Ansible is not easy – but it’s worth it!

As you may have seen from a few past posts, I have been going through the process of learning network programmability and network automation. My most recent attempt at delving further into the network automation world has brought me to Ansible.ansible-logo

The journey to learning Ansible has not been easy. What I would highly recommend for those getting started with Ansible is to start with this great, quick introductory course by David Bombal – only $39 USD.

Once you have tried that course, play around with Ansible a little more in your lab or development environment. Once you get the hang of it, and want to do more with Ansible, then consider this significantly more expensive, but also infinitely more comprehensive course by one of my favourites, Ivan Pepelnjak, Building Network Automation Solutions.

One thing to consider before diving into Ansible is that besides the assumption of at least CCNA or CCNP level network knowledge and experience, there is also an assumption that you at least have novice level familiarity with Linux, Git,, Vagrant, Jinja2 and YAML. The course by Ivan Pepelnjak definitely relies on that, but, luckily also covers those topics in great detail. One big downside of Ivan’s course however is that it’s not very well organized. It’s a series of videos and live webinars from the past three years that don’t always make sense together due to changes in Ansible over time. There is also no clear chronological path for literally 100+ videos this course is comprised of.

Ansible is NOT EASY – at least it wasn’t for me. It also didn’t help that besides the steep learning curve for Ansible, I was also adding Github, Linux CLI, Vagrant and other technologies into the mix made the learning curve even steeper.

Thanks to David Bombal’s course however, I realized that if I kept things simple, I didn’t necessarily need to know Github, Jinja2, YAML, Linux CLI or Vagrant to take advantage of Ansible immediately – which is one of the reasons why it’s a great introduction. One big downside of David Bombal’s course however is that it’s too brief – and I hope he adds followup for more advanced Ansible usage to his course.

For now, to really dive deep into network automation, you need to go through Ivan Pepelnjak’s course – where he can teach you to deploy 100-1000 switch data centre fabric or 50-350 router DMVPN deployment while also explaining all of the above components and technologies in a whole lot more detail.

One big recommendation I would make to fellow network engineers getting started with Ansible is to initially just focus on learning Ansible. I would make the following recommendations:

  • Learn and master GNS3 or VIRL first – after all, you need routers and switches to practice automation on. Alternatively, have a lab ready with at least a few routers/switches to test your automation.
  • Use a Ubuntu VM to setup your Ansible environment – avoid using other barebones Linux that don’t have GUI and other conveniences so that you avoid getting hit by Linux related learning curve
  • Install VMware Tools so that you can easily copy/paste scripts and configuration between your Windows/Mac host and VM
  • Forget about Github and Vagrant – learn about those in later stages – if at all. You don’t need them for learning Ansible or Network Automation.
    • You will need scripts and other files from Github, but luckily will let you readily download them without using the Git application on Linux. Download the required files using Firefox from your Ubuntu VM.
    • You don’t really need Vagrant either.
      • Vagrant is used to spin up 10s or 100s of VMs at once. It’s great for developers working at scale, however, for you, at most, you would be running 5, 10 or 15 routers and switches on your workstation for learning Ansible, which you can do manually easily enough.
      • Adding the Vagrant piece just adds another unnecessary complexity and learning curve, especially when it comes to the network connections required between your virtual routers and switches
      • Just use good old GNS3 instead – or even VIRL if you have the subscription and workstation/laptop beefy enough for it.
      • The only good argument for using Vagrant over GNS3 or VIRL would be if you are already familiar with it, and may be more familiar with it than GNS3 and/or VIRL. Even then, it’s not as flexible as GNS3 and VIRL – I’d still recommend those over Vagrant.

I am still going through my journey of learning Ansible. Once you have learned basics of Ansible, then start diving into NAPALM – something that Ivan Pepelnjak also covers a little bit. Think of NAPALM as a sub-component of Ansible that you can use to automate your network independent of the vendor – Cisco, Juniper, Arista, Cumulus, etc. In reality, it’s actually a separate Python library, but, it’s developers, Elisa Jasinka and David Barroso have also created Ansible modules for it to be utilized from Ansible.

It’s a long, difficult, confusing and rapidly changing road – which is part of what makes learning network automation via open source tools so much more challenging – but once you get the hang of it, the potential for it to save you 100s of hours of time is immense – not only in deployment, but also in validation, troubleshooting, auditing, standardization and even monitoring. It will save you time initially and continue to save you time long term – and that’s worth spending some time learning about! 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: