Automation without agents
The configuration management tools available in 2012 — Puppet and Chef in particular — require installing a software agent on every managed machine. The agent periodically connects to a central server, downloads the desired configuration and applies it. This model works, but introduces complexity: the agent must be installed, updated and monitored on every node; the central server becomes a critical component; communication requires dedicated certificates and network configurations.
Michael DeHaan, already the author of Cobbler (a provisioning tool) and a contributor to Puppet, designs Ansible with a different premise: no agents. Ansible connects to remote servers via SSH — a service already present on any Linux machine — and executes Python modules directly on the target node. Once execution is complete, nothing remains installed on the remote machine.
Playbooks and idempotency
Configuration in Ansible is expressed through playbooks written in YAML, a readable format that requires no programming skills. A playbook is an ordered sequence of tasks, each of which invokes a module — a unit of work that manages a specific resource: packages, files, services, users, repositories.
Every module is designed to be idempotent: running it multiple times produces the same result as the first execution. If a package is already installed, the module does nothing. If a file already has the desired content, it is not rewritten. Idempotency ensures that playbooks can be re-run safely, without side effects.
Inventory and organisation
The inventory is the file that defines the infrastructure: which machines exist, how to reach them, which groups they belong to. Groups allow applying different configurations to categories of servers — web servers, databases, load balancers — with a single playbook. Variables customise behaviour per group, per host or per environment (staging, production).
Roles organise playbooks into reusable components: an “nginx” role contains everything needed to install and configure the web server, a “postgresql” role manages the database. Roles can be composed and shared across projects.
A lower barrier to entry
Ansible requires no dedicated infrastructure, imposes no specific programming language for configurations and produces visible results within minutes of installation. For teams managing dozens or hundreds of servers and looking for a structured way to automate provisioning and configuration, Ansible offers a gradual, low-risk adoption path.
Link: ansible.com