Ansible is a configuration management tool mainly used for application deployment, task automation, and server configuration, which greatly enhances business agility by reducing operational costs and response times and providing greater benefits to organizations. This makes Ansible one of the most desired skills today. We have come up with the most asked Ansible interview questions to help you be more confident in your interview. The list includes questions on topics like Playbook, configuration management, reusability, module, handler, variables, Role, tags and other advanced Ansible topics. Whether you are a fresher, intermediate or expert professional in the field of DevOps, this list of questions with answers will be greatly beneficial for you. With these expert-curated Ansible interview questions, you can be confident that you will be well-prepared for your next Ansible interview. So, to advance your career in DevOps, this article is the perfect resource for you.
Ansible is an open source automation platform that is used for configuration management, application deployment task automation etc.
It can also do I-T orchestration to run tasks in sequence and create a chain of events which must happen on several different servers or devices. It is developed in Python language. It is useful while deploying any application using ssh without any downtime.
In simple terms Ansible enables us to define our infrastructure as code(IAC) in a simple declarative manner.
There are two ways to install it.
Playbook is a way to send commands to remote computers in a scripted way and has a collection of YAML based files. Instead of using Ansible commands individually to remotely configure computers from the command line, we can configure entire complex environments by passing a script to one or more systems. For example, install and configure something. Basically, a series of resources (e.g. package, copy, file etc) that will achieve our end result in the correct order.
Configuration management tool helps to maintain the desired state of a system. It helps to reduce deployment time and helps to keep consistent configuration across similar systems. It greatly reduces the effort required to do repetitive tasks. It is one of the building blocks of the CI/CD pipeline. Top configuration management tools in the market are Ansible, Chef, Puppet & Salt. Configuration management tool plays a vital role in Infrastructure as code also. Let's take a real-life scenario to understand it more, if 100 web servers need to be built/configured then without Automation or configuration management tool, it can be a very tedious, lengthy and error-prone task. Also, it will require dedicated resource/efforts and there could be chances to have in-consistency in the configuration. A configuration management tool comes here as a savior and can build/configure 100 web servers very quickly with consistent configuration across all servers. In short, Configuration management tool is very helpful in configuring of systems to a particular state with consistent configuration and fewer efforts.
Ansible is a configuration management tool. It helps to automate repetitive tasks and to achieve the desired state of systems. Redhat is an official vendor for Ansible. It is very simple and easy to use and because of this many organizations adopting it rapidly. There is no need to learn any new language to work on Ansible. It uses YAML to write tasks, plays or playbooks. Ansible can be used in two ways, Ansible command line or Ansible Tower. Ansible can complement CI/CD pipeline greatly by making require configuration automatically with consistency. Thus, it helps to speed up the roll-out new changes or products to production. Ansible can be integrated with Jenkins to enhance CI/CD pipeline and to execute configuration tasks automatically from Jenkins. Ansible can also help in defining Infrastructure as a code, so you can deploy as many servers with consistent configuration.
For any configuration management tool, Idempotency is a key feature. Idempotency means that you can execute one or more tasks on a server any number of times and it will not make any change if it is already in the desired state. Idempotency is a key feature of Ansible too. With this, Ansible makes sure that it doesn’t make unnecessary changes on managed hosts. Think of automating a task using scripts and automating the same task using Ansible. If you run a script to perform a task, it will perform required steps on each and every execution of the script, on the other hand, Ansible will make changes only once, even though you execute it a thousand times. Why idempotency is required? So, let's understand it with an example: suppose you need to append a line “this is a test” to a file and you created a script for this. Now, whenever you run this script it will append the same line again and again ( until you are smart enough to include an existence test in the script ). With Ansible, you just write to append line in a file and then Ansible automatically checks, if it is already there or not.
Role is a group of variables, tasks, files, and handlers that store in the standardized file structure. Roles facilitate reuse and modularization of configuration. For exp: 2 roles have been written, 1 for Apache HTTP and the second one for Apache Tomcat. Now if you need to configure HTTP and Tomcat both on a server than you can just include both roles in the playbook or if you need only one from it then include only 1 role in the playbook. In this way, there is no need for major changes in playbook other than modification of role name, thus provide reusability and modularity. So, the role is in simple words are small blocks, which can be used as per requirement anywhere to build a big or small wall.
