How Ansible works

Ansible connects to nodes (servers) and pushes out small programs called “Ansible modules” to them. Ansible the executes these modules and removes them once the execution is completed.

As users, we just need to work on our terminal, text editor and in some cases a version controller to keep track of the changes.

Ansibe support passwords to connect and execute the modules on the nodes, but SSH keys are one of the best ways to use Ansible.

Generate ssh key with ssh-keygen command.

$ ssh-keygen

Creating a key pair (public key and private key) only takes a minute. The key files are usually stored in the ~/.ssh directory.

Copy the key to a server or node.

ssh-copy-id user@hostname(or IP Address)

By default, Ansible puts all the servers it manages in a simple INI format file called inventory host file. The servers can be grouped as the user’s choice.

To add new server, there is no SSL signing involved, just add hostname or IP Address to the INI file or to the group in the INI file.

Ansible can also plugin to the sources, such as drawing inventory, group, and variable information from sources like EC2, Rackspace, OpenStack, and more.

Here’s what a plain text inventory file looks like:



By default, inventory file can be found in /etc/ansible/ and file name is hosts.

$ cd /etc/ansible
$ ls 
ansible.cfg hosts roles

The location of inventory file can be defined in ansible.cfg file with following line.

inventory = <path to hosts file>

When Ansible installed, the latest ansible.cfg file should be present in /etc/ansible.  Certain settings in Ansible are adjustable via a configuration file. 

When we execute ansible command, it will search for ansible.cfg file in the following order.

  1. ANSIBLE_CONFIG (an environment variable)
  2. ansible.cfg (in the current directory)
  3. .ansible.cfg (in the home directory)
  4. /etc/ansible/ansible.cfg

Ansible will process the above list and use the first file found.