in

7 Daily Sysadmin Tasks to Automate with Ansible

Introduction
Hey there! As a fellow sysadmin, I know you‘ve likely spent countless hours on mundane yet critical tasks like copying files between servers or restarting services. I used to spend my days logged into multiple servers running the same commands over and over again. It was time-consuming and frustrating!

That‘s why I was thrilled when I discovered Ansible, an open source automation tool that changed my sysadmin life. Ansible provides reusable "playbooks" to automate just about any sysadmin task you can think of. No more manually SSHing into servers or keeping track of what‘s been done where!

In this post, I‘ll walk you through 7 common sysadmin tasks that I‘ve been able to easily automate using Ansible playbooks and modules:

  1. Copy Files from Local/Remote Systems
  2. Configure Cron Jobs
  3. Manage Disks and Filesystems
  4. Collect Server Logs
  5. Install/Remove Software Packages
  6. Manage Users and Groups
  7. Manage Services

For each task, I‘ll share Ansible code examples from my own playbooks, explain how they work, and provide some tips based on experience. Let‘s get started!

Copy Files from Local/Remote Systems
As a sysadmin, you probably need to copy files between servers or directories regularly. For example, you may need to:

  • Copy updated configuration files to multiple servers
  • Back up a file before replacing it
  • Sync files from a remote server to a local destination

Instead of using scp or rsync commands manually, you can create an Ansible playbook to copy files as needed.

Here‘s an example playbook that copies a new NTP configuration file from the local system to the /etc/ directory on remote hosts:

---
- hosts: webservers

  tasks:
    - name: Copy NTP config file
      copy:
        src: files/ntp.conf
        dest: /etc/ntp.conf
        owner: root
        group: root
        mode: ‘0644‘  

This uses Ansible‘s copy module to specify the local file path to copy from in src, and the remote destination path and permissions in dest. I like to use copy for simple single file copies like this.

A few tips when using copy:

  • Use the backup option to keep a backup of the original file
  • Make sure to define owner, group, and mode to avoid permission issues

Now let‘s look at how to configure those crucial cron jobs!

Configure Cron Jobs
cron allows you to schedule all kinds of automated jobs to run on servers at set times. As a sysadmin, you may need to configure cron jobs for backups, log rotations, reports, and more.

Instead of manually editing crontabs on each server, Ansible makes this a breeze. Here‘s an example cron task:

- name: Schedule database backup
  cron:
    name: "Daily DB backup"
    minute: "0"
    hour: "23"
    job: "/opt/scripts/db-backup.sh"

This scheduled a script to run daily at 11 PM to back up our database.

Some tips for working with Ansible‘s cron module:

  • Use name for the description to identify cron jobs easily
  • Validate minute, hour, etc. ensure the job runs when expected
  • Put commands/scripts in job: to specify what the cron runs

Next up, managing those disk partitions and filesystems!

Manage Disks and Filesystems
Servers would be useless piles of metal without disks and filesystems to store data. As a sysadmin, common tasks include:

  • Partitioning new disks
  • Formatting filesystems
  • Mounting volumes
  • Configuring fstab entries

Rather than all the manual fdisk, mkfs, mount commands, Ansible helps easily configure disk management across all your servers with built-in modules.

Here‘s an example playbook:

- name: Create and mount disk partition
  hosts: appservers 

  tasks:
    - name: Create partition
      parted:
        device: /dev/vdb
        number: 1
        label: gpt

    - name: Format filesystem  
      filesystem:
        fstype: ext4
        dev: /dev/vdb1

    - name: Mount new disk   
      mount: 
        path: /opt/data
        src: /dev/vdb1
        fstype: ext4
        state: mounted

This allows me to partition a disk, format to ext4, and mount it without any tedious manual work. Some helpful tips:

  • Use Ansible facts like ansible_devices to get disk names
  • Make sure disks/partitions don‘t have valuable data!
  • Set fstab: present to add an fstab entry automatically

Collecting those server logs? Ansible has you covered there too!

