How I bootstrap lab servers
Sometimes I want a server up an running as quickly as possible to test some new things out. I could go in manually and set up users, packages, ssh keys, etc, but that’ll take ages manually, especially when I spin up multiple servers! This is where Ansible comes into play, mainly the ansible-pull command. I can set up a public git repo with all the basic configs I need to hop into a server after it’s launched; bonus points if I can use cloud-init or userdata in platforms such as AWS, Digitalocean, or Hetzner.
DirectoryΒ structure
CreateΒ aΒ bareΒ repositoryΒ withΒ theΒ followingΒ structure. I’ve installed ansible via pip module so you’ll see venv and requirements.txt. Install ansible however you like!
β― tree -I 'venv|.git' -a
.
βββ .gitignore <-- adds venv/ to gitignore
βββ local.yml <-- entrypoint playbook for ansible-pull
βββ requirements.txt <-- pip requires for ansible
βββ venv <-- virtual environment for python
βββ roles <-- roles directory
βββ bootstrap <-- bootstrap role
βββ files
βββ handlers
βββ tasks
βΒ Β βββ main.yml <-- main tasks to execute
βββ templates
βββ vars
Modify local.yml file to use bootstrap role
Your local.yml file should use a local connection with localhost specified as it’s hosts. Make sure have become: true and the role specified with a tag. Sample below
---
- name: Bootstrap role
hosts: localhost
connection: local
become: true
roles:
- bootstrap
tags: bootstrap
Add tasks to the bootstrap role
I’ll add a simple task that will install a few packages inside roles/bootsrap/tasks/main.yml
---
- name: Install common apt packages
apt:
name: "{{ item }}"
update_cache: yes
state: present
loop: "{{ common_packages }}"
The code above uses a loop to install a list of packages from a variables files inside roles/vars/main.yml
---
common_packages:
- apt-transport-https
- ca-certificates
- curl
- htop
- openssh-server
- net-tools
- neovim
- python3
- software-properties-common
- sudo
- tmux
- vim
- unattended-upgrades
Now the project structure should look like this
β― tree -I 'venv|.git' -a
.
βββ .gitignore
βββ local.yml
βββ requirements.txt
βββ roles
βββ bootstrap
βββ files
βββ handlers
βββ tasks
β βββ main.yml
βββ templates
βββ vars
βββ main.yml
9 directories, 8 files
Testing the playbook with Molecule before deploying
It’s a good practice to test these changes locally before deploying into a server. Complex deployments that modify configuration files may cause issues with your server if you’re not prepared to catch them beforehand. Check out Jeff Geerling’s Youtube video for a deep dive on Ansible + Molecule. For the sake of the blog post I’ll post my configurations on testing the role on Ubuntu 20.04 using the Docker driver.
β― tree -I 'venv|.git' -a
.
βββ files
βββ handlers
βββ molecule
βΒ Β βββ default
βΒ Β βββ converge.yml
βΒ Β βββ molecule.yml
βΒ Β βββ verify.yml
βββ tasks
βΒ Β βββ main.yml
βββ templates
βββ vars
βββ main.yml
---
- name: Converge
hosts: all
tasks:
- name: "Include bootstrap"
include_role:
name: "bootstrap"
---
dependency:
name: galaxy
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
platforms:
- name: ubuntu2004
image: geerlingguy/docker-ubuntu2004-ansible:latest
pre_build_image: true
privileged: true
command: ""
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
name: ansible
verifier:
name: ansible
scenario:
name: default
test_sequence:
- lint
- syntax
- create
- converge
- idempotence
- verify
- destroy
---
# This is an example playbook to execute Ansible tests.
- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
assert:
that: true
Bootstrapping a server
We currently a simple Ansible playbook that will install a few package but this can be extending to whatever your heart desires! You can view my personal repo for an example of how I configure and bootstrap my servers. When provisioning a server locally in my homelab or on the cloud for lab usage I usually use a root user to run the following commands (Sample below is targeted towards Debian based distros).
#!/bin/bash
apt update
apt install ansible git -y
ansible-pull -U https://github.com/digitalsoba/bootstrap.git -t server