[0:14]part of any software development life cycle. From automating development systems to configuring the production environments, Ansible makes automation and configuration management seem like a walk in the park. So hello guys, this is Arvind here from Edureka and I welcome you all to this amazing session on Ansible interview questions. So in this session, I'll be discussing the most frequently asked Ansible interview questions. So, before moving ahead, let us have a quick look at the agenda for today's session. So first we'll be starting with the beginners level of questions or the beginners interview questions that you might encounter in your interviews. And then slowly we will proceed to the intermediate level of questions and once we are done with that, we will proceed to the advanced questions. So, I hope I'm clear with the agenda guys. Just a reminder in case you have not yet subscribed to our YouTube channel, please do subscribe and also hit the bell icon so that you never miss an update from Edureka. And also if you're someone who's looking for a course in DevOps, then you can find the link for that course in the description box. So, without any further ado, let us begin with our first category of questions, that is the beginners. So the first question here is, what is CI/CD or continuous integration and continuous delivery? So continuous integration is a software development practice where members of a team integrate their work frequently, usually each person integrates at least daily, leading to multiple integrations per day. Each integration is verified by an automated build that includes the test to detect integration errors as quickly as possible. Many teams find that this approach leads to significantly reduced integration problems and allows a team to develop cohesive software more rapidly. So this was the definition of continuous integration. Now if you talk about the continuous delivery, it is a process where you build software in such a way that it can be released to production at any time. So as you can see the diagram on the screen, so what happens here is an automated build script will detect changes in the source code management tool like Git. Once the change is detected, the source code would be deployed to a dedicated build server to make sure build is not failing and all test classes and integration tests are running fine. After that the build application is deployed on the test servers, that is the pre-production servers, for user acceptance testing. And finally the application is manually deployed on the production servers for release. So this was the workflow of the CI/CD pipeline. The next question here is, what is configuration management and how does it help an organization? Configuration management is the practice of handling updates and changes systematically so that a system maintains its integrity over time. Configuration management keeps a track of all the updates that are needed in a system and it ensures that the current design and build state of the system is up to date and functioning correctly. So you can refer to the diagram that is present on your screen right now. Configuration management can help an organization by overcoming the following set of challenges. First, finding out what changes need to be implemented when user requirements change. Next, redoing and updating an implementation due to change in the requirements since the last implementation. Next, reverting to an older version of the component because the latest version is flawed. And finally, replacing the wrong component because you couldn't accurately determine which component needed replacing. So, to understand this better, let me give you an example of New York Stock Exchange. The New York Stock Exchange encountered a glitch in the software which prevented them from trading stocks for approximately 90 minutes. On the night before a new software was installed on eight of its 20 trading terminals. Unfortunately, the software failed to operate properly on the eight terminals. Therefore, by using configuration management tools such as Ansible and Puppet, they reverted back to the old software. Had they not implemented the configuration management, they would have taken a much longer time to fix the issue which would have led to much bigger loss. So this was an example that you can explain in your interviews. Moving on. So the third question here is, what is Ansible and what makes it stand out from the rest of the configuration management tools? Ansible is an open source IT configuration management, deployment and orchestration tool. It aims to provide large productivity gains to a wide variety of automation challenges. So if you talk about the features of Ansible, the first and foremost feature of Ansible is the simplicity. It uses a simple syntax written in YAML, which are also known as playbooks. The second point here is the agentless. No agents or software or additional firewall ports are needed to install on the client systems or the hosts which you want to automate. The third feature is the powerfulness and the flexibility. Ansible's capabilities allow you to orchestrate the entire application environment, regardless of where it is deployed. And the fourth feature of Ansible is the efficiency. Ansible introduces modules as basic building blocks for your software. So, you can even customize it as per your own requirement. So, this was the definition of Ansible and some of the features of Ansible that you can answer if you encounter such a question in your interviews. So, the next question here is, how does Ansible work? Ansible, unlike other configuration management tools, is categorized into two types of servers - Controlling machines and Nodes. Controlling machine is where Ansible is installed and nodes are the ones that are managed by the controlling machines through SSH. There is an inventory file in the controlling machine that holds the location of the node systems. Ansible deploys modules on the node systems by running the playbook on the controlling machine. Ansible is agentless. This means that there is no need to have a third party tool to make a connection between one node and the other. So this was the overall working of Ansible.
[7:30]The next question here is, how is Ansible different from Puppet? So now we will compare Ansible and Puppet based upon a few parameters. So if you talk about the first parameter that is availability, both Ansible and Puppet are highly available. And if you talk about the ease of setup, Ansible is comparatively easy to setup, whereas Puppet is comparatively hard to setup. The third point here is the management. So Ansible is very easy to manage, whereas Puppet is not very easy to manage. The fourth point here is the scalability. So both Ansible and Puppet are highly scalable. The fifth point is the configuration language. So Ansible uses YML language, which is in Python, and Puppet makes use of DSL, that is Puppet DSL language. The sixth point here is the interoperability. So Ansible and Puppet both have high interoperability. And the final point here is the pricing of the nodes. So if you talk about the Ansible, so the pricing of the nodes of Ansible is $10,000, whereas in case of Puppet it is $11,200 to $19,900. So these were a few parameters on which you can compare both Ansible and Puppet. So the next question here is, explain Ansible architecture. So the point behind asking this question is, the interviewer wants to know whether you know all the components that are present in the architecture of Ansible. So you can refer to the diagram that you can see on your screen right now. So the main component of Ansible is the Ansible automation engine. This engine directly interacts with various cloud services, configuration management database and different users who write various playbooks to execute the Ansible automation engine. So now let us talk about the components one by one. So the first component is the inventory. These are a list of nodes containing their respective IP addresses, servers, databases that need to be managed. The next component is the API. Just like any other API, the Ansible APIs are used for commuting various cloud services, public or private services. So if you talk about the modules, the modules are used to manage the system resources, packages, libraries, files, etc. Ansible provides around 450 modules that automate nearly every part of your environment. The next component here is the plugins. If you want to execute Ansible tasks as job, then Ansible plugins can be used for this purpose. They simplify the execution of a task by building a job like an environment that basically contains pieces of code corresponding to some specific functionality. There are hundreds of plugins provided by Ansible. One example of such plugin is the action plugin, which acts as the front end to modules and can execute tasks on the controller before calling the modules themselves. And the fifth component here is the networking. Ansible can also be used to automate different networks and services. It can do this by creating a playbook or an Ansible rule that easily spans different network hardware. Moving on. Now let us talk about the hosts. The Ansible hosts or the node systems are the machines that can be either Linux or Windows that are getting automated. The next component here is the playbook. Playbooks are simple code files which describe the tasks that you need to execute or automated. The playbooks are written in YML format. They can be used to automate tasks, declare configuration etc. And the next component here is the CMDB. It is a database that acts as a storehouse for various IT installations. It holds data about various IT assets and describes the relationship between such assets. And the final component here is the cloud. So cloud is a network of remote servers hosted on the internet to store, manage and process data rather than using a local server. So these were the components of the Ansible architecture.
[13:03]The next question here is, what are Ansible server requirements? If you are a Windows user then you need to have a virtual machine in which Linux should be installed. It requires Python 2.6 version or any other higher version than this and if you fulfill all these requirements then you're good to go.
[13:30]The next question here is, how would you install Ansible on a CentOS system? So to answer such questions, you can just describe the steps that are used here. So as you can see on the screen, the first step is to set up an EPEL repository. So EPEL is nothing but extra package for enterprise Linux. So this is an open source and free community based repository project from Fedora team which provides high quality add on software packages for Linux distribution including Red Hat Enterprise Linux, CentOS and scientific Linux. So the Ansible package is not available in the default YUM repositories. So for that purpose, we need to use the command, as you can see on the screen, this command, sudo RPM, hyphen IVH. And this is the link. Okay. So this command will download all the necessary packages that are required to install Ansible. And once you're done with this, then in the second step, you install the Ansible software using the commands that you can see here, yum install Ansible -y. So once you're done with this step, then just to verify whether Ansible has been installed on your system, you can use the command, Ansible -version to check the version of the Ansible that has been installed on your system.
