Python + Ansible Fleet Automation Project
You will automate configuration of a Linux fleet with idempotent Ansible playbooks driven by a Python wrapper. By the end one command configures 15+ nodes consistently, with drift eliminated on every run.
Learning Objectives
- Model hosts in an Ansible inventory.
- Write idempotent roles for packages, users, and services.
- Orchestrate runs and reporting from Python.
- Time: ~10 hours · Difficulty: Advanced · Prereqs: SSH access to several nodes.
Architecture Overview
graph LR
Py[Python wrapper] -->|invoke| Ans[Ansible]
Ans -->|SSH| N1[node-1]
Ans -->|SSH| N2[node-2]
Ans -->|SSH| Nn[node-N]
Ans --> Rep[Run report]
Environment Setup
- Python 3.11, Ansible, and SSH key access to target nodes.
- An inventory file grouping hosts by role.
- A control node with the playbooks checked into Git.
Step-by-Step Execution
01
Define the inventory
ansible all -i inventory.ini -m pingConfirms connectivity to every host before changes.
02
Run an idempotent playbook
ansible-playbook -i inventory.ini site.yml03
Wrap it in Python for reporting
$ python3 run_fleet.py --limit web
PLAY RECAP web1: ok=12 changed=0 web2: ok=12 changed=0 (idempotent)
Progress So Far
graph LR
A[01 Inventory] -->|done| B[02 Playbook]
B -->|done| C[03 Python wrapper]
style A fill:#1a4a1a,stroke:#00ff00,color:#fff
style B fill:#1a4a1a,stroke:#00ff00,color:#fff
style C fill:#1a4a1a,stroke:#00ff00,color:#fff
Testing & Validation
ansible-playbook -i inventory.ini site.yml --check --diffA second run should report changed=0 everywhere, proving idempotency. If so, the fleet matches the desired state.
Troubleshooting
- changed=1 every run: a task is not idempotent; use modules over
command/shell. - Unreachable hosts: verify SSH keys and the inventory addresses.
- Privilege errors: add
become: truefor tasks needing root.
Extension Ideas
- Run the playbook from CI/CD.
- Add a dynamic inventory from your cloud provider.
- Layer vulnerability remediation onto patch tasks.
Key Results
- Configured 15+ nodes from a single command.
- Achieved
changed=0on repeat runs (full idempotency). - Centralized run reporting through a Python wrapper.
- Version-controlled all playbooks for auditability.