CCNA 200-301 v1.1
6.6 Configuration Management Mechanisms: Ansible and Terraform
1. What is Configuration Management?
- Definition: Configuration management is the process of automating the setup, deployment, and management of network devices, servers, and applications.
- Goal: Ensure that devices and systems are configured correctly, consistently, and can be updated automatically without manual intervention.
- Importance in IT Networks:
- Reduces human errors.
- Saves time when configuring many devices.
- Ensures that configurations are consistent across all devices.
Think of it as a tool that allows network engineers to write instructions once and automatically apply them to all devices in the network.
2. Ansible
What is Ansible?
- Ansible is a configuration management tool that automates tasks on servers, switches, and routers.
- It is agentless, which means you don’t need to install any software on the network devices—it uses SSH or APIs to communicate.
Capabilities of Ansible
- Automate Configuration:
- Can configure routers, switches, firewalls, servers, and cloud services automatically.
- Example: You can push VLAN configurations to all switches at once.
- Deploy Applications:
- Automatically install and update software on multiple devices.
- Consistency & Compliance:
- Ensures all devices have the same configuration.
- Example: Make sure all routers have the same SNMP settings.
- Orchestration:
- Coordinate multiple tasks in a specific order across devices.
- Example: Update server software, then update firewall rules, then reboot devices.
- Idempotency:
- Ansible only makes changes if needed. If the configuration is already correct, it won’t change anything.
- This prevents accidental misconfigurations.
How it works (simplified)
- You write a playbook (instructions file in YAML format)
- Ansible reads the playbook and applies the configuration to the target devices.
3. Terraform
What is Terraform?
- Terraform is a Infrastructure as Code (IaC) tool.
- It is mostly used to provision and manage cloud infrastructure like virtual machines, networks, and storage.
- While Ansible is often used for configuring existing devices, Terraform is used to create the devices and resources themselves.
Capabilities of Terraform
- Provisioning Infrastructure:
- Automatically create servers, virtual networks, and firewalls in the cloud.
- Example: Launch 10 virtual machines in AWS with predefined network settings.
- Manage Infrastructure:
- Track and update infrastructure over time.
- Example: Add more servers or update network configurations without manually changing each one.
- Version Control:
- Infrastructure configurations are written in files (HCL language), which can be tracked like software code.
- You can roll back to previous versions if needed.
- Plan & Apply:
- Terraform shows a plan of what changes will be made before actually applying them.
- This reduces mistakes when changing configurations.
- Idempotency:
- Like Ansible, Terraform only makes changes if the current state doesn’t match the desired state.
How it works (simplified)
- You write a Terraform file describing the resources you need (servers, networks, etc.).
- Terraform reads it, compares it to what exists, and creates or updates resources to match the configuration.
4. Key Differences Between Ansible and Terraform
| Feature | Ansible | Terraform |
|---|---|---|
| Purpose | Configure devices and servers | Create/manage infrastructure |
| Agent Required? | No | No |
| Type of Automation | Configuration management & orchestration | Infrastructure provisioning |
| Common Use in IT | Update network devices, install software | Provision cloud servers & networks |
| Idempotency | Yes | Yes |
5. Why This is Important for CCNA
- Modern networks rely on automation and consistent configurations.
- Knowing the capabilities of Ansible and Terraform helps you understand:
- How networks are managed at scale.
- The difference between configuring devices and creating infrastructure.
- CCNA may test you on what these tools can do, not the detailed commands.
6. Exam Tip
Version control / plan before apply (Terraform)
Remember:
Ansible = configure existing devices
Terraform = create and manage infrastructure
Key capabilities to remember for exam questions:
Automation
Consistency / Idempotency
Orchestration (Ansible)
Provisioning (Terraform)