[15:17]So the next question here is, explain a few of the basic terminologies that are used in Ansible. So if you have hands on experience in Ansible, then I think you'll be able to easily answer this question in your interviews. So now let us discuss few of the terms, as you can see on the screen, controller machine, inventory, playbook, task, module, role, play, facts, handlers and so on. So the first term here is the controller machine. So the controller machine is responsible for provisioning the servers that are being managed. It is the machine where Ansible is installed. So now if you talk about the inventory, an inventory is an initialization file that has details about different servers that you're managing. So the next term here is the playbook. It is a code written in YAML format. A playbook basically contains the tasks that need to be executed or automated. So the next term is task. Each task represents a single procedure that needs to be executed. So say for example, if you want to install a library, so that can be done with the help of a task. Next term here is the module. A module is a set of tasks that can be executed. Ansible has hundreds of built-in modules, but you can also create your own custom modules as per your requirement. Moving on. The next term is role. An Ansible role is a predefined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of provisioning. The next term here is the play. A task executed from start to finish or the execution of a playbook is called a play. The next term here is the facts. So facts are global variables that store the details about the system like network interfaces or operating systems. And the last term here is the handlers. So handlers are used to trigger the status of a service such as restarting or stopping a service.
[18:07]The next question here is, explain the concept behind Infrastructure as Code (IaC). So infrastructure as code is a process for managing and operating data servers, storage systems, system configurations and network infrastructure. In traditional configuration management practices, each minute configuration change required manual action by system admins and the IT support team. But with infrastructure as a code, all the configuration details are managed and stored in a standardized file system, wherein the system automatically manages infrastructure changes and deals with the system configurations. Therefore, we do not require most of the manual effort since everything is managed and automated by following the IAC approach. Tools such as Ansible can be used to implement the infrastructure as code. So this was the concept of infrastructure as a code. So for more clarity, you can also draw this diagram on a piece of paper in the interview.
[19:35]The next question is, compare Ansible with Chef. So here we will be comparing Ansible and Chef based upon a few parameters like we did in the previous case of Ansible and Puppet. So the first point of comparison here is the availability. So both Ansible and Chef are highly available. The next point here is the ease of setup. So Ansible is very easy to setup, whereas Chef is not that easy to setup. The next point here is the management. So Ansible is comparatively easy to manage. Whereas this is not the case with Chef. So Chef is not very easy to manage. The next point here is the scalability. So both Ansible and Chef are highly scalable. And if you talk about the configuration language, Ansible uses the YAML language and Chef makes use of DSL language which is in Ruby. So if you talk about the interoperability parameter, so both Ansible and Chef are highly inter-operable. And the final point of comparison here is the pricing of the nodes. So for Ansible, the pricing is $10,000, whereas for Chef it is $13,700.
[21:14]Moving on to the next question, what is Ansible Galaxy? Galaxy is a website that lets Ansible users share their roles and modules. Ansible roles from Galaxy or directly from a source code management system such as Git. It can also be used to build new roles, remove existing ones and perform tasks on Galaxy website. So as you can see on the screen, this command, ansible-galaxy install username.role_name. So this command can be used to download roles from the Galaxy website.
[22:04]The next question here is, what are Ad-hoc commands? Give an example. So ad-hoc commands are simple one-line commands used to perform a certain task. You can think of ad-hoc commands as an alternative to writing playbooks. So if you talk about the example, so this is the example that you can give. So this is the command that you can see on the screen right now. So this command accesses the Netscaler module to disable the server. So this was very simple example that can be used in Ansible.
[22:52]The next question here is, what are variables in Ansible? Variables in Ansible are very similar to variables in any programming language. Just like any other variable, an Ansible variable is assigned a value which is used in computing playbooks. You can also use conditions around the variables. So let me give you an example for this. So what you can do is you can define a variable called port Tomcat and assign it the port number that you're using, say, for example, 8080. So such a variable can be used in the Ansible playbook. So this was pretty simple example. So you can give such examples which are easy to understand in your interview.
[23:51]The next question here is, what is the difference between a variable name and an environment variable? So in case of a variable name, you need to add strings to create variable names. Whereas for environment variable, you need existing variables to access environment variables. So for variable name, we can make use of IPv4 address, whereas we can make use of Ansible ENB dot variable name for remote environment variables. So these were a few differences between a variable name and an environment variable.