Collect Server Logs
Log files provide crucial insights into server operations and issues. As a sysadmin, having logs centralized makes monitoring and troubleshooting much easier.

Instead of manually scp-ing logs from different servers, Ansible can handle the log collection for you with just a few simple tasks.

Here‘s an example:

- name: Find all .log files
  find:
    paths: /var/log/
    patterns: ‘*.log‘
  register: logs

- name: Fetch logs from servers
  fetch: 
    src: "{{ item.path }}"
    dest: /tmp/server_logs/
  loop: "{{ logs.files }}"

This uses Ansible‘s find module to locate all .log files in /var/log/. The log file paths get registered to use in the fetch task.

Fetch downloads the files to a local destination, in this case /tmp/server_logs/.

Some tips for collecting logs with Ansible:

  • Use patterns to control which files get collected
  • Create a dedicated logs directory for easy analysis
  • Fetch is agentless – uses scp under the hood
  • Set a cron job to have logs fetched automatically!

Managing Software Packages
What‘s a server without any software? Ansible helps automate those mundane package management tasks like installs, upgrades and removals.

Here‘s a simple example for YUM-based systems like CentOS:

- name: Install Apache
  yum:
    name: httpd
    state: latest

- name: Remove old PHP version 
  yum:
    name: php-5.6
    state: absent

And the same tasks for apt-based systems like Ubuntu:

- name: Install Apache
  apt:
    name: apache2
    state: latest

- name: Remove old PHP version
  apt: 
    name: php5.6
    state: absent

Some best practices when managing software with Ansible:

  • use state: latest to upgrade packages
  • Run ansible-galaxy to install community modules like MySQL or Nginx
  • Set up development environments easily by installing toolchains, compilers, etc.

Now on to managing those user accounts and groups!

Manage Users and Groups
Between developers, operations teams, contractors and more, there‘s always a need for managing what users have access to your servers and what permissions they have.

Ansible provides user and group modules that handle user creation, deletion and management across any number of Linux/Unix servers.

Here‘s an example:

- name: Ensure testuser1 exists
  user: 
    name: testuser1
    groups: developers

- name: Remove testuser2
  user:
    name: testuser2
    state: absent
    remove: yes

- name: Add appservers group
  group:
    name: appservers
    gid: 5000

This allows me to ensure user accounts and groups are consistent no matter the number of servers.

Some tips for user management in Ansible:

  • user module manages local Linux/Unix accounts
  • Make sure to handle permission differences between Windows and Linux
  • password and ssh_key options help configure auth
  • group_id option lets you set the GID

Last but not least – managing those server services with Ansible.

Manage Services
If a server‘s services like sshd, DNS, database processes aren‘t running properly, you‘re going to have issues. Ansible makes starting, stopping and restarting these services a breeze.

Here‘s a simple playbook:

- name: Restart sshd
  service:
    name: sshd
    state: restarted

- name: Stop DNS temporarily
  service:
    name: named
    state: stopped  

- name: Start MySQL
  service: 
    name: mysqld
    state: started
    enabled: yes

This allows me to manage service state consistently across all servers from one playbook.

Some useful tips:

  • enabled: yes ensures a service starts at boot
  • Check for different service names like ssh vs sshd
  • Use ansible facts like ansible_service_mgr to handle system differences behind the scenes

I hope these 7 examples give you a glimpse into how Ansible can transform your life as a sysadmin! Automating previously manual tasks allows us to focus on more interesting work that actually requires human insight.

To take your Ansible skills to the next level, be sure to check out:

  • Roles: Reusable playbook components
  • Templates: Customize files and configurations
  • Variables: Store data to reference across tasks
  • When statements: Only run certain tasks based on conditions

Thanks for reading and happy automating! Let me know if you have any other mundane sysadmin tasks I should be automating with Ansible.

AlexisKestler

Written by Alexis Kestler

A female web designer and programmer - Now is a 36-year IT professional with over 15 years of experience living in NorCal. I enjoy keeping my feet wet in the world of technology through reading, working, and researching topics that pique my interest.