Using Ansible Automation Platform to maintain a directory | Cloud Resolve LLC

Maintaining an up-to-date directory listing of files and folders can be a daunting task, especially when you have to keep track of permissions, ownership, and changes. Automating the process with Ansible can make it simpler and less error-prone. In this post, we’ll show you how to use Ansible automation platform to maintain a directory on CentOS 7 server. We’ll also discuss some benefits of using Ansible for this purpose. Stay tuned!

What is Ansible and what are its key features?

Ansible is an open-source software provisioning, configuration management, and application-deployment tool. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015.

Ansible is agentless, which means that it does not need to install any software on the nodes that it manages. Ansible uses SSH for communication with managed hosts and does not require a centralized management server. It also has a low overhead because it runs in a push mode, meaning that it will only send the necessary commands to the hosts.

Ansible is idempotent, which means that it can run multiple times on the same host without changing the desired state of the system. This is because Ansible will first check the current state of the system before making any changes.

How can Ansible be used to maintain a directory?

Ansible can be used to maintain a directory by ensuring that the files and folders are present, have the correct permissions, and are owned by the correct user. Ansible can also be used to monitor changes to files and directories, and revert back to previous versions if necessary.

What are the benefits of using Ansible for directory maintenance?

Some benefits of using Ansible for directory maintenance include:

– Reduced chance of human error: Since Ansible is automated, there is less chance for human error when compared to manual tasks.

– Idempotency: As mentioned earlier, Ansible is idempotent which means it can run multiple times on the same host without changing the desired state of the system. This is important when maintaining a directory because it ensures that the changes you make will be consistent across all hosts.

– Agentless: Ansible does not require any agent software to be installed on the nodes it manages which means it has a lower overhead.

How can you get started with Ansible for directory maintenance?

If you want to get started with Ansible for directory maintenance, we recommend checking out the Ansible documentation. The documentation is comprehensive and will give you all the information you need to get started. You can also find many resources and tutorials online. Once you have a basic understanding of how Ansible works, you can start writing your own playbooks

In this example we will maintain a directory on a fictional server called where we will need to maintain some dated but useful bash scripts that are used for monitoring. While we fully understand this is bad practice in general to have these kinds of things just sitting around in production, we also know that change is hard.

First a few assumptions are made in that we will assume that Ansible is already installed on your client. Our remote server allows SSH connectivity using only the key. This means your public key shall be defined in the remote server’s authorized_users file. Additionally, you will need a text editor like vim or nano installed on your client machine. While this guide will not go into the configuration of individual editors I will provide the plugins used to configure my vim Editor.

Vim Plugins:

indentLine

vim-yaml-folds

ALE

Finally, I highly recommend installing yamllint to validate your YAML files.

With these dependencies out of the way, let’s get started!

Example using Ansible playbook to maintain a directory on a remote server

The first thing we need to do is create our YAML file in our project directory. As this should ideally be self-documenting, I tend to use filenames that make identification easier for me and others who will work on the same files at some point later in time.

My chosen format for this example is as follows:

Grumpy_UAT_orauat_MonitorCopy.yml

The name is irrelevant for the most part but I like to add a little extra information in there. The important thing is the .yml extension as this is what Ansible will be looking for. Keep in mind this will not be a detailed document but should provide an example of the most basic requirements for a Playbook.

The next thing we need to do is open our new file in our text editor and start populating it with some content. The first few lines will be dedicated to what is called ‘YAML Front Matter’. This section is used by many systems to provide metadata about the document. For our purposes, it will look something like this:


---
- name: Testing file copy to grumpy     # Should be run with "-u mariadb"
  become_user: false
  hosts: grumpy
  vars:
  - src_path: /home/delliott/ansible/scripts/grumpy/mariadb/
  - dest_path: /home/mariadb/.crllc/monitor/
  - valid_path: /home/mariadb/.crllc/monitor/logs
  - owner: mariadb
  - group: dba

Inside this file, we notice the hosts is defined. This tells Ansible what host to validate against. Next we notice the vars section containing a list of variables such as src_path, dest_path and valid_path. These are used to define the source, destination and target for our file copy. The last two lines of interest in the vars section are owner and group. These variables will be used when we need to change the ownership of the files being copied over.

The next section is where we start to get into the ‘meat’ of our Playbook. The tasks section. In here we define the name of the task and actions taken.

The first task is a simple file validation. This is to check if the directory exists on the remote server in the defined location. If it does not exist, we want Ansible to create it for us using the parameters listed in the vars section above. To do this, we use the ‘file’ module and set the state to ‘directory’. But first we set the path, owner, group and mode for the permissions.


 tasks:
    - name: Creates the installation directory if not exist
      file:
        path: '{{ valid_path }}'
        owner: '{{ owner }}'
        group: '{{ group }}'
        mode: 0755
        state: directory

With our new task, we can now copy the files from their local directory over to a remote server. This is done using Ansible’s file module and setting it as “copy” with options for creating backups so that we don’t accidentally overwrite any existing data. We also specify where these copies should go by using the previously configuring dest_path from vars.


    - name: Copies the scripts
      copy:
        src: '{{ src_path }}'
        dest: '{{ dest_path }}'
        owner: '{{ owner }}'
        group: '{{ group }}'
        backup: true

To copy any files you wish to maintain, simply place them in the src_path destination and run ansible-playbook using the below example.

Example: ansible-playbook Grumpy_UAT_orauat_MonitorCopy.yml -u mariadb

You will see a summary screen of the actions taken.


PLAY [Testing file copy to GRUMPY] *************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [grumpy.cloud-resolve.com]

TASK [Creates the installation directory if not exist] *****************************************************************
ok: [grumpy.cloud-resolve.com]

TASK [Copies the scripts] **********************************************************************************************
ok: [grumpy.cloud-resolve.com]

TASK [Just a dummy example] ********************************************************************************************
ok: [grumpy.cloud-resolve.com] => {
    "msg": "I'm a dummy task"
}

PLAY RECAP *************************************************************************************************************
grumpy.cloud-resolve.com : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

As mentioned this was not meant to be an all inclusive tutorial but an overview of the capabilities of Ansible. I hope this provided some clarity into how you can use it maintain files and directories. Stay tuned for more tips and tricks! Thanks for reading! – Cloud Resolve LLC.

Finally, I must place credit squarely on the following site for providing the blueprint to make Vim YAML capable:

https://www.arthurkoziel.com/setting-up-vim-for-yaml/