[24:40]The next question here is, what are Ansible modules and explain the different types. So Ansible modules are a small set of programs that perform a specific task. Modules can be used to automate a wide range of tasks. Modules in Ansible are considered to be item potent or in simple terms, making multiple identical requests has the same effect as making a single request. So there are basically two types of modules in Ansible. The first one is the core module and the second one is the extra module. So if you talk about the core modules, these are the modules that the core Ansible team maintains and will always ship with Ansible itself. They will also receive a slightly higher priority for all requests than those in the extra repositories. The source of these modules is hosted by Ansible on GitHub in the Ansible modules core. And if you talk about the extras modules, these modules are currently shipped with Ansible but might be shipped separately in the future. They are mostly maintained by the Ansible community. Non-core modules are still fully usable, but may receive slightly lower response rates for issues and pull requests. Popular extra modules may be promoted to core modules over time. The source for these modules is hosted by Ansible on GitHub in the Ansible modules extras. The next question here is, what is Ansible task? Ansible Tasks allow you to break up bits of configuration policy into smaller files. These are blocks of code that can be used to automate any process. For example, if you wish to install a package or update a software, you can use the code such as install space package name, update and the name of the software.
[27:17]The next question here is, what are playbooks in Ansible? And if possible, give some examples in such questions. So playbooks in Ansible are written in the YAML format. It is a human-readable data serialization language. It is commonly used for configuration files. It can also be used in many applications where data is being stored. For Ansible, nearly every YAML file starts with a list. Each item in the list is a list of key value pairs commonly called a hash or a dictionary. So it is important to know how to write lists and dictionaries in YAML. All members of a list are lines beginning at the same indentation level starting with a dash or a hyphen. More complicated data structures are possible, such as lists of dictionaries or mixed dictionaries whose values are lists or a mix of both.
[28:42]So with this we have come to the end of the beginners level of interview questions. So normally, this is the flow of your interview. So once you're done with the basic level of questions, there will be slight increase in the complexity or the level of the questions. And to cover such questions, we will move to the second category of questions here, such as the intermediate interview questions. So the next question here is, can you write a simple playbook to install Nginx on a host machine? So if you have hands on experience with Ansible, so you'll be able to answer this question in your interviews. But if you don't know or if you haven't worked on Ansible before, so clearly deny answering this question. Okay. So for those who already know how to write a simple playbook. So these are the steps that you can follow to write a simple playbook. So the first step here is generate a public SSH key and by using SSH connect to your host. So the command for that is very simple, SSH hyphen keygen. So what this command will do, it will generate a public SSH key. The second step here is copy the public SSH key on your host. Once you're done with that, in the third step, you have to list all the IP addresses of your hosts/nodes in your inventory. In the fourth step, you have to check if the connection has been established. So for that you can ping to the IP address of your node or the host. In the fifth step, you create a playbook to install Nginx on the host machine. So for that purpose, you just need to create a playbook to open a file with a YML extension. So the command for that is very simple, you can use any editor that you want, so say for example, VI space name of your file.YML. In an Ansible playbook, the tasks are defined as a list of dictionaries and are executed from top to bottom. Each task is defined as a dictionary that can have several keys, such as name or sudo, which signify the name of the task and whether it requires sudo privileges. A variable server port is set that listens on TCP port 8080 for all the incoming requests. Here the first task is to get the necessary package for installation of Nginx and then install it. Internally, Ansible will check if the directory exists and create it if it does not. Else it will do nothing. The next task is to configure Nginx. In Nginx, context contains the configuration details. So now you have to save this file and exit. And the next step here is running the playbook. And after you run the playbook, the seventh step or the final step here is to check if Nginx is installed on your system. So these were the steps that you must follow to write a simple playbook.
[32:59]The next question here is, how would you access a variable of the first host in a group? So the command for that is very simple, as you can see on the screen. In this command, we are basically accessing the host name of the first machine in the web servers group. If you are using a template to do this, then use Jinja2 or you can also use set fact. The next question here is, why is this notation used? As you can see on the screen, this two curly braces. Okay, opening and closing, and how can one interpolate variables or dynamic variable names? So one basic rule is, you use this notation, these double curly braces to define an exception. Conditionals are always run through Jinja2 as to resolve the expression. Except for the when clause, we have to use brackets, otherwise differentiating between an undefined variable and a string will be difficult.
[34:27]The next question here is, what is Ansible role and how are they different from the playbook? So Ansible role is basically another level of abstraction used to organize playbooks. They provide a skeleton for an independent and reusable collection of variables, tasks, templates, files and modules, which can be automatically loaded into the playbook. Playbooks are a collection of roles and every role has a specific functionality. So let us understand the difference between Ansible roles and playbook with an example. So suppose you want your playbook to perform 10 different tasks on five different systems. So for that purpose, would you use a single playbook? The obvious answer is no. Using a single playbook can make it confusing and prone to blunders. Instead, you can create 10 different roles where each role will perform one particular task. After that, all you need to do is mention the name of the role inside the playbook to call them. So you can give such examples in your interviews.
