Just a few months in the past, I learn Marco Bravo’s article How to use Ansible to document procedures on Opensource.com. I’ll admit, I did not fairly get it on the time. I used to be not actively utilizing Ansible, and I bear in mind considering it seemed like extra work than it was price. But I had an open thoughts and determined to spend time trying deeper into Ansible.
I quickly discovered an excuse to embark on my first actual Ansible journey: repurposing previous laptops like in How to make an old computer useful again. I’ve at all times preferred taking part in with previous computer systems, and the prospect of automating one thing with trendy strategies piqued my curiosity.
The job
Earlier this 12 months, I gave my seven-year-old daughter a repurposed Dell Mini 9 working some taste of Ubuntu. At first, my six-year-old daughter did not care a lot about it, however because the music performed and he or she found the enjoyable packages, her curiosity set in.
I spotted I would want to construct one other one for her quickly. And any dad or mum with young children shut in age can possible determine with my dilemma. If each kids do not get an identical issues, conflicts will come up. Similar toys, comparable garments, comparable footwear … typically the colour, form, and blinking lights have to be an identical. I’m positive they’d discover any distinction in laptop computer configuration, and it will change into a degree of rivalry. Therefore, I wanted these laptops to have an identical performance.
Also, with young children within the combine, I suspected I’d be rebuilding these items a couple of instances. Failures, accidents, upgrades, corruptions … this threatened to change into a time sink.
Since two younger women sharing one Dell Mini 9 was probably not a workable answer, I grabbed a Dell D620 from my pile of previous , upgraded the RAM, put in a reasonable SSD, and began to prepare dinner up a repeatable course of to construct the kids’s pc configuration.
If you consider it, this job appears excellent for a configuration administration system. I wanted one thing to doc what I used to be doing so it might be simply repeatable.
Ansible to the rescue
I did not attempt to arrange a full-on pre-boot execution surroundings (PXE) to help an occasional laptop computer set up. I wished to show my kids to do among the set up work for me (a distinct type of automation, ha!).
I made a decision to begin from a minimal OS set up and finally broke down my Ansible strategy into three elements: bootstrap, account setup, and software program set up. I might have put the whole lot into one big script, however separating these features allowed me to combine and match them for different tasks and refine them individually over time. Ansible’s YAML file readability helped maintain issues clear as I refined my methods.
For this laptop computer experiment, I made a decision to make use of Debian 32-bit as my place to begin, because it appeared to work finest on my older . The bootstrap YAML script is meant to take a bare-minimal OS set up and convey it as much as some normal. It depends on a non-root account to be out there over SSH and little else. Since a minimal OS set up normally comprises little or no that’s helpful to Ansible, I take advantage of the next to hit one host and immediate me to log in with privilege escalation:
$ ansible-playbook bootstrap.yml -i '192.168.zero.100,' -u jfarrell -Kk
The script makes use of Ansible’s raw module to set some base necessities. It ensures Python is offered, upgrades the OS, units up an Ansible management account, transfers SSH keys, and configures sudo privilege escalation. When bootstrap completes, the whole lot must be in place to have this node totally take part in my bigger Ansible stock. I’ve discovered that bootstrapping bare-minimum OS installs is nuanced (if there may be curiosity, I will write one other article on this subject).
The account YAML setup script is used to arrange (or reset) consumer accounts for every member of the family. This retains consumer IDs (UIDs) and group IDs (GIDs) constant throughout the small variety of machines we’ve, and it may be used to repair locked accounts when wanted. Yes, I do know I might have arrange Network Information Service or LDAP authentication, however the variety of accounts I’ve may be very small, and I favor to maintain these methods quite simple. Here is an excerpt I discovered particularly helpful for this:
---
- identify: Set consumer accounts
hosts: all
gather_facts: false
change into: sure
vars_prompt:
- identify: passwd
immediate: "Enter the desired ansible password:"
personal: sure
duties:
- identify: Add baby 1 account
consumer:
state: current
identify: child1
password: " password_hash('sha512') "
remark: Child One
uid: 888
group: customers
shell: /bin/bash
generate_ssh_key: sure
ssh_key_bits: 2048
update_password: at all times
create_home: sure
The vars_prompt part prompts me for a password, which is put to a Jinja2 transformation to provide the specified password hash. This means I needn’t hardcode passwords into the YAML file and may run it to alter passwords as wanted.
The software program set up YAML file continues to be evolving. It features a base set of utilities for the sysadmin after which the stuff my customers want. This principally consists of guaranteeing that the identical graphical consumer interface (GUI) interface and all the identical packages, video games, and media information are put in on every machine. Here is a small excerpt of the software program for my younger kids:
- identify: Install youngsters software program
apt:
identify: ""
state: current
vars:
packages:
- lxde
- childsplay
- tuxpaint
- tuxtype
- pysycache
- pysiogame
- lmemory
- bouncy
I created these three Ansible scripts utilizing a digital machine. When they have been excellent, I examined them on the D620. Then changing the Mini 9 was a snap; I merely loaded the identical minimal Debian set up then ran the bootstrap, accounts, and software program configurations. Both methods then functioned identically.
For some time, each sisters loved their respective computer systems, evaluating utilization and exploring software program options.
The second of fact
Just a few weeks later got here the inevitable. My older daughter lastly got here to the conclusion that her pink Dell Mini 9 was underpowered. Her sister’s D620 had superior energy and display screen actual property. YouTube was the brand new rage, and the Mini 9 couldn’t sustain. As you’ll be able to guess, the poor Mini 9 fell into disuse; she wished a brand new machine, and sharing her youthful sister’s wouldn’t do.
I had one other D620 in my pile. I changed the BIOS battery, gave it a brand new SSD, and upgraded the RAM. Another excellent instance of respiration new life into previous .
I pulled my Ansible scripts from supply management, and the whole lot I wanted was proper there: bootstrap, account setup, and software program. By this time, I had forgotten a variety of the precise software program set up data. But particulars like account UIDs and all of the packages to put in have been all clearly documented and prepared to be used. While I certainly might have figured it out by my different machines, there was no must spend the time! Ansible had all of it clearly specified by YAML.
Not solely was the YAML documentation precious, however Ansible’s automation made quick work of the brand new set up. The minimal Debian OS set up from USB stick took about 15 minutes. The subsequent form up of the system utilizing Ansible for end-user deployment solely took one other 9 minutes. End-user acceptance testing was profitable, and a brand new period of computing calmness was delivered to my household (different mother and father will perceive!).
Conclusion
Taking the time to be taught and apply Ansible with this train confirmed me the true worth of its automation and documentation talents. Spending a couple of hours determining the specifics for the primary instance saves time every time I must provision or repair a machine. The YAML is obvious, straightforward to learn, and—because of Ansible’s idempotency—straightforward to check and refine over time. When I’ve new concepts or my kids have new requests, utilizing Ansible to manage a neighborhood digital machine for testing is a precious time-saving software.
Doing sysadmin duties in your free time may be enjoyable. Spending the time to automate and doc your work pays rewards sooner or later; as a substitute of needing to research and relearn a bunch of stuff you’ve already solved, Ansible retains your work documented and able to apply so you’ll be able to transfer onto different, newer enjoyable issues!