostname

A special variable that Ansible makes available, reflecting the hostname of each host.

IaC

Infrastructure as Code: Managing and provisioning infrastructure through code rather than manual processes.

host_vars

Directory for host-specific variables.

Jinja2

A text templating language used for generating configuration files dynamically.

save_when: changed

Instructs Ansible to copy the running-config to startup-config if any changes are required.

handler

A task that is conditionally executed only when notified by another task.

idempotent

An operation that can be executed multiple times without causing unintended side effects after the initial execution.

ios_config

A module used to apply configuration changes to network devices.

Abstraction

Uses a custom configuration template per device type.

cli_config

Module that intelligently handles any network CLI, using the Ansible network OS field.

lookup

Module to pass plaintext by using lookup to render the template manually.

ios_vrf

Module to manage VRF configurations on network devices without Jinja2 templates.

Custom Filter

A Python function that complements existing Ansible constructs, allowing for custom data manipulation within playbooks.

filter directory

Directory inside the plugins directory.

RE library

A Python library that provides a system to write regular expressions.

Unit test

Testing code segments.

Set

The mathematical term representing a collection of unique elements.

Set difference

Operation answering: which elements exist in one set, but not the other set?

Ansible Roles

Encapsulate components for reuse elsewhere.

ansible-galaxy

Shell command available when installing Ansible.

Ansible-galaxy Website

A website where roles can be uploaded and shared within the Ansible community.

Study Notes

• This course focuses on automating networks with Ansible, emphasizing practical application and production-ready solutions.
• The course covers designing, implementing, operating, and troubleshooting automation solutions in complex networks.
• Key principles include Ansible-based network automation, infrastructure as code, design options (CLI and API-based), Python coding for Ansible customization, and bulletproofing playbooks.
• Prior knowledge of Python, basic networking (CCNA level), and an introduction to Layer 3 VPNs are recommended.

Network Automation Differences

• Ansible is typically used in systems administration, but involves some specific differences in network automation.
• Most network devices lack native Python support, unlike Linux-based systems.
• Ansible delegates module execution to managed devices with Python.
• Without Python, the module logic runs on the Ansible control machine.
• Network devices commonly use different connectivity methods beyond SSH.

MPLS Network Overview

• Multiprotocol Label Switching (MPLS) enables multitenancy across geographically dispersed sites using VPNs.
• Globomantics, a network service provider, automates customer provisioning using Ansible.
• MPLS VPNs use Border Gateway Protocol (BGP) to exchange IP routes.
• Route targets (RTs) are numeric tags applied to BGP routes, determining VPN membership.
• Ansible primarily manages R1 and R2 routers.

Ansible Core Components

• The Ansible configuration file defines global runtime settings like inventory file location and logging.
• The Ansible inventory lists managed hosts and groups.
• Variable files store group and host-specific data, significantly used for configuration settings.
• Playbooks are the mainstay of Ansible, containing a list of plays.
• Plays include tasks, which are specific actions to be accomplished on the target hosts.
• The configuration file contains global operations while plays select groups from the inventory based on high level global operations that affect the entire playbook.
• Group and host variables are consumed at the task level.
• ansible_network_os specifies the type of network device.
• ansible_user sets the login username.
• ansible_password sets the login password.

Ansible Preparation Steps

• Install Ansible and create a directory structure with basic component files.
• Python virtual environment with Python version 3.6.7 and Ansible version 2.7.7 is used.
• The default config file is in /etc/ansible/ansible.cfg, and playbook-level config files are recommended for portability.
• Common defaults include disabling fact gathering (gathering: false), identifying the inventory file (inventory = inv.yml), and disabling retry files (retry_files_enabled = False).
• The YAML inventory format is hierarchical, starting with the all group containing subgroups.
• The group_vars folder automatically inherits variables at the group level.

First Ansible Playbook

• A playbook lists plays, defining the play data and scope.
• Tasks include names, modules, and options.
• ios_command module runs exec-level commands on Cisco IOS devices.
• The register task option stores the result.
• The debug module prints output.
• Ansible prints out the play and task names in the console log.

