Ansible

Goals

  1. Training is an indispensable part for personal or profesional experiences.
    For different reasons, it is not always easy to give time to it.

  2. When I write an Ansible role, I try to make it complete and idempotent. This forces me to have a full knowledge on how a tool operates.

  3. To avoid manual actions, I want to be able to manage my while infrastructure with Ansible:

  1. I want to add some security layers (to the best I can):

To find potential errors, I deploy all my role in a hostil environment: a dedicated machine where all services coexist and without any VMs or containers.

Of course, I don’t shrug immutability off. It’s a also key part of a sane infrastructure but it requires a fully-working one (from packaging to alerting).

As I don’t have yet enough tools to maintain any immutable services, I won’t work on it.

Results

I therefore write my roles to answer those needs and they are available here: https://git.t18s.fr/.

The playbooks I used to deploy everything on my infrastructure are here: https://git.t18s.fr/ansible-playbooks/.

All roles and playbooks answer my own needs. I try to make them abstract but it is impossible to make them work in all use-cases.
It is thus possible that they won’t work as you wish: be prepared.

I hope however they can be used as a basis to your own developments.

Roadmap

The roles and playbooks I’ve made, allow me to deploy:

From my initial plans, I still need to: