Ansible Lesson 9 – Ansible Modules Overview | Dataplexa

Ansible Course

I. Ansible Fundamentals
1. What is Ansible 2. Why Configuration Management Matters 3. Ansible Architecture 4. Control Node and Managed Nodes 5. Installation and Setup 6. Ansible Configuration Files 7. Inventory Files Explained 8. Ansible Ad-hoc Commands 9. Ansible Modules Overview 10. Beginner Best Practices
II. Playbooks & Core Concepts
11. YAML Basics for Ansible 12. Playbooks Introduction 13. Writing Your First Playbook 14. Tasks, Handlers and Variables 15. Facts and Gathering Facts 16. Conditionals and Loops 17. Templates with Jinja2 18. File and Package Management 19. Service Management 20. User and Permission Management 21. Error Handling 22. Tags and Selective Execution 23. Roles Introduction 24. Creating and Using Roles 25. Playbook Best Practices
III. Security, Roles & Automation
26. Ansible Galaxy 27. Role Directory Structure 28. Ansible Vault 29. Managing Secrets Securely 30. Application Deployment 31. Server Hardening 32. Ansible with Docker 33. Ansible with Kubernetes 34. Troubleshooting 35. Performance Optimization
IV. Advanced Ansible & Real-World
36. Ansible at Scale 37. Ansible in CI/CD Pipelines 38. Ansible with Jenkins 39. Ansible Anti-Patterns 40. Mini Project
Section I · Lesson 9

Ansible Modules Overview

In this lesson

What modules are Module categories Essential modules Collections Finding module docs

An Ansible module is a discrete, reusable unit of work — a small program that Ansible transfers to a managed node, executes to accomplish a single task, and then removes. Modules are the actual workers in Ansible's architecture: while playbooks orchestrate and inventories describe targets, it is modules that install packages, copy files, restart services, create users, and interact with cloud APIs. Ansible ships with over 5,000 built-in modules, and understanding how they are organised — and how to look up any module instantly — is one of the most practical skills in this course.

How Modules Work

Every module follows the same lifecycle during a playbook run. Ansible copies the module as a Python script to a temporary directory on the managed node, executes it with the arguments you provided, receives a JSON result, and deletes the temporary file. The managed node does the actual work; the control node receives the outcome. This is why managed nodes need Python — they are the runtime environment for every module that runs against them.

Each module returns a structured JSON response that always includes a changed key — the boolean that drives idempotency. If changed is false, the system was already in the desired state and nothing was done. If changed is true, the module made a modification. This single key is what allows Ansible to be safely re-run without side effects.

5,000+

modules shipped with Ansible — covering packages, files, services, users, cloud, network, and more

1

job per module — each module does exactly one thing and does it well. No module tries to do everything.

JSON

every module returns a structured JSON result — including changed, status, and any data gathered

The Power Tools Analogy

Ansible modules are like a professional's tool kit. Each tool does one job: the drill drills, the saw cuts, the sander sands. You do not use a saw to drill a hole, even though you technically could with enough effort. Modules work the same way — ansible.builtin.package installs packages, ansible.builtin.copy copies files, ansible.builtin.service manages services. Using the right module for each job gives you idempotency, error handling, and cross-platform support for free.

Module Categories

Ansible's modules are organised into functional categories. Knowing these categories makes it much faster to find the right module for a task — instead of searching through 5,000 names, you navigate to the relevant category first.

Files & Directories

File management

Create, copy, move, delete, and template files and directories. Manage file ownership, permissions, and symbolic links. Key modules: copy, file, template, fetch, lineinfile.

Packages

Package management

Install, remove, and update software packages. Works across distros via the generic package module, or use distro-specific modules for more control. Key modules: package, apt, dnf, pip.

Services

Service management

Start, stop, restart, enable, and disable system services via systemd or init. Ensure a service is running and set to start on boot in one task. Key modules: service, systemd.

Users & Groups

User management

Create, modify, and remove user accounts and groups. Manage SSH authorized keys, passwords, and sudo access. Key modules: user, group, authorized_key.

Cloud

Cloud infrastructure

Provision and manage cloud resources across AWS, GCP, Azure, and more — EC2 instances, S3 buckets, VPCs, load balancers, DNS records. Delivered via collections like amazon.aws, google.cloud, azure.azcollection.

System

System & commands

Run shell commands, gather system facts, manage cron jobs, control firewall rules, and reboot hosts. Key modules: command, shell, setup, cron, reboot.

Essential Modules to Know

Out of Ansible's 5,000+ modules, a core set of about 15 covers the vast majority of real-world automation tasks. These are the modules you will encounter repeatedly throughout this course and in production environments.

📦

ansible.builtin.package

Install, remove, or update packages using the system's native package manager. Detects apt, dnf, or yum automatically — write once, works on any distro. Use state: present, absent, or latest.

⚙️

ansible.builtin.service

Start, stop, restart, or reload a service. Set enabled: true to ensure the service starts on boot. Works with systemd, init, and other service managers transparently.

📄

ansible.builtin.copy

Push a file from the control node to managed nodes, or write inline content directly to a file. Supports owner, group, mode, and idempotent comparison by checksum.

🔧

ansible.builtin.template

Render a Jinja2 template with variables and write the output to a file on managed nodes. The standard way to generate configuration files whose content varies per host or environment. Covered in Lesson 17.

📁

ansible.builtin.file

Create, delete, or modify files, directories, and symbolic links. Set permissions and ownership. Use state: directory to ensure a directory exists, state: absent to remove it.