Playbook Logging Challenge

• Output data should be represented as simple text, and configuration snippets backed up to files.
• ansible-doc feature provides documentation of Ansible
• Examine stdout, a list of strings, one per command issued.
• JSON structure uses dot notation (e.g., cli_result.stdout) or Python notation (e.g., cli_result['stdout']).
• The file module creates directories.
• run_once accomplishes folder creation only once instead of N times.
• The copy module writes content from memory to a file on the control machine.
• inventory_hostname variable reflects the hostname of each host.

Infrastructure as Code (IaC)

• Traditional network operators often manually determine the current state of devices and their configuration.
• IaC allows operators to declare a desired state.
• IaC solutions offer varying levels of abstraction for different environments.
• Version control systems track changes made by all users with difference checking capabilities.

IaC Components

• Idempotence means an operation can be executed multiple times without unnecessary changes after the initial setup.
• Variables illustrate route target management using YAML data.
• Ansible workflows can be designed generically with custom templates per device type.
• Version control enables reverting to previous states, checking logs, and enhancing troubleshooting and postmortem processes.
• Continuous Integration/Continuous Deployment (CI/CD) automates testing and deployment.

Business Benefits of IaC

• Quality is improved by reducing variability.
• Time is reallocated from mundane tasks to network design and planning.
• Automation frameworks like Ansible are low or no cost.
• Automation for a US Federal Government customer reduced defect rates, shortened lead times, and saved approximately $2 million annually.

Deploying "ios_config" for CLI-based IAC

• The host_vars folder defines specific variables for individual hosts.
• R1 and R2 have VRFs with route import and export lists.
• Jinja2 templates allow loops for iteration and if/else statements for conditional logic.
• The ios_config module makes changes to the router
• The src option specifies the Jinja2 template file path.
• The save_when: changed option copies the running-config to startup-config if changes are required.
• The notify option calls a handler when changes occur.
• Handlers listen for a specific signal (e.g., config_changed) and execute tasks conditionally
• Handlers are used to print output only if there was a change.
• Use ansible-doc to learn more about file and copy modules

Deploying "cli_config" for CLI-based IAC

• Uses a more platform-agnostic approach with a mixed IOS and IOS XR network.
• The inventory file includes additional hierarchy with ios_routers and iosxr_routers subgroups.
• Subgroups allow defining OS-specific variables in the group_vars folder, such as ansible_network_os.
• Templates are device-based (ios_vpn.j2 and iosxr_vpn.j2).
• Module cli_config handles any network CLI via the ansible_network_os field.
• set_fact module performs variable assignment.
• The cli_config module uses lookup to render the template manually.
• The handler is notified if a change occurs, and results are stored in cli_result.
• A bug exists in cli_config: does not properly save IOS configurations.

Deploying "ios_vrf" for CLI-based IAC

• Manages VPN membership configuration by just updating route targets in the network based on declarative statement without any templates.
• The ios_vrf module passes a list of dictionaries.
• Naming variables consistently with module suboptions helps stay organized.

Comparing CLI-based Infrastructure as Code Solutions

• Generic solutions rely on modules like ios_config or cli_config.
• Specific modules like ios_vrf have a limited set of features.
• Generic solutions use Jinja2 templates, while specific solutions ingest structured data directly.

The Big Problem

• Ansible may have difficulty removing stale configurations when using CLI-based Infrastructure as Code solutions.
• Removing old configuration is challenging as Ansible does not want to make assumptions.
• Basic IaC solutions are great at remediating missing route targets if any exist.

Custom Filters

• Ansible is easily extendable using Python with custom filters, modules, and plugins.
• Filters are Python functions that complement existing Ansible constructs.
• Filters enable running arbitrary Python code in playbooks.
• YAML-based DSL can be inflexible.
• Python functions often reduce complexity
• Ansible plugins need to be included in the config file.
• The FilterModule class in Python is consumed by Ansible.
• The filters function returns a dictionary mapping Ansible filter names to Python function names.

