Configuration Management With Ansible

M ChidrupM Chidrup
4 min read

What is Configuration Management?

Configuration Management (CM) is the practice of systematically handling changes to ensure that systems maintain integrity over time. It involves managing system resources, software versions, patching, and maintaining consistency across environments.

In modern DevOps and IT infrastructure, configuration management tools automate these processes, reducing human error, increasing efficiency, and enabling scalability.

Why Ansible is Used in Configuration Management

Ansible is a powerful open-source automation tool widely used for configuration management due to the following reasons:

  1. Agentless Architecture

Ansible does not require any agent to be installed on the target machines. It uses SSH to connect to servers, reducing the overhead of managing agents across systems.

  1. Push-Based Model

Unlike pull-based tools like Puppet and Chef, Ansible follows a push-based model. This means that the control node pushes configurations to target nodes, making it more straightforward for smaller environments or quick tasks.

  1. Cross-Platform Support

Ansible supports Linux, Windows, and cloud platforms like AWS, Azure, and GCP, making it highly versatile. You can configure and deploy across diverse infrastructures.

  1. Simple Language – YAML

Ansible uses human-readable YAML (Yet Another Markup Language) for playbooks. This makes it easy to learn, write, and maintain automation tasks — even for non-programmers.

  1. Python-Based & Extensible

Ansible is built on Python, a widely adopted and readable language. It allows easy customization and writing of custom modules.

  1. Infrastructure as Code (IaC)

Ansible enables managing infrastructure through code, which can be version-controlled using Git. This improves traceability, collaboration, and rollbacks.

Real-Life Use Case

Imagine a system admin managing 100+ servers on-premise (50 Linux, 25 CentOS, 25 Ubuntu). Tasks like: • Installing software • Applying security patches • Performing upgrades

… can be done automatically through Ansible playbooks, ensuring all machines are consistently updated — saving time and effort.

Why Ansible over Puppet?

1. Simplicity & Learning Curve

  • Ansible uses YAML (playbooks) which is human-readable and easy to learn.

  • Puppet uses its own domain-specific language (DSL) which is harder for beginners.

"Ansible's YAML syntax made it easier for our team to onboard new members and write playbooks faster compared to Puppet's Ruby-based DSL."


2. Agentless Architecture

  • Ansible is agentless – uses SSH/WinRM, no need to install agents on nodes.

  • Puppet requires an agent, which increases setup and maintenance effort.

"In our hybrid cloud setup with ephemeral AWS EC2 instances, Ansible’s agentless nature helped us avoid additional configuration overhead."


3. Better for Cloud (AWS/Azure)

  • Ansible integrates directly with cloud modules for AWS, Azure, GCP.

  • Easily provision and configure resources like EC2, S3, Azure VMs, VNets.

"We used Ansible to automate provisioning of EC2 instances and configure them for production deployments in AWS."

4. Push vs Pull Architecture

  • Ansible is push-based – centralized control.

  • Puppet is pull-based – nodes fetch config from master.

"For quick infrastructure changes, we preferred Ansible’s push model over Puppet’s pull model."


5. Flexibility & Ad-Hoc Commands

  • Ansible supports ad-hoc tasks like running one-time commands easily.

  • Puppet is more rigid and better for state management.


6. Community & Ecosystem

  • Rich Ansible Galaxy community.

  • Many pre-built roles for AWS, Azure, Docker, Kubernetes.


AWS/Azure Specific Interview Questions

Q1. How have you used Ansible in AWS infrastructure?

"Used Ansible to provision EC2 instances, install Docker, and deploy microservices. Also managed security groups and S3 policies using Ansible modules."


Q2. How have you used Ansible in Azure?

"Created Azure VMs, attached disks, and configured apps using Ansible playbooks with azure_rm modules and Service Principals for auth."


Q3. How does Ansible integrate with CI/CD pipelines?

"Integrated with Jenkins and GitHub Actions to trigger playbooks for environment setup, application deployment, and rollbacks."


Q4. How do you handle secrets in Ansible (especially for cloud access)?

"Used Ansible Vault for encrypting secrets and integrated with Azure Key Vault/AWS Secrets Manager for dynamic credential fetching."


Q5. Can you explain Ansible roles and how you modularize playbooks?

"Used roles to organize tasks like webserver setup, DB provisioning, security hardening—improves reuse and readability."


Q6. Difference between Terraform and Ansible (follow-up question)?

  • Terraform: Best for provisioning infrastructure.

  • Ansible: Best for configuration management and software deployment.

"Used Terraform to spin up AWS infra, and Ansible to configure apps and services on those instances."

Summary

Ansible simplifies configuration management by offering: • Agentless operations • Declarative syntax • Multi-platform support • Fast deployments

Whether you’re deploying microservices on the cloud or managing on-prem servers, Ansible offers a scalable, reliable, and easy-to-learn solution for modern infrastructure automation.

0
Subscribe to my newsletter

Read articles from M Chidrup directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

M Chidrup
M Chidrup

Certified Azure Cloud Enthusiast and Full Stack Developer with a strong foundation in building secure, scalable cloud-native applications. Passionate about integrating AI and automation in DevOps pipelines and exploring intelligent cloud systems. I specialize in React, Node.js, Azure, Kubernetes, and DevSecOps, and I love solving real-world problems through code, collaboration, and continuous learning.