Kevin's musings

Just a week or so shy of 3 years ago, Fedora Infrastructure embarked on a journey to migrate to using ansible to manage all our hosts. It’s been a long road and one we could have done faster, but we wanted to do things in a transparent and measured way, not rushing and making quick decisions and changes that we would have to clean up later. Today that journey is completed.

So why ansible? What made us start this journey? We had a CM setup and it was working, but after weighing the advantages and disadvantages we definitely felt moving to ansible would be worth it. Just a few of the reasons:

• We are very much a python shop, ruby syntax isn’t hard, but it’s just another thing to remember when making changes.
• Not having to have agents on all our nodes is a big win memory and resource wise.
• Not having to have yet another ssl cert setup for our CM is a great win.
• We could drop func (that we were using for some ad-hoc things in favor of just using ansible for those things)
• Not having to worry about version skew between our management host and clients was a big win.
• Easier to explain and show how things work to new folks was a big win.
• Not having to worry about scaling central host to number of managed nodes was a big win.
• … and I’m sure more things I am forgetting now…

Of course just because we have finished this migration doesn’t mean we don’t have lots and lots of other things ahead of us. In 3 years ansible has changed some and we need to go back and clean up some of those things that currently work, but aren’t ideal anymore. Ansible 2.0 should be out before too long and we need to look at moving to that and helping out with it’s testing whereever we can.

I’d like to thank the Fedora Infrastructure team and all those who contributed to our migration efforts as well as the excellent ansible developers and community. We could not have done it without any of you!