Simplest Possible Custom Filter

• Filter extracts the BGP Autonomous System Number from the route target using Python.
• Specify custom filters file path in the config file.
• The FilterModule class creates a method called filters.
• A statichmethod decorator is used since Ansible doesn’t need to instantiate this class.
• Invoke custom filter using the pipe syntax.

Parser and Regex Basics

• Python filter transforms the VRF definition text blob into a JSON structure.
• Regular expressions (regex) match input strings against generic patterns for extracting data fields.
• Named capture groups identify data.
• Regex101.com support checking regex against sample text inputs.

Custom Parser for VRF Information Demo

• The RE library is used for regular expressions.
• A filter takes in a single string (text), which should be a delimited blob.
• The big blob gets broken into smaller chunks, one per VRF.
• A Python list comprehension combined with string splitting is used .
• Iterate through each VRF stanza individually to search the VRF stanza for the VRF name, and store it in dictionary form.

Bullet-proofing Code with Unit Tests

• Unit tests pass static data to individual code segments (custom filters).
• Test the results by the use of static input.
• Detect future changes to detect breaking changes without impacting production

Using Ansible for Filter Unit Testing

• Use Ansible to test Ansible.
• Playbook loads test cases defined in the task's directory.
• One task file is created for each filter, and each task file contains individual test cases.
• The play runs on localhost only and uses connection local.
• The find module grabs YAML files that begin with test_ in the tasks directory.
• The map filter grabs all path attributes from each dictionary and assembles them into a simple list of strings.
• Walk the list of file names pulling each one into the playbook using the include_tasks directive.
• The assert module asserts provided list of conditions are all true.

Set Theory Basics

• A set is a mathematical term representing a collection of unique elements.
• Sets are unsorted, unsorted collections of unique elements.
• Operations include union, intersection, and difference.
• Set difference answers the set difference: which one is in one set, but is NOT in the other set.

Set Operations in Python

• want represents the desired state (YAML lists).
• have represents the current route target configuration.
• want - have identifies route targets to add (present in desired state, not in current state).
• have - want identifies route targets to remove (currently configured, not in desired state).

Custom Filter for Route-targeting Presence Determination

• Filter takes two arguments: list of VRFs from intended state and dictionary of VRFs from running configuration.
• Function returns a list of VRFs.
• Uses get function that works with a list indexes, returns NOne if matching value found,.
• Adds or deletes based on matching filter conditions
• Set intersection not required because its a non change

Unit Tests For the Custom Filter

• Use static data to mock up YAML-formatted data.
• Mock variables such as run-vrf-dict to compare current stated vs intended state
• Assert individual data fields are correct.

Fitting the Pieces Together

• The desired state is stored in per-host variable files using YAML format.
• The playbook captures the current VRF configuration.
• Tasks: parse the lists of current import and export route targets; Compare to desired configurations and then Apply any route target additions or removals.
• Jinja loops are nested for each set of commands
• Commands loop to add the necessary data

The Whole Solution in Action

• A Jinja2 template applies config changes.
• Four inner loops add and delete route target import/export.
• grep for seeing a high‑level view of a large Ansible playbook.
• Steps: grab the VRF config, parse it, perform set difference, apply changes, and display changes if they occurred.
• A key component is rt_diff filter
• Use desired state route target lists via a script, run the playbook again, and the infrastructure updates appropriately; no more manual changes directly on devices.

Ansible Roles

• An Ansible Role encapsulates Ansible components into a self-contained package for reuse.
• Each Ansible Role will include unit tests for code
• Roles are available via Ansbile Galaxy
• Roles assist in scaling the Ansible architecture
• Helps maximizes code reuse

Ansible Galaxy Refresher

• ansible-galaxy is a shell command available to create or interfact with files from Ansible
• Use ansible-galaxy list command to enumate installed Ansible Roles
• Use ansible-galaxy search command to to search the Ansible-galaxy website
• Use the ansible-galaxy install command to install the modules on to your Ansible distribution
• Ansible's init command builds the directory