Ansible Stuff and Things

kingsolmn · January 6, 2019, 11:49pm

I’ve been playing with Ansible for a little while, and since I’m teaching myself more about it and watching Phil and @LTS_Tom’s videos again I figured I’d start a topic for it!

kingsolmn · January 6, 2019, 11:54pm

Currently, I’m working on improving my monitoring and figured why not add some automation with Ansible to fix the little annoyances that pop up every so often. How do you use Ansible to automate your monitoring/issue responses? The biggest little thorn I’ve got right now is I’ve one damn web server that brain farts every few months and Wordpress loses the db connection until it’s restarted. Cause aside (cuz that’s more of a Wordpress topic), this got me wondering how I could use Ansible better to automate the 15 or so servers I manage. I’d love to hear (or see on GitHub/GitLab) how you all use this little wonder.

Thanks in advance all!

oscartbeaumont · January 8, 2019, 7:17pm

@LTS_Tom how do you use Ansible with your servers? Do you use it to deploy applications or security configurations or do you do all of that manually.

LTS_Tom · January 8, 2019, 7:54pm

I use it so I can send the same commands to all of my servers as needed, (which is not really that often) such as to issues a shutdown to them, but I mostly rely on cron jobs to do the recurring tasks and keep the systems up to date and patched. Zabbix does my Linux sever monitoring.

oscartbeaumont · January 9, 2019, 6:39pm

Does that include your virtual machines and if so why not just use Xen Orchestra to send the shutdown command to all of them?

LTS_Tom · January 9, 2019, 6:59pm

Yes, that is usually how I do it, but I have it run my database backup command before hand. Honestly, I hardly ever use it due to lack of need. I never really have to start a VM unless there is a kernel update.

kingsolmn · January 9, 2019, 7:16pm

What about keeping the VMs updated? Do you use Ansible or XO or something else?

LTS_Tom · January 9, 2019, 8:44pm

https://wiki.debian.org/UnattendedUpgrades

ph1L · January 9, 2019, 10:34pm

Like @LTS_Tom said, unattended upgrades are going to be the easiest way to get started. Once you’re comfortable with all the tooling that exists in the ecosystem, it’s time to start destroying servers and have them rebuild automatically. When you reach that point, you’ll implement a system to blow away the servers every day so you don’t have to worry that some kernel update or other package broke during an update.

This is how I do it on CentOS machines. https://github.com/pgporada/ansible-role-yum-cron

In my home, it’s all ansible all the time. Except when it’s not.

LTS_Tom · January 9, 2019, 10:49pm

I have been to @ph1L home and can verify that the quote is true.

kingsolmn · January 10, 2019, 12:31am

Thanks gents! And I knew it wouldn’t be long before @ph1L showed up!