Spinning up servers with Ansible

You’ve probably had to configure a server for your new application. And, if you’ve done that, you’ve probably also had to configure a new one with the same exact configuration. You may have used something like “spin up the new server using an image from the first server”, but then you had to change a lot of security details like passwords, IP whitelists, etc. This is a dangerous (and boring) process. You have to tediously pore over ever customizable configuration and adjust them as needed. But it’s easy to forget to change something. Or maybe your eyes skip over a line or two. You might have used a shell script to do the configuration, but eventually the script got too big and complex. To solve these problems, we use Ansible. Ansible is a powerful automation engine that allows us to write simple scripts to automate server configuration tasks using YAML (a simple language that resembles plain english).

Ansible’s automation helps us avoid error prone manual configuration. Avoiding configuration errors is really important, because incorrectly configured servers can lead to hard to diagnose bugs or vulnerabilities to attackers. Also, without an automated process, it is easy for team members to spin up servers with their own configurations, ignoring the standard developed by the team. Shell scripts can work, but it’s probably better to write something now that you will still understand 6 months down the road.

We chose Ansible cause it is a free and open source tool, so to get started, all we needed to do was install it. Ansible also has really good documentation, which made it easy for us to quickly go from zero to hero.

Here’s how to get a basic Ansible script running. I’m using Ubuntu 16.04.

First, you need to install Ansible. To do that, we need to configure the PPA with the following instructions:

$ sudo apt-get install software-properties-common

$ sudo apt-add-repository ppa:ansible/ansible

$ sudo apt-get update

Now that you have configured the PPA it is time to install Ansible:

$ sudo apt-get install ansible

Alright, at this point Ansible is installed and ready to be used. So
let’s create the auxiliary files. The first one is ansible.cfg

[defaults]
inventory = hosts  

This is a configuration file used to adjust certain Ansible settings. In our ansible.cfg we’re setting the inventory file location that Ansible will use to get the hosts list. Now it’s time to work on the hosts file.

[server_to_be_configured]
SERVER_IP # change this for a valid server IP  

The hosts file is defining the collection of hosts belonging to the servertobe_configured group. Now let’s create the last auxiliary file, variables.yml. We’ll use it to store the variables required in our playbook.

server_manager_user: ubuntu

github_users:  
  - github_user_with_ssh_key_setup

And last but not least, let’s create the playbook.yml. The playbook is where we define the tasks responsible for configuring our server.

- hosts: server_to_be_configured
  become: true

  vars_files:
    - variables.yml


  tasks:
    - name: Set authorized key took from github using the users in github_users variable
      with_items: "{{ github_users }}"
      authorized_key:
        user: "{{ server_manager_user }}"
        state: present
        key: https://github.com/{{ item }}.keys

As you can see from the task name, our playbook is going to set authorized keys taken from Github using the users in github_users variable.
Now we can run our playbook

$ ansible-playbook playbook.yml

As you can see, Ansible is simple yet powerful. It helps you with configuration management, application deployment, continuous delivery, IT orchestration, etc. So consider using it to automate some of your IT tasks.

Download our Incubator Resources

 

WANT MORE?

We’re known for sharing everything!

HANDBOOK

Save more time, get more done!

FREE HANDBOOK

Innovate from the inside

Written by
Diogo Ribeiro 16 Aug 2017

Software Engineer

YOU MIGHT ALSO LIKE

comments powered by Disqus