[36:06]So the next question here is, how do I write Ansible handler with multiple tasks? Say for example, if you want to create a handler that restarts a service only if it is already running. So handlers can listen to generic topics and tasks can notify those topics. This functionality makes it much easier to trigger multiple handlers. It also decouples handlers from their names, making it easier to share handlers among the playbooks and the roles.
[36:53]The next question here is, how to keep secret data in a playbook? So suppose you have a task that you don't want to show the output or the command given to it using the hyphen V or the verbose mode. The following task can be used to do it. This can be used to keep verbose output but hide sensitive information from others who would otherwise like to able to see the output. The no_log attribute can also apply to an entire play. So as you can see on the screen, this is the code here that you can use to keep secret data or the sensitive data in a playbook.
[37:50]The next question here is, what are Ansible Vaults and why are they used? Ansible Vault is a feature that allows you to keep all your secrets safe. It can encrypt entire files, entire YAML playbooks or even a few variables. It provides a facility where you can not only encrypt sensitive data, but also integrate them into your playbooks. Vault is implemented with file level granularity, where the files are either entirely encrypted or entirely unencrypted. It uses the same password for encrypting as well as decrypting files which makes Ansible Vault very user friendly.
[38:49]The next question here is, how to create encrypted files using Ansible? To create an encrypted file, we can make use of Ansible Vault create command and pass the file name as parameter. So as you can see on the screen, this is the command here, Ansible hyphen Vault, create file name.yml. So when you type this command, you will be promoted to create a password and then confirm it by retyping the password. So once your password is confirmed, a new file will be created and will open an editing window. By default, the editor for Ansible Vault is VI. You can add data, save and exit.
[39:48]The next question here is, what is Ansible Tower? Ansible Tower is Ansible at more enterprise level. It is a web based solution for managing your organization with a very easy user interface that provides a dashboard with all of the state summaries of all the hosts, allows quick deployments and monitors all the configurations. The tower allows you to share the SSH credentials without exposing them. Logs all the jobs, manages inventories graphically and synchronizes them with a wide variety of cloud providers. So once you answer this question, the next obvious question is, what are the features of Ansible Towers? So as you can see on the screen, these are the features of Ansible Towers. The first feature here is the Ansible Tower dashboard. The Ansible Tower dashboard displays everything going on in your Ansible environment like the hosts, inventory status, the recent job activity and so on. So with this you can see the status of your automation and know what's next in your queue. The third feature here is the multi-playbook workflows. This feature allows you to chain any number of playbooks regardless of the usage of different inventories, utilizes various credentials or running different users. The fourth feature here is who ran what job and when. So as the name suggests, you can easily know who ran what job, where and when as all the automation activity is securely logged in Ansible Tower. The next feature here is scale capacity with clusters. We can connect multiple Ansible Tower nodes into an Ansible Tower cluster as the clusters add redundancy and capacity which allow you to scale Ansible automation across the enterprise. Moving on to the next feature, which is nothing but integrated notification. So this feature lets you notify a person or a team when a job succeeds or fails across the entire organization at once or customize on a per job basis. The next feature here is scheduling of Ansible jobs. Different kinds of jobs such as playbook runs, cloud inventory updates and source control updates can be scheduled inside Ansible Tower to run according to the need. And the next feature here is managing and tracking the inventory. Ansible Tower helps you manage your entire infrastructure by letting you easily pull inventory from public cloud providers, such as AWS, Microsoft Azure and so on. So these are the features that Ansible Tower provides you and you can answer these features in your interviews.
