1. Agentless Architecture
Question: How does Ansible communicate with remote nodes?
Ansible is agentless. It uses SSH (for Linux/Unix) or WinRM (for Windows) to connect to nodes and execute tasks.
2. Idempotency
Question: What is idempotency and why is it important in Ansible?
Idempotency means that an operation can be applied multiple times without changing the result beyond the initial application. It ensures that running a playbook multiple times won't break things or create duplicate resources.
3. Playbooks vs. Roles
Question: What is the difference between a Playbook and a Role?
Playbook: A YAML file containing a list of plays. It maps a group of hosts to a list of tasks. It's the entry point for Ansible execution.
Role: A way to bundle automation content (tasks, files, templates, variables) to make it reusable and shareable. A playbook typically includes roles.
4. Ansible Vault
Question: How do you handle sensitive data (passwords, keys) in Ansible?
Ansible Vault: A tool that allows you to encrypt sensitive data files (like secrets.yml) using AES256 encryption. You can encrypt entire files or specific strings within YAML files.
Usage: ansible-vault encrypt secrets.yml
5. Handlers
Question: What are Handlers and when are they executed?
Handlers: Special tasks that only run when notified by another task. They are typically used to restart services when a configuration file changes.
Execution: They run once, at the very end of the play, regardless of how many tasks notified them (to avoid restarting a service multiple times).
6. Variables and Facts
Question: What is the difference between Variables and Facts?
Variables: Defined by the user in playbooks, inventory, or roles (e.g., port: 8080).
Facts: Information gathered from the remote system by Ansible automatically at the start of a play (e.g., IP address, OS version, CPU count). Accessed via the setup module.