Hi
I’m looking for articles or suggestions on how to move my old-school enterprise to contemporary devops practices (starting with config management). I’ve been using ansible in my development environment for a couple of months and I’m in the process of migrating many manually-managed configs under version control.
I’m looking at best practices for this activity. Any articles or suggestions are greatly appreciated. Here’s the process I’m thinking of right now:
Step 1: Bring “low-hanging fruit” under (git) version control
- easy (non-critical) configs are centralized, versioned and distributed via ansible
- I’m thinking it might be good to put a comment in the newly versioned config for my colleagues who are still warming up to this approach
e.g. # ansible-managed configuration - version (config version number) - Is there a supported way to add config comments like this under ansible?
Step 2: Gradually migrate complex configs under version control
- need a method to gradually migrate configs (one-by-one) under ansible management
- must support quick rollback to the old config in case there are issues
- resisting ansible’s lineinfile module although it may be required in some cases
- I’m thinking I’ll move these configs under individual folders (one per server) and version them individually to start
- end state: should be able to --check and --diff these now under a playbook without any discrepancies
Step 3: Look for templating opportunities
- create a role for the newly managed config
- look for (jinja2) templating opportunities
- once a template has been tested, then remove individual (per-node) configs collected in step 2 and start using role-based template
- should still be able to preserve rollback via git and ansible
Step 4: Repeat 2 & 3 for all complex configs
I’m only at step 1 right now. Any thoughts on this process are much appreciated.
Thank you.