Let's delve into the thrilling world of AI and its impact on crafting top-notch, secure, and dependable production-ready Ansible Playbooks. In this blog post, we shed light on the pivotal role played by tools like
Note: I am part of the Steampunk Spotter team, sharing knowledge and experience on IT automation topics.
As the demand for expedited and highly efficient content generation continues to surge with the emergence of AI tools like ChatGPT, GitHub Copilot, Amazon CodeWhisperer, and Ansible Lightspeed, one pressing question remains: Can AI indeed produce Infrastructure as Code that is robust and ready for production? Particularly when it comes to Ansible Playbooks.
Among the renowned AI tools, we emphasize the widely recognized ChatGPT’s track record in delivering favorable outcomes for Ansible and similar undertakings. Our ultimate objective is to ensure that our playbooks exemplify excellence, showcasing quality, reliability, security, and trustworthiness. We'll leverage additional tools such as Ansible Lint and Steampunk Spotter to validate our examples.
Let's forge ahead to develop a cutting-edge Ansible playbook for setting up an application. We aim to deploy a "hello world" web page within an nginx Docker container. By specifying our requirements to ChatGPT, we obtain a tailor-made playbook that caters to our specific needs:
---
- name: Deploy web page using Ansible and Docker
hosts: localhost
gather_facts: false
become: false
tasks:
- name: Create temporary directory
tempfile:
state: directory
prefix: web_deploy_
dir: /tmp
register: temp_dir
- name: Copy index.html file
copy:
content: |
<html>
<head>
<title>Hello World!</title>
</head>
<body>
<h1>Hello world! I was deployed using Ansible.</h1>
</body>
</html>
dest: "{{ temp_dir.path }}/index.html"
- name: Create Docker container for web page
docker_container:
name: my-web-page
image: nginx
state: started
ports:
- "80:80"
volumes:
- "{{ temp_dir.path }}:/usr/share/nginx/html"
- name: Wait for Nginx to start
uri:
url: "http://localhost/"
return_content: yes
register: response
until: response.status == 200
retries: 10
delay: 2
- name: Display website URL
debug:
msg: "Web page deployed successfully! Access it at http://localhost/"
Within this playbook, we receive detailed instructions outlining the various steps involved in the deployment process. However, we encounter a small hiccup. The dir
parameter needs to be supported for the tempfile
module. Seeking clarification from ChatGPT, it confidently advises us on the parameter's validity.
We enlist Spotter's support. In short, it is
We find various issues ranging from fully qualified collection names (FQCNs) to invalid and deprecated parameters, default parameter value changes, and best practices, including the recommendation to specify the copy module’s mode and remove the debug module.
Spotter also provides spotter scan-- rewrite
command, we can effortlessly correct FQCN errors within our playbook. It even goes the extra mile by generating a requirements.yml file. This guarantees compatibility between the Ansible collection's version and the specific Ansible installation on our system.
For any remaining issues that necessitate a personal touch, we turn to ChatGPT for guidance. By establishing a continuous feedback loop, we steadily achieve improved results. By incorporating Spotter's output into ChatGPT, we iteratively enhance the playbook, effectively addressing any remaining errors and carving out a playbook we can be proud of.
We subject the refined playbook to an Ansible Lint scan to ensure an unparalleled quality standard. We reformat the file with the --write
command according to the recommended guidelines. Ansible Lint reveals its indispensability by addressing issues with setting file permissions and promptly adding the necessary quotes where needed.
Through multiple iterations involving ChatGPT, Spotter, and Lint, our playbook reaches its final stage of refinement.
The finished playbook:
---
- name: Deploy web page using Ansible and Docker
hosts: localhost
gather_facts: false
become: false
tasks:
- name: Create temporary directory
ansible.builtin.tempfile:
state: directory
prefix: web_deploy_
register: temp_dir
- name: Set permissions for temporary directory
ansible.builtin.file:
path: "{{ temp_dir.path }}"
mode: '0755'
- name: Copy index.html file
ansible.builtin.copy:
content: |
<html>
<head>
<title>Hello World!</title>
</head>
<body>
<h1>Hello world! I was deployed using Ansible.</h1>
</body>
</html>
dest: "{{ temp_dir.path }}/index.html"
mode: '0644'
- name: Create Docker container for web page
community.docker.docker_container:
name: my-web-page
image: nginx
state: started
published_ports: 80:80
volumes:
- "{{ temp_dir.path }}:/usr/share/nginx/html"
- name: Wait for Nginx to start
ansible.builtin.uri:
url: http://localhost/
return_content: true
force: false
use_proxy: true
validate_certs: true
force_basic_auth: false
register: response
until: response.status == 200
retries: 10
delay: 2
While current AI tools may still require further advancements to create production-ready Ansible Playbooks, there is an undeniable need to develop specialized tools with focused intelligence. These generative AI tools and AI assistants hold immense promise in delivering tailored results with pinpoint accuracy, specifically tailored for various domains and purposes, including mastering Ansible or creating complex playbooks. Further expanding the capabilities of general-purpose AI solutions like ChatGPT by incorporating customization for specific queries can unlock an array of exciting possibilities.
Tools like Ansible Lint and Steampunk Spotter are pivotal in delivering the highest caliber Ansible content. These indispensable tools meticulously identify issues and potential vulnerabilities within playbooks, while the playbooks and rules used for auto-remediation can serve as invaluable training examples for AI models.
As we continue to explore the vast potential of AI in Ansible automation, one thing becomes abundantly clear – a collaborative effort that combines human professionals' expertise with AI's powerful capabilities is undeniably the path toward the future.
If you are interested in this topic and would like to explore it in more detail, you can check out this