Ansible Interview Questions

Dependency for using Ansible.

Python should be installed in both ansible host and also in all target servers
ssh agent should be up and running in all linux target servers

Where the default ansible configuration file and host/inventory file is located


Executing the ansible module using command-line

ansible host_name/group_name -m ping -i inventory.txt

host_name/group_name --> from inventory file (/etc/ansible/hosts)
-m ping              --> module name (here module name ping is passed)
-i inventory.txt     --> To pass custom inventory file (Here incentory file named inventory.txt in current dirctory is passed)

How Host key checking can be disbaled/enabled in ansible ?

By default host_key_checking is enabled
In ansible.cfg          --> host_key_checking = False
In inventory file       --> ansible_ssh_user=vagrant ansible_ssh_port=2222 ansible_ssh_host= host_key_checking=false
In ansible.cfg          --> ansible_ssh_common_args='-o StrictHostKeyChecking=no'
As environment variable --> export ANSIBLE_HOST_KEY_CHECKING=False  (This might not work on newer ansible versions)

what is the diffrence between defaults and vars folder in ansible role

What is ansible collection ?

Collections are a distribution format for Ansible content that can include playbooks, roles, modules, and plugins. As modules move from the core Ansible repository into collections, the module documentation will move to the collections pages.

Types of Inventories

--> static inventory -- > All the Ip are defined in the staic file (/etc/ansible/hosts)
--> Dynamic inventory --> It will fetch the Ip's dynamically using the scipts shell,python/plugins

In the earlier version of ansible,  we have to write the python script and we have to pass like below for dynamic Inventory

ansible-playbook -i playbook.yaml

Now this dynamic inventory scripts are already written for some cloud providers
aws ec2, azure, openstack, gcp, space walk, jails etc..

Update: use aws_ec2 plugin from collection

What is Dynamic invenstory ?

Ansible dynamic inventory - AWS

Where ansible.cfg is located and what location of ansible.cfg has higher precedence ?

Changes can be made and used in a configuration file which will be searched for in the following order:

ANSIBLE_CONFIG (environment variable if set)
ansible.cfg (in the current directory)
~/.ansible.cfg (in the home directory)

Ansible will process the above list and use the first file found, all others are ignored.

What is the default ssh authentication type in ansible ?

SSH using private key

What is the use of host_vars directory ?

Used for keeping different values for each host.
For each host one dedicated file needs to be created with the host name in host_vars directory


How to run only specific tasks on ansible playbook ?

Using ansible tags feature we can run only specific tasks

ansible-playbook playbook.yaml --tags=install,config,deploy

How you can run all tasks except one task in ansible playbook ?

Using ansible tags feature we can skip one task and run all othere tasks

ansible-playbook playbook.yaml --skip-tags=install

What are the special tags in ansible ?

always and never

What is always tag in ansible ?

If you assign a always tag to tasks or play, ansible will always run that task or play.

If you even want to skip that tag, we can use --skip-tags=always

What is never tag in ansible ?

If you assign a never tag to tasks or play, ansible will skip that task or play.

If you even want to run that tag, we can use --tags=never

What is gathering_facts in ansible ? Is it enabled by default ?

This module takes care of executing the configured facts modules, the default is to use the ansible.builtin.setup module.

This module is automatically called by playbooks to gather useful variables about remote hosts that can be used in playbooks.

It can also be executed directly by /usr/bin/ansible to check what variables are available to a host.

Ansible provides many facts about the system, automatically.

Yes its enabled by default. We can disable by setting gatherings_afcts: false in playbook

How you can check which ansible conf file used ?

By running "ansible --version" will show the ansible version and also the configuration file location which is used

What are the default host group in inventory

"all" - includes every host in the inventory
"ungrouped" -  includes every host in "all" group thst is not a member of another group

How you can save output to a variable and printing that variable

- name: print to stdout
  command: echo "hello"
  register: out
- debug: msg=""
- debug: msg=""
- debug: var=out.stdout_lines

To install package based on distro/0s-family

[Older way]
- name: install the latest version of Apache on CentOS
  yum: name=httpd state=latest
  when: ansible_os_family == "RedHat"

- name: install the latest version of Apache on Debian
  apt: pkg=apache2 state=latest 
  when: ansible_os_family == "Debian"
[Newer way]
- name: Install foo
  package: name=httpd state=latest
When the package name differs across OS families, we can handle it with distribution or OS family specific vars files:
Here th packae name "httpd" is diffrent for distros, in Redhat it is "httpd", but for Ubuntu it is "apache2"
- hosts: all
  remote_user: root
    - "vars/common.yml"
    - [ "vars/.yml", "vars/os_defaults.yml" ]
    - name: Install the apache package
        name: ""
        state: present

What is handler ?

From one handler we can notify the other handler, but the problem, it is not returning "True" it wont notify the other handlers. After ansible 2.3 version,

The better way is to group the tasks inside "block" (block is also one module)

In block we define the become, remote_user, when condition as common and it will be automatically applied to each task under this block

By default the all the tasks inside the will be executed if the before tasks are suucess. If the last task is returning OK, still it will run the next tasks.

If we want the next task to be executed only if the last task is success, then capture the task status to a varibale and use that varibale in when condition in the next task

 - name: Installing apache2 on Debian(ubuntr)
        - name: Installing apache2 on Debian(Ubuntu)
          apt: name=apache2 state=present
          register: result

        - name: Start apache2
          service: name=apache2 state=started
          register: resultStartingApache2
          when: result is succeeded

How to define Nested groups in inventory ?




How you use use ranges in ip-address in invemtory file ?

192.168.[4:7].[0:255]       --> to
server[01:20]   --> to
[a:c]       --> to
server[01:20]   --> will match and not

How to list the hosts from inventory file ?

ansible-inventory --list              --> To list the hosts from configured inventory file
ansible-inventory -i inventory --list --> To list the hosts from custom inventory file

How you can convert the inventory file from INI to YAML format ?

ansible-inventory --list -y

How you can encrypt a files in ansible ?

Structure of roles ?

    common/               # this hierarchy represents a "role"
        tasks/            #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/         #
            main.yml      #  <-- handlers file
        templates/        #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/            #
            bar.txt       #  <-- files for use with the copy resource
          #  <-- script files for use with the script resource
        vars/             #
            main.yml      #  <-- variables associated with this role
        defaults/         #
            main.yml      #  <-- default lower priority variables for this role
        meta/             #
            main.yml      #  <-- role dependencies
        library/          # roles can also include custom modules
        module_utils/     # roles can also include custom module_utils
        lookup_plugins/   # or other types of plugins, like lookup in this case

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""

How you can call the role from ansible playbook ?

- hosts: webservers
    - common
    - webservers

How you can pass varibales to roles from playbook ?

- hosts: webservers
    - common
    - role: foo_app_instance
        dir: '/opt/a'
        app_port: 5000
      tags: typeA
    - role: foo_app_instance
        dir: '/opt/b'
        app_port: 5001
      tags: typeB

How to check if the host is avilable in the inventory file ?

ansible --list-hosts

If with have same name for both host and group, it will print the host and ignore the group and it will show the warning

In inventory file you have 10 hosts, but you want to execute the module on only one hostm how to do it ?

ansible all --limit -m ping

How you can check, what are the ansible configuration, you have overritten ?

ansible-config dum --only-changed

How you can list all modules avialable in Ansible ?

ansible-doc -l

How you can get more details of the module using ansible cli ?

To know more details about ping module

ansible-doc ping