👤

ansible.builtin.user

Create, modify, or remove user accounts. Set shell, home directory, groups, and password. Pairs naturally with authorized_key to provision SSH access for a new user in a single play.

✏️

ansible.builtin.lineinfile

Ensure a specific line is present or absent in a file, or replace a line matching a regex pattern. The right tool for making targeted edits to config files without replacing them entirely.

🔍

ansible.builtin.setup

Gathers facts about the managed node — OS, hostname, IP addresses, memory, CPU, disk, and hundreds more. Called automatically at the start of every playbook run. Use filter to retrieve specific facts only.

Collections and Module Namespacing

Modern Ansible organises modules into collections — packages of related modules, plugins, and roles grouped under a namespace. A fully qualified module name follows the pattern namespace.collection.module_name. For example, ansible.builtin.package means: the ansible namespace, the builtin collection, the package module.

This namespacing was introduced in Ansible 2.10 to prevent naming conflicts as the ecosystem grew. You can still use short module names like package in playbooks for backward compatibility, but the fully qualified name is the recommended standard — it makes it immediately clear which collection a module comes from.

Key collection namespaces

ansible.builtin Core modules shipped with every Ansible installation. Package, file, service, copy, template, user — the fundamentals. No additional install required.
amazon.aws AWS modules — EC2, S3, RDS, VPC, IAM, Lambda. Install with ansible-galaxy collection install amazon.aws.
google.cloud GCP modules — Compute Engine, Cloud Storage, GKE, Cloud SQL. Install with ansible-galaxy collection install google.cloud.
community.general A large catch-all collection of community-maintained modules covering tools that don't belong in a specific namespace — Docker, Homebrew, Jira, Slack, and many more.
ansible.windows Windows-specific modules — package management via Chocolatey, Windows features, registry keys, services. Required for managing Windows managed nodes.

Browse collections: Ansible Galaxy is the public hub for community collections. Search, install, and read documentation for any collection directly from the browser.

Ansible Galaxy ↗

Finding Module Documentation

You do not need to memorise module parameters — knowing how to look them up instantly is far more valuable. There are two primary methods: the built-in ansible-doc command for offline terminal reference, and the official Ansible documentation website for browsable, searchable reference with examples.

Method 1 — ansible-doc in the terminal

# Show full documentation for any module — parameters, return values, examples
ansible-doc ansible.builtin.copy

# List all available modules (pipe to grep to search)
ansible-doc -l

# Search for modules related to a keyword
ansible-doc -l | grep user

# Show a short synopsis of a module without full docs
ansible-doc -s ansible.builtin.package
> ANSIBLE.BUILTIN.COPY (/usr/lib/python3/dist-packages/ansible/modules/copy.py)

  The `copy' module copies a file from the local or remote machine
  to a location on the remote machine.

OPTIONS (= is mandatory):

- backup
        Create a backup file including the timestamp information
        [Default: False]
        type: bool

= dest
        Remote absolute path where the file should be copied to.
        type: path

- mode
        The permissions of the destination file or directory.
        [Default: (null)]
        type: raw
...
EXAMPLES:
- name: Copy file with owner and permissions
  ansible.builtin.copy:
    src: /srv/myfiles/foo.conf
    dest: /etc/foo.conf
    owner: foo
    group: foo
    mode: '0644'

What just happened?

ansible-doc printed the full offline documentation for ansible.builtin.copy — every parameter, its type, whether it is required, its default value, and working examples. This is available without internet access and is always in sync with the exact version of Ansible you have installed.

Method 2 — Official documentation website

The official Ansible module index — fully searchable, with examples, return value documentation, and links between related modules. Bookmark the Collection Index page to browse by namespace.

Module index ↗

Never Use ansible.builtin.command When a Dedicated Module Exists

The command and shell modules are not idempotent — they execute every time the playbook runs regardless of whether anything needs to change. Using command to install a package, manage a service, or create a user when dedicated modules exist for each of these tasks defeats the entire purpose of Ansible's idempotency guarantee. Always check whether a purpose-built module exists before reaching for command or shell.

Key Takeaways

A module is a single unit of work — Ansible copies it to the managed node as a Python script, executes it, returns a JSON result with a changed key, and removes the temporary file.
Fully qualified names are the standard — use ansible.builtin.package rather than just package to make it unambiguous which collection a module comes from.
15 modules cover most real-world taskspackage, service, copy, template, file, user, lineinfile, and setup are the ones you will use in almost every project.
ansible-doc is your fastest reference — run ansible-doc <module> at any time for full parameter documentation and working examples without leaving the terminal.
Always prefer a dedicated module over command or shell — purpose-built modules are idempotent, handle errors gracefully, and work cross-platform. Raw commands are none of these things by default.

Teacher's Note

Run ansible-doc -l | wc -l to see exactly how many modules your installed version has — then pick three you have never used and read their docs with ansible-doc. That habit will serve you better than memorising any list.

Practice Questions

1. What command shows the full offline documentation for any Ansible module, including all parameters and examples?



2. What is the collection namespace that contains Ansible's core modules — package, copy, service, file, and user?



3. Every module returns a JSON result. What is the key in that result that indicates whether the module made any change to the managed node?



Quiz

1. What is the correct description of how Ansible executes a module on a managed node?


2. You need to add a single line to /etc/ssh/sshd_config without replacing the entire file. Which module is most appropriate?


3. What is the format of a fully qualified Ansible module name?


Up Next · Lesson 10

Beginner Best Practices

The habits, conventions, and patterns that separate clean, maintainable Ansible from the kind that breaks at 2am — before you write your first real playbook.

← Previous Course Index Next →