Ansible is emerging as a formidable rival to puppet by its simplicity and flexibility. According to official ansible website (, it is designed as an order-based, fail-fast system that includes testing. While puppet is an example of pull-based configuration tool, ansible is a kind of push-based tool.

In puppet utilizing, we need agents running nodes where they will be the “hub” to transfer the requests from nodes to the puppet server. The operation process of puppet is executed periodically (says 5-15 mins), nodes will contact to puppet agents and request the latest update of configs, etc. and if it goes wrong, nodes will come back to agents in the next periodic time. From this view-point, puppet is a good solution for the large deployment and system. However, puppet modules depend each other and they show the complexity in order to execute the modules in the right way.

Ansible is push-based tool, pushed the latest version of configs, set of instructions to the nodes in the networks. Ansible still has some issues of scaling or constrained by the network size (e.g if the number of nodes is huge in the network, Ansible tends to be a bottleneck) but it also shows some remarkable advantages of ansible to compare with puppet. It does not have dependency among modules, compatibly integrates to cloud (e.g Ansible's Boto for Amazon AWS), able to group the nodes based on policies and dependencies, etc.

The architecture of ansible, instructions of writing ansible script are not mentioned here. I am going to issue the problem about defining the library in ansible that is not so much written in official website of ansible. In ansible structure, we can easily see that there is a folder called “/library” besides the “/roles”, “/inventory”, etc. What is the main task of “/library”? The library folder will contain the files written in python, bash, ruby, php, etc. that are the modules in the ansible yaml file. For example, you can easily call a module “apt” supported by ansible like this:

- name: Update the node

   apt: update_cache=yes


It is equivalent of “apt-get update”. But what if we want to issue a module that is not recently supported by ansible, let's say “install_nova_compute”. What we need to do is write a python script named "" and put it in the library folder.

I am going to show you an example of new module called “”. This module will check the existence of a user in node and create that user if the its state is 'absent'. Sorry for my bad wordpress skill of posting python code. It seems easier to me by taking a screenshot:). Notify that this example is only for demonstration of using module, not for production.


Screenshot from 2015-07-15 16:49:03

So, what i have done in this small experiment is below:

- Booting a VM using vagrant (I love this superior tool for lab :) )
- Install ansible 1.9
- Create a playbook with ansible.cfg, test.yml, hosts and /library/
- Run the command: $ ansible-playbook test.yml
- Get a coffee and see the result, tada :d.

The contents of above files are below, very simple:

1. ansible.cfg:


# Location of inventory files
hostfile = hosts

2. test.yml:


- hosts:
  connection: local

     - name: Check User info
       userinfo: username= state='existed'
         - mariaOza
         - vagrant

     - name: Check user and create if not existed before
       userinfo: username=vietstack state='absent'

3. hosts: ansible_connection=local


VietStack team