Ansible — Trivia & Interesting Facts¶
Surprising, historical, and little-known facts about Ansible.
Ansible was written in one weekend¶
Michael DeHaan created the first version of Ansible over a single weekend in February 2012. He was frustrated with the complexity of Puppet and Chef and wanted a tool that required no agents and no custom PKI infrastructure. The initial prototype was about 1,200 lines of Python.
The name comes from science fiction¶
"Ansible" is borrowed from Ursula K. Le Guin's 1966 novel "Rocannon's World," where an ansible is a device for instantaneous communication across any distance. DeHaan chose the name because the tool was designed for instant, agentless communication with remote servers.
Red Hat acquired Ansible for $150 million in 2015¶
Red Hat bought Ansible Inc. in October 2015 for approximately $150 million, just three years after the project's creation. At the time, Ansible had about 1,200 contributors and was already the most-starred infrastructure automation project on GitHub.
Ansible uses SSH by default, not a custom protocol¶
Unlike Puppet (which uses its own TLS-based protocol) and Chef (which uses HTTPS), Ansible communicates over standard SSH. This was a deliberate design choice — DeHaan argued that if SSH was good enough for sysadmins to manage servers manually, it was good enough for automation.
The "cowsay" Easter egg was a deliberate morale feature¶
If you have the cowsay program installed, Ansible will randomly render output through it, producing ASCII cow art. This was added intentionally by DeHaan, who believed that long automation runs should have moments of levity. You can disable it with ANSIBLE_NOCOWS=1.
Ansible Galaxy launched with 200 roles and now has over 40,000¶
Ansible Galaxy, the community hub for sharing roles and collections, launched in 2013 with about 200 contributed roles. By 2024, it hosted over 40,000 roles and collections, making it one of the largest repositories of reusable infrastructure code.
The YAML decision was controversial¶
DeHaan chose YAML for Ansible playbooks because he wanted non-programmers to read and write automation. This decision remains controversial — critics argue YAML's whitespace sensitivity causes subtle bugs, while supporters maintain it kept Ansible accessible to sysadmins who would never learn Ruby (Puppet/Chef's DSL language).
Ansible can manage Windows despite being Linux-native¶
Ansible added Windows support in version 1.7 (2014) using WinRM instead of SSH. This surprised many users who assumed a Python/SSH tool couldn't manage Windows. Today, Ansible has over 200 Windows-specific modules covering everything from IIS to Active Directory.
The "idempotent" guarantee isn't always guaranteed¶
Ansible's documentation emphasizes idempotency — running a playbook twice should produce the same result. However, the shell and command modules are explicitly not idempotent, and the creates and removes parameters were added as guardrails. A 2019 study found that roughly 18% of community roles contained non-idempotent tasks.
Michael DeHaan left the project in 2015¶
Ansible's creator, Michael DeHaan, stepped back from the project shortly after the Red Hat acquisition in 2015. He later expressed mixed feelings about how the project evolved, particularly the increasing complexity of Ansible Tower (now AAP) compared to his original vision of radical simplicity.
AWX was open-sourced to compete with its own product¶
In 2017, Red Hat open-sourced AWX, the upstream project for Ansible Tower. This was unusual because Tower was a commercial product — Red Hat essentially gave away the code for a product it was selling. The strategy followed Red Hat's model with Fedora/RHEL and aimed to grow the ecosystem.
The collections split broke thousands of playbooks¶
In 2020, Ansible split into ansible-core (the engine, ~70 built-in modules) and collections (everything else). The "ansible" PyPI package went from shipping 3,400+ modules to being a meta-package. This was the most disruptive change in Ansible's history — thousands of playbooks that used short module names like yum instead of ansible.builtin.yum broke overnight. The migration introduced Fully Qualified Collection Names (FQCN) as the standard.
Mitogen can make Ansible 3-7x faster¶
The Mitogen strategy plugin replaces Ansible's default execution model (upload a Python script per task via SSH, execute, delete) with a persistent Python interpreter on the target that receives streamed bytecode over the existing connection. This eliminates per-task SSH overhead and temporary file creation, achieving 3-7x speedups on large fleets. Netflix and several large-scale Ansible users adopted it for fleet automation.
Jinja2 templating silently converts strings to booleans¶
Ansible's Jinja2 templating silently converts the string "true" to Python True and "null" to None. This has caused countless production incidents where config files end up with True instead of true, breaking JSON and YAML parsers downstream. The fix is the | string filter or | to_json for values that must remain strings — a trap that catches even experienced users.
AWX, Tower, and AAP — the naming confusion¶
AWX (open-sourced 2017) is the upstream of Ansible Tower, which was rebranded to Ansible Automation Platform (AAP). The naming has confused the community for years: AWX is free and releases roughly monthly, Tower was the commercial version with support, and AAP is the expanded commercial product that now includes Automation Hub, Execution Environments, and automation mesh networking. Many job postings still say "Tower" when they mean AAP.
Execution Environments solved dependency hell¶
Ansible Execution Environments (EEs), introduced with AAP 2.0, package ansible-core, collections, Python dependencies, and system libraries into a container image. They solved the #1 support issue in the Ansible ecosystem: different collections requiring conflicting Python library versions on the same control node. ansible-navigator runs playbooks inside EEs, effectively replacing the bare-metal ansible-playbook command for production use.
Ansible's fact gathering was inspired by Chef's Ohai¶
Ansible's setup module (fact gathering) was inspired by Chef's Ohai and Puppet's Facter, but Ansible made facts a first-class part of the execution model — they run automatically at play start and populate the hostvars namespace. The setup module collects 200+ facts per host, from CPU architecture to mounted filesystems, making it the most-executed module in the entire Ansible ecosystem by a wide margin.
The 22-level variable precedence is intentional¶
Ansible has 22 levels of variable precedence, from role defaults (lowest) to extra vars (highest). This is frequently cited as one of Ansible's most confusing features, but it was a deliberate design choice. Michael DeHaan argued that real infrastructure has many layers of configuration (datacenter defaults, cluster overrides, host-specific settings) and the precedence system should mirror that reality. The ansible-inventory --host <host> -vvv command shows which source each variable came from.
ansible-pull inverts the entire model¶
While Ansible is known as a push-based tool, ansible-pull inverts the model entirely — each managed node pulls its playbook from a git repo and runs it locally via cron or systemd timer. This scales to thousands of nodes without the SSH fan-out bottleneck of the push model. Several large organizations use ansible-pull for server baseline configuration, reserving push-mode for orchestrated deployments that require cross-host coordination.
The Zuul CI system was built to test Ansible itself¶
Zuul, the project gating CI system originally built for OpenStack, became the primary CI system for testing Ansible itself. Zuul runs thousands of integration tests across multiple operating systems for every Ansible PR. The irony: Zuul's own configuration is written in Ansible playbooks, creating a circular dependency where Ansible tests itself using a system configured by Ansible.