Ansible Multiple Environment Best Practices

Ansible Multiple Environment

Handling multiple infrastructure environments with Ansible is easily done by targeting the environment tag that is included in the mandatory AWS Tags. See AWS Tagging Best Practices.

Avoid mixing environments mistakes

Have switches, configurations redundancies, and different keys for each environment to reduce the possibility of applying changes to the wrong client or environment.

Applying the PRE environment configuration to the PRO environment will be a terrible error.

To prevent errors from happening:

Environment Tag

Use the tag tag_environment_ENV as a selector in playbooks, for example:

  - hosts: tag_os_ubuntu:&tag_environment_ENV
    become: yes
      - { role: linux/pam_limits, tags: [ 'pam_limits'] }
      - { role: linux/hosts_file, tags: [ 'hosts_file'] }
      - { role: linux/host_name, tags: [ 'host_name'] }
      - common

Multiple Ansible Playbooks

Have a different Ansible playbook for each environment, e.g.:

  • ditwl_des.yml
  • ditwl_pre.yml
  • ditwl_pro.yml

Unique Ansible Private Keys

Have different SSH Key files for each combination of environment and user that has to have SSH access either by console or using Ansible.

The key is set using the ANSIBLE_PRIVATE_KEY_FILE environment variable. Each USER should have its private key for each environment ENV.

E.g.: ditwl_pk_USER_ENV_infradmin.pem

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Cloud Tutorials

Ansible Terraform AWS
This Ansible AWS tutorial shows how to use Ansible and its dynamic inventory AWS plugin to provision the software and configuration of infrastructure that has been created with Terraform.
Ansible logo
How To Install The Ansible Control Node in Ubuntu.
SSH, which stands for Secure Shell, is a cryptographic network protocol that allows for secure communication and data transfer between two computers over an insecure network. Usage: Key features of SSH: Applications of SSH: Next Steps:
Ansible logo
Ansible Roles Granularity We recommend building Ansible roles that are highly reusable by configuration, but we also recommend pragmatism as our highest priority. Roles for systems and applications designed to be standalone, or before the Cloud was around, are called "non-native cloud applications", often those are stateful applications that can not be clustered without sharing […]
Ansible logo
Define and apply a company-wide consistent structure for all your Ansible Playbooks that allows for easy understanding and maximum reutilization
Javier Ruiz Cloud and SaaS Expert

Javier Ruiz

IT Wonder Lab tutorials are based on the diverse experience of Javier Ruiz, who founded and bootstrapped a SaaS company in the energy sector. His company, later acquired by a NASDAQ traded company, managed over €2 billion per year of electricity for prominent energy producers across Europe and America. Javier has over 25 years of experience in building and managing IT companies, developing cloud infrastructure, leading cross-functional teams, and transitioning his own company from on-premises, consulting, and custom software development to a successful SaaS model that scaled globally.

Are you looking for cloud automation best practices tailored to your company?

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram