Server Build - You mean I need a whole server?
Sure! I mean, you don’t. You could run all of these playbooks from your laptop, but really, where is the fun in that? During your sales pitch, I would STRONGLY recommend adding a cluster for your datacenter (If you aren’t virtualized already), or be ready to stand up a small VM to host this service. You will need it!
I stood up a VM with Ubuntu LTS with really meager stats, 100gb drive, 4gb ram, 2 cores. With OpenSSH server and ansible installed, thats pretty much it, you’re ready to go. Now, I understand that I’m basically saying:
Once your VM is up and getting backed up and all that fun stuff, you can move on to the next piece.
Version Control
Using something like Git to manage your playbooks is an absolute no-brainer, since it eliminates all the back and forth of working on scripts in your local IDE and moving them, or developing remotely and having to worry about an SSH connection. Its always, always a bad move to store secrets in a repository, but if you are going to, make dang sure that its a private repo.
Set up your repo in your version control repository of choice. I use Github so, even though I’ll try to keep things generic (and they mostly are), that’ll be my frame of reference. There shouldn’t be much difference in the end, the repository itself is just out there, you aren’t interacting with it directly much. Make sure to put a Readme.md file in your repo so we have something to sync, even if we aren’t writing playbooks yet!
Once git is installed (sudo apt install git), you can clone your repo to wherever you’d like it to be. I named my repo ScaleAnsiblePlaybooks, and I’d like to clone to my SSH user’s home directory, so the command is:
git clone https://github.com/{{companyname}}/ScaleAnsiblePlaybooks /home/{{ssh user}}/ScaleAnsiblePlaybooks
You’ll likely need to set up an SSH keypair for this (for authentication). That will differ by the version control platform you use, but GitHub has a great guide for doing so.
You will also need to configure your git client with the username and email you’re connecting with. Here is the command:
git config --global user.name "{{Your Machine Name}}"
git config --global user.email "email@yourdomain.com"
Lets create a quick script to grab everything from the repo. Note, I am never editing on the ansible host, so I do not save any work on that machine. Every 5 minutes, I completely reset the local files to whatever is on the repo. To do that, make a script in your home folder, I called mine fetch_repo.sh. Do so by opening the nano editor with this command:
cd ~/
nano fetch_repo.sh
My script looks like this:
#!/bin/bash
# Navigate to repo
cd /home/admin/ScaleAnsiblePlaybooks
# fetch latest changes
git reset --hard
git pull origin
So this discards any local edits with git reset --hard, and pulls the origin (the repo on GitHub, in my case) with git pull origin. CTRL-X to exit and save that when prompted. Back at your terminal, run chmod a+x fetch_repo.sh to make that script executable. To run the script and test for errors, you can run ./fetch_repo and make sure you’re good to go.
To automate your fetch, we’ll add a script to crontab. Lets open our cron scheduler wityh the command crontab -e. The way that cron scheduling works is a bit of a mess, but there are loads of websites that can help you figure out the exact string you need, like cronhub. For “every 5 minutes”, our cron string is * /5 * * * *. When you open crontab -e, add the following line:
*/5 * * * * sh /home/{{your ssh user}}/fetch_repo.sh
Save and exit. You can check if this is working with crontab -l