[43:40]So with this we have come to the end of the intermediate level of questions. And after this, we will now move to the advanced interview questions. The next question is, how is Ansible used in a continuous delivery pipeline? So it is well known fact that in DevOps, development and operation work is integrated. This integration is very important for modern test driven applications. Hence, Ansible integrates this by providing a stable environment to both development and operations resulting in smooth delivery pipeline. When developers begin to think of infrastructure as a part of their application, that is as infrastructure as code, stability and performance become normative. Infrastructure as code is the process of managing and provisioning computing infrastructure and their configuration through machine processable definition files rather than physical hardware configuration or the use of interactive configuration tools. This is where Ansible automation plays a major role and stands out among its peers. In a continuous delivery pipeline, the sys admins work tightly with developers, development velocity is improved and more time is spent doing activities like performance tuning, experimenting and getting things done and less time is spent on fixing the problems. So the next question is, how can you create a LAMP stack and deploy a web page by using Ansible? So suppose you're trying to deploy a website on 30 systems, every website deployment will require a base OS, web server, database, and PHP. We use Ansible playbook to install these prerequisistes on all the 30 systems at once. For this particular problem statement, you can use two virtual machines, one as a server where Ansible is installed and the other machine acts as the remote host. Also, you can create a simple static web page saved in the folder index which has two files, that is the index.html and style.css. So you can create a single Ansible playbook to install Apache, MySQL and PHP. Now there are six main tasks and each task performs a specific function. The first task adds the repository required to install MySQL and PHP. The second task installs Apache 2, MySQL server, PHP and PHP MySQL. The third and the fourth task starts the Apache and MySQL service. The fifth task creates a target directory in the host machine and finally the sixth task executes the index.html file. It picks up the file from the server machine and copies it onto the host machine. And to finally run this playbook, you can use the simple command called Ansible hyphen playbook space lamb.yml space hyphen capital K. So using this command you can run the playbook.
[48:10]So the next question is, how do I set the PATH or any other environment variable for a task? The environment variables can be set by using the environment keyword. It can be set for either a task or an entire playbook as well. So this can be done using the following step of code, as you can see, environment the keyword here, and the path that you want to use and some value here. Okay.
[48:58]The next question here is, how can one generate encrypted passwords for the user module? So this can be done by two ways. The simplest way is by making use of the ad-hoc command. So as you can see here, this is the command that you can use to generate the encrypted passwords. And another way is to use the MK password functionality available on Linux system. So if you're using the Mac OS, then you can generate these passwords using Python. To do this, you must first install the passlib password hashing library. After installing it, the SHA 512 password values can be generated.
[49:58]The next question here is, how can looping be done over a list of hosts in a group inside of a template? An easy way to do this is to iterate over a list of hosts inside of a host group, in order to fill a template configuration file with a list of servers. This can be done by accessing the groups dictionary in your template. In order to access facts about these hosts like the IP address of each host name, you need to make sure that the facts have been populated. For example, make sure you have a play that talks to the DB servers. Now you can use facts within your template.
[50:56]So the next question here is, how can I display all the inventory vars defined for my host? In order to check the inventory variables resulting from what you have defined in the inventory, you can use the following command. As you can see on the screen, this is the command that you can use. And this command will list down all the inventory variables for your host.
[51:34]The next question is, how should one configure a jump host to access servers that I have no direct access to? The first step would be to set a ProxyCommand in the Ansible SSH common args inventory variable. All arguments that are defined in this variable are added to the SFTP, SCP and SSH command line when connecting to the relevant host.
[52:13]The next question here is, how can you handle different machines needing different user accounts or ports to log in with? The simplest way to do this is by setting inventory variables in the inventory file. So let us consider that these hosts have different usernames and ports. Also, if you wish to, you can specify the connection type to be used. To make this even more better, you can keep these in group variables.
[52:56]The next question is, is it unsafe to bulk set task arguments from a variable? To set all the arguments in a task you can use the dictionary type variable. Even though this is usually good for dynamic executions, it induces a security risk. Therefore, when this happens, Ansible issues a warning.
[53:33]So the next question here is a scenario based question. So the question here is, can the process of configuring prod environment be automated? So yes, Ansible uses a feature called password file, where all the passwords to your encrypted files can be saved. Encrypted files prompt the user to enter passwords. So but since Ansible is used for automation, can this process be automated? So yes, Ansible uses a feature called password file, where all the passwords to your encrypted files can be saved. Each time a user is asked for the password, he can simply make a call to the password file. The password is automatically read and entered by Ansible. Having a separate script that specifies the password is also possible. You need to make sure this script file is executable and the password is printed to standard output for it to work without any annoying errors. So the next question here is, have you worked with Ansible before? And if yes, please share your experience. So guys, be very honest here. The interviewer wants to check your hands-on experience here. So even if you try to bluff here, the interviewer will figure it out and it can create a very bad impression. So if you have genuinely used Ansible before and if you have done any projects or any assignments using Ansible, then you can answer this question. So you can tell interviewer that how Ansible has helped you in provisioning and configuration management. If you haven't used Ansible before, then you can talk about any related tools such as Git, Jenkins, Puppet, Chef or salt stack, etc. So the next question here is, is Ansible an open source tool? So yes, Ansible is an open source tool. This means that you take the modules and rewrite them. Ansible is an open source automated engine that lets you automate the app.
