• Ansible is Modular
• 1000+ Modules available.
• Modules written in python.

• Do not use Root account for ansible
• Create an account with all privileges:

sudo visudo
%ansible ALL=(ALL)    ALL

usermod -aG ansible aman

• Install python on all hosts:

yum install -y python2 epel-release

• Add entry to Hosts file & enable key less SSH access:

ssh-copy-id -i ~/.ssh/id_rsa.pub aman@server2

• Using the same username is convenient but not required.

cd install
nano inventory

[all]
controller.example.com
node1.example.com

[servers]
node1.example.com
server1.example.com

ansible all -i inventory --list-hosts

• Variour ansible.cfg files:

/etc/ansible/ansible.cfg
~/.ansible.cfg
ansible.cfg in project directory (takes precedence)

• Contents:

become:           Specify how to escalate privileges on the managed host.
become_user:      Specify which user account to use on remote host.
become_ask_pass:  Whether or not a password should be asked.
inventory:        Which Inventory files to be used.
remote_user:      Name of user account on the managed host. Not set by default, so local username is used.

• Privilege Escalation

Ansible runs tasks on managed host using same user account as local user, so make sure to copy ssh keys.
Set remote_user in ansible.cfg to specify another user to be used.
If remote_user is not specified, Privilege Escalation can be used.
Enable in [privilege_escalation] section in ansible.cfg:
  become=True
  become_method=sudo
  become_user=root
  become_ask_pass=False
Privilege escalation needs sudo configuration
Create a sudo file on all Ansible managed hosts:
  nano /etc/sudoers.d/user
  user ALL=(ALL) NOPASSWD: ALL

• Used for Diagnostics like querying a large number of hosts.
• To quickly make changes to many managed hosts
• Modules are used:

-m    Specifies Modules 
-a    Specifies Arguments

• Default Module can be set in ansible.cfg file.
• Shell module can be used for running shell commands