5 ops tasks to do with Ansible

Less DevOps, more OpsDev.
142 readers like this.
gears and lightbulb to represent innovation

Opensource.com

In this DevOps world, it sometimes appears the Dev half gets all the limelight, with Ops the forgotten half in the relationship. It's almost as if the leading Dev tells the trailing Ops what to do, with almost everything "Ops" being whatever Dev says it should be. Ops, therefore, gets left behind, punted to the back, relegated to the bench.

I'd like to see more OpsDev happening. So let's look at a handful of things Ansible can help you do with your day-to-day Ops life. 

Job templates

I've chosen to present these solutions within Ansible Tower because I think a user interface (UI) adds value to most of these tasks. If you want to emulate this, you can test it out in AWX, the upstream open source version of Tower.

Manage users

In a large-scale environment, your users would be centralised in a system like Active Directory or LDAP. But I bet there are still a whole load of environments with lots of static users in them, too. Ansible can help you centralise that decentralised problem. And the community has already solved it for us. Meet the Ansible Galaxy role users.

What's clever about this role is it allows us to manage users via datano changes to play logic required.

User data

With simple data structures, we can add, remove and modify static users on a system. Very useful.

Manage sudo

Privilege escalation comes in many forms, but one of the most popular is sudo. It's relatively easy to manage sudo through discrete files per user, group, etc. But some folk get nervous about giving privilege escalation willy-nilly and prefer it to be time-bound. So here's a take on that, using the simple at command to put a time limit on the granted access.

Managing sudo

Manage services

Wouldn't it be great to give a menu to an entry-level ops team so they could just restart certain services? Voila!

Managing services

Manage disk space

Here's a simple role that can be used to look for files larger than size N in a particular directory. Doing this in Tower, we have the bonus of enabling callbacks. Imagine your monitoring solution spotting a filesystem going over X% full and triggering a job in Tower to go find out what files are the cause.

Managing disk space

Debug a system performance problem

This role is fairly simple: it runs some commands and prints the output. The details are printed at the end of the run for you, sysadmin, to cast your skilled eyes over. Bonus homework: use regexs to find certain conditions in the output (CPU hog over 80%, say).

Debugging system performance

Summary

I've recorded a short video of these five tasks in action. You can find all the code on GitHub too!

What to read next
User profile image.
With a quarter of a century of industry experience, Mark has designed and engineered automated infrastructures at every level–from a handful of hosts in startups, to the tens of thousands in investment banks.

2 Comments

Awesome post I like this post It have very helpful information, I share with my friends.

Keep it up for such wonderful post!

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.