🧱 Understanding Ansible Architecture: Simplicity at Scale

In the Devops world, Ansible is known for its agentless, simple, and powerful approach to automation. This post breaks down Ansible’s architecture, explaining each core component along with real-world commands and supporting visuals.

---

🧩 Key Principles of Ansible Architecture

✅ Agentless (via SSH or WinRM)
✅ Push-based execution
✅ Human-readable YAML
✅ Modular and extensible

---

🔧 Architecture Overview

At the heart of Ansible lies its control node, which manages target managed nodes using playbooks, inventories, and modules.

---

🖥️ 1. Control Node

The Control Node is where you install and run Ansible.

🔸 Key responsibilities:

• Store playbooks, roles, configs

• Execute automation across infrastructure

✅ Common Commands:

# Install Ansible on the control node
sudo apt update && sudo apt install ansible -y

# Check Ansible version
ansible --version

---

🖥️ 2. Managed Nodes

These are the target systems Ansible automates. They don’t require Ansible installed, just SSH access.

✅ Test connection:

# Ping a managed node
ansible all -i inventory.ini -m ping

---

📄 3. Inventory

Inventory is a list of hosts managed by Ansible, defined in an INI, YAML, or dynamic file.

✅ Sample Inventory:

[web]
192.168.1.10
192.168.1.11

[db]
192.168.1.20

✅ Run a command using inventory:

ansible web -i inventory.ini -m shell -a "uptime"

---

📘 4. Playbooks

Playbooks define what Ansible does using YAML syntax.

✅ Sample Playbook:

- name: Install Nginx
  hosts: web
  become: true
  tasks:
    - name: Ensure Nginx is installed
      apt:
        name: nginx
        state: present

✅ Run the playbook:

ansible-playbook -i inventory.ini nginx-install.yml

---

⚙️ 5. Modules

Modules are Ansible’s building blocks. They perform specific tasks like package management, file manipulation, service control, etc.

✅ Examples:

# Using the 'apt' module
ansible all -i inventory.ini -m apt -a "name=nginx state=present" --become

# Using the 'copy' module
ansible all -i inventory.ini -m copy -a "src=/etc/hosts dest=/tmp/hosts"

---

🧩 6. Plugins

Plugins enhance Ansible’s behavior.

• Connection Plugins – SSH, WinRM, Docker, etc.

• Callback Plugins – customize output/logging

• Lookup Plugins – pull dynamic variables

You don’t run plugins manually, but they are used automatically or configured in ansible.cfg.

---

📦 7. Roles & Collections

Roles organize playbooks into structured components.

Collections are packages of modules, roles, and plugins.

✅ Use Galaxy to install roles:

ansible-galaxy install geerlingguy.nginx

✅ Run a role-based playbook:

- hosts: web
  roles:
    - geerlingguy.nginx

---

🔐 8. Ansible Vault

Use Ansible Vault to encrypt sensitive data.

✅ Commands:

# Encrypt a file
ansible-vault encrypt secrets.yml

# Decrypt a file
ansible-vault decrypt secrets.yml

# Run playbook with vault password prompt
ansible-playbook secure-playbook.yml --ask-vault-pass

---

🌐 Ansible Tower / Automation Controller

Ansible Tower (now Automation Controller) is the UI/API layer provided in Ansible Automation Platform, offering:

• Centralized job control

• RBAC (Role-Based Access Control)

• REST API & Webhooks

• Visual dashboards

---

🧭 DevOps Pipeline Integration

Ansible integrates smoothly into DevOps workflows:

• Git for version control

• Jenkins/GitLab CI for CI/CD

• Monitoring tools for post-deploy actions

---

✅ Summary Table

---

🧠 Final Thoughts

Ansible’s architecture is the perfect balance between simplicity and power. It automates everything from provisioning and configuration to orchestration, with no agents, minimal setup, and clean, readable YAML.

“Simple doesn’t mean limited. With Ansible, simplicity scales.”

---

📦 Optional Resources

• 🔗 Official Site

• 🔗 GitHub

• 🔗 Ansible Galaxy

• 🔗 Red Hat Ansible Platform