- Automation tool written in Python
- “Community Ansible” is free, “Ansible Automation Platform” (Red Hat) needs subscription
- Admin only needs to write YAML files
- Control node manages one or more managed nodes
- Control node sends Ansible “modules” (small programs) to managed nodes via SSH to command changes
- Modules are idempotent, so changes are only made if necessary
- The modules are deleted once the task is done
- Ansible playbook command sent from control node (where Ansible is executed from)
- Sensitive info like passwords stored in Ansible Vault
- List of managed nodes and credentials to access them stored in an “inventory”