Ansible Galaxy is a hub or community for finding and sharing Ansible content. Roles for provisioning infrastructure, deploying the application and for many other days today, tasks can be found and downloaded from Galaxy. Content on galaxy can be browsed over https://galaxy.ansible.com. Ansible-galaxy command can be used to install, import, list, delete or search roles from/to Galaxy server. One can find playbooks to configure Apache HTTP, Tomcat, Oracle DB or many more as per need and requirement. Instead of writing long playbooks every time, Galaxy can be checked for already created playbooks/roles and if require that playbooks/roles can be modified as per need locally.
Ansible play is a set of tasks that are run on one or more managed hosts. A play may include one or more tasks, and the most common way to execute play is to use a playbook. Play always starts with the top directory, which means it will start from the “- hosts” line always.
Ansible playbook contains one or more plays to have the feasibility of running multiple tasks on a different set of hosts.
Below is the example of a play:
- hosts: webservers tasks: - name: ensure apache is at the latest version yum: name: httpd state: latest
Below is the example of a playbook:
--- - hosts: webservers tasks: - name: ensure apache is at the latest version yum: name: httpd state: latest - hosts: databases tasks: - name: ensure postgresql is at the latest version yum: name: postgresql state: latest
On the local machine user uses playbook to configure and manage the execution YAML based scripts. Main building blocks of Ansible are playbook, plugins, modules, host inventories, group_vars, roles, handlers, and tags. Using these components we define our configuration and scripts and that is executed on the remote nodes using SSH tunneling. Commands/steps in scripts are executed in order but execution happens in parallel on multiple remote nodes managed by Ansible. Ansible pushes out small program termed as 'modules'; which are responsible for performing all heavy liftings.
Ansible carries out these modules upon the SSH by default and eliminates them from the remote node machine when finished.
Workflows are only available with Enterprise-level licenses. Workflows allow configuring a sequence of disparate job templates that may or may not share inventory, playbooks, or permissions. However, workflows have ‘admin’ and ‘execute’ permissions, similar to job templates. A workflow accomplishes the task of tracking the full set of jobs that were part of the release process as a single unit.
A workflow job can have the following states (no Failed
Ansible Tower is an enterprise framework for controlling, securing and managing Ansible automation with a UI and restful API.
It provides the following features
Ansible playbook files can be reused in multiple ways. Imports and Include are helpful to create/break up multiple small files of a massive playbook. Roles are primarily used to manage various tasks in a package including handlers, variables, plug-in and other modules. They can also be uploaded and shared by Ansible Galaxy. Ansible Tower automatically fetches the roles that playbook needs from Galaxy, GitHub, or your local source control.
Ansible works by connecting to the remote nodes over SSH and pushing out small programs, called 'modules' to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules and removes them when finished.
Ansible ships with a number of readymade modules (called the 'module library') that can be executed directly on remote hosts or through Playbooks. Users can also write their own modules. These modules can control system resources, like services, packages, or files (anything really), or handle executing system commands.
Whenever we run an Ansible playbook, Ansible first gathers information ('facts' an exhaustive list of all the environment details) about each host in the play. Facts can be extremely helpful when we’re running playbooks; we can use gathered information like host IP addresses, CPU type, disk space, operating system information, and network interface information to change when certain tasks are run or to change certain information used in configuration files.
To get a list of every gathered fact available, we can use 'ansible munin -m setup' command with the setup module.
There are two types of variables that can be defined in a role:
Ansible tags are very useful when the playbook is large. It may become useful to be able to run only a specific part of it rather than running everything in the playbook. For example, a playbook creates 3 users but in some cases, you need only 1 user from it, so here tag is a big savior.
During playbook execution, tasks can be filtered out in two ways:
Skip tags can be used to skip one or more tag, it can be defined in the command line as –skip-tags ‘tag1,tag2’. On the other hand, --tags helps to execute one or tags associated with the mentioned tag.
Ansible is a configuration management tool which is mainly used for application deployment, task automation, and server configuration which greatly enhances business agility by reducing operational costs, response times, and providing greater benefits to organisations. It is a very popular tool which is fairly easy to use and helps in IT orchestration and can handle complex tasks. A hands-on Ansible automation training is helpful in understanding these concepts well.
We have come up with a few Ansible interview questions which will surely help you to be more confident in your interview. The following interview questions on Ansible have been designed by experts and intends to give you a glimpse of the interview questions which you might face while you appear for your Ansible interview. Take comprehensive DevOps tools courses to become a master at the application of Ansible.