[56:29]The next question here is, how can you connect other devices within Ansible? Once Ansible is installed on the controlling machines, an inventory file is created. This inventory file specifies the connection between other nodes. A connection can be made using a simple SSH. To check the connection to a different device, you can use the ping module. So say for example, the command for this is Ansible hyphen M space ping space all. So this command checks the connection to all the nodes specified in the inventory file.
[57:28]The next question here is, is it possible to build our modules in Ansible? So yes, we can create our own modules within Ansible. It is an open source tool as discussed earlier, which basically works on Python. You can start creating your own modules. The only requirements would be to be amazingly good at programming.
[58:08]The next question here is, what does Fact mean in Ansible? When any new variable about the system has been discovered, it's considered to be a "fact" in the playbook. Facts are mainly used to implement conditional execution. It can also be used to get the ad-hoc information about the system. You can also get the facts with the following command, such as Ansible space all, hyphen M, space setup. So when you want to extract only a part of the information, you can use the setup module to filter out only the needed information. The next question here is, what is the ask_pass module in Ansible? Ask_pass is the control module in an Ansible playbook. This controls the prompting of the password when the playbook is getting executed. By default, it is always set to true. If you are using SSH keys for authentication purposes, then you really don't have to change this setting.
[59:45]The next question here is, explain the callback plugin in Ansible? Callback plugins are enable adding new behaviors to Ansible when responding to events. By default, callback plugin control most of the output you see when running the command line program. It can also be used to add additional output, integrate with other tools, etc.
[1:00:37]The next question here is, does Ansible support AWS? Ansible has hundreds of modules supporting AWS, such as auto scaling groups, cloud formation, cloud trail, cloud watch, DynamoDB, elastic cloud compute, identity access manager, Lambda, relational database service, that is RDS, security groups, simple storage service, that is S3, virtual private cloud and so on. The next question here is, does Ansible support hardware provisioning? Yes, Ansible can provision hardware. A lot of companies are still stuck on to massive data centers of hardware. There are a few requirements. You must set up some services before you go ahead. Some of them are DHCP, PC, TFTP, operating system media, web server and so on.
[1:01:52]The next question here is, write an Ansible playbook to automate the starting of EC2 instance. So as you can see on the screen, this is the code to automate the starting of EC2 instance. So here we start by mentioning AWS access key ID and the secret key using the parameters AWS access key and AWS secret key. For the key name, you pass the variable that defines the key pair that is being used here. And for the group, you mention the name of the security group. This defines the security rules of the EC2 instance we are trying to bring up. For the instance type, you pass the variable that defines the type of instance we are using here. For image, you pass the variable that defines the AMI of the image we are trying to start. And for weight, this has a Boolean value of either true or false. If true, it waits for the instance to reach the desired state before returning. If you talk about the region, here you pass the variable that defines the region in which an EC2 instance needs to be created.
[1:03:41]If you talk about the count parameter, this parameter specifies the number of instances that need to be created. In this case, I've only mentioned one, but you can change it as per your requirements. The next parameter here is the VPC subnet ID. Here you pass the subnet ID in which you wish to create the instance. And the final parameter here is the assigned public IP. This parameter has a Boolean value. If true, like in our case, a public IP will be assigned to the instance when provisioned with virtual private cloud. The next question here is, can you copy files recursively onto a target host? If yes, how? Yes, you can copy files recursively onto a target host using the copy module. It has a recursive parameter which copies files from a directory. There is another module called synchronize which is specifically made for this.
[1:05:21]And the final question here is, write a playbook to create a backup of a file in the remote servers before copy. So this is a pretty simple code for creating the playbook here. So as you can see on the screen, this is the simple code here, code snippet.
[1:05:54]With this, we have come to the end of this session on Ansible interview questions. I hope you have enjoyed this session. If you have any queries related to this session, then you can write them in the description box below and we will try to resolve your queries as early as possible. Thank you so much.
