You will automate configuration of a Linux fleet with idempotent Ansible playbooks driven by a Python wrapper. By the end one command configures 15+ nodes consistently, with drift eliminated on every run.

Learning Objectives

  • Model hosts in an Ansible inventory.
  • Write idempotent roles for packages, users, and services.
  • Orchestrate runs and reporting from Python.
  • Time: ~10 hours · Difficulty: Advanced · Prereqs: SSH access to several nodes.

Architecture Overview

Environment Setup

  • Python 3.11, Ansible, and SSH key access to target nodes.
  • An inventory file grouping hosts by role.
  • A control node with the playbooks checked into Git.

Step-by-Step Execution

01
Define the inventory
ansible all -i inventory.ini -m ping
Confirms connectivity to every host before changes.
02
Run an idempotent playbook
ansible-playbook -i inventory.ini site.yml
03
Wrap it in Python for reporting
$ python3 run_fleet.py --limit web
PLAY RECAP web1: ok=12 changed=0 web2: ok=12 changed=0 (idempotent)

Progress So Far

Testing & Validation

ansible-playbook -i inventory.ini site.yml --check --diff

A second run should report changed=0 everywhere, proving idempotency. If so, the fleet matches the desired state.

Troubleshooting
  • changed=1 every run: a task is not idempotent; use modules over command/shell.
  • Unreachable hosts: verify SSH keys and the inventory addresses.
  • Privilege errors: add become: true for tasks needing root.

Extension Ideas

  • Run the playbook from CI/CD.
  • Add a dynamic inventory from your cloud provider.
  • Layer vulnerability remediation onto patch tasks.

Key Results

  • Configured 15+ nodes from a single command.
  • Achieved changed=0 on repeat runs (full idempotency).
  • Centralized run reporting through a Python wrapper.
  • Version-controlled all playbooks for auditability.