logo

Eugene's Space

Agent-less infrastructure management with Ansible ansible emoji

As I explore new things and grow my homelab raspberry-pi emoji infrastructure things start to get a little messy. I’ve reached the point where I should start using more advanced deployment strategy than just manually setting up servers via SSH or rsync-ing a bunch of files into them. The goal is to reach Infrastructure as Code.

But what about Docker? 🐳

Docker is an amazing tool that solves particularly nasty problem - isolating your application from environment and reliably running it on any platform. You just pack your application into the container and ship it anywhere you want! It makes your app scalable!

I use Docker on my daily job and I can’t imagine it otherwise. But here, in my tiny homelab (which is just one RaspberryPI raspberry-pi emoji at this point), this is not world-class production problems, so it might be an overkill.

Docker requires your servers to run a daemon - e.g extra software layer (and it’s dependencies) between your applications and the metal. It will run in the background and make your fan work a bit louder 🚁 in the upcoming summer nights to compensate for those extra couple degrees.

meme

Introducting Ansible ansible emoji

Here it comes - agent-less deployment tool that doesn’t require your server to run anymore bullshit than good old Python python emoji and open SSH port.

In Ansible you define so called playbooks - YAML specs of your tasks. Then you just feed the YAML to ansible-playbook and voila! It’s already SSHing into your machines and doing your job now!

Ansible is not the tool you should learn, it’s so simple that you can use it right away!

Examples from my infrastructure raspberry-pi emoji

Ansible has a bunch of built-in convenience commands that make your life even more enjoyable.

meme

This is how easy it is to setup a cron-job:

 - name: Setup auto-renewing certificates
   become: true
   cron:
     name: "Auto-renew certificates"
     minute: "0"
     hour: "12"
     job: "/usr/bin/certbot renew --quiet"

Transferring files:

 - name: Copy nginx configuration
   become: true
   copy:
     src: ./files/nginx/website
     dest: /etc/nginx/sites-available

Installing packages:

 - name: Install build tools
   apt:
     pkg:
     - gcc
     - make
     - cmake
     - gnutls-dev
     - uuid-dev

…and many many more. Check out source code of my playbooks here:

The notable ones are: