Handling multiple infrastructure environments with Ansible is easily done by targeting the environment tag that is included in the mandatory AWS Tags. See AWS Tagging Best Practices.
Have switches, configurations redundancies, and different keys for each environment to reduce the possibility of applying changes to the wrong client or environment.
Applying the PRE environment configuration to the PRO environment will be a terrible error.
To prevent errors from happening:
Use the tag tag_environment_ENV as a selector in playbooks, for example:
- hosts: tag_os_ubuntu:&tag_environment_ENV become: yes roles: - { role: linux/pam_limits, tags: [ 'pam_limits'] } - { role: linux/hosts_file, tags: [ 'hosts_file'] } - { role: linux/host_name, tags: [ 'host_name'] } tags: - common ...
Have a different Ansible playbook for each environment, e.g.:
Have different SSH Key files for each combination of environment and user that has to have SSH access either by console or using Ansible.
The key is set using the ANSIBLE_PRIVATE_KEY_FILE environment variable. Each USER should have its private key for each environment ENV.
E.g.: ditwl_pk_USER_ENV_infradmin.pem
IT Wonder Lab tutorials are based on the diverse experience of Javier Ruiz, who founded and bootstrapped a SaaS company in the energy sector. His company, later acquired by a NASDAQ traded company, managed over €2 billion per year of electricity for prominent energy producers across Europe and America. Javier has over 25 years of experience in building and managing IT companies, developing cloud infrastructure, leading cross-functional teams, and transitioning his own company from on-premises, consulting, and custom software development to a successful SaaS model that scaled globally.