Skill This
AI Skill Report Card

Automating Infrastructure With Ansible

Automates infrastructure provisioning, configuration, and management using Ansible playbooks and modules. Use when setting up servers, configuring services, or automating any CLI/API-based tasks.

A-82·Jan 16, 2026
Quick Start
YAML
# Basic server setup playbook
---
- name: Configure web servers
  hosts: webservers
  become: yes
  tasks:
    - name: Install nginx
      package:
        name: nginx
        state: present
    
    - name: Start and enable nginx
      systemd:
        name: nginx
        state: started
        enabled: yes
    
    - name: Configure firewall
      ufw:
        rule: allow
        port: '80,443'
        proto: tcp
Recommendation
Add concrete before/after examples showing actual server state changes (e.g., 'Starting with bare Ubuntu 20.04' → 'Results in nginx running on port 80')
Workflow

  1. Inventory Setup - Define target hosts in inventory.yml:

    YAML
    all:
  children:
    webservers:
      hosts:
        web1.example.com:
        web2.example.com:
    databases:
      hosts:
        db1.example.com:

  2. Playbook Structure - Organize tasks logically:

    site.yml           # Main playbook
group_vars/        # Variable files
host_vars/         # Host-specific vars
roles/             # Reusable components
inventory.yml      # Host definitions

  3. Task Development

    • Start with basic tasks
    • Add error handling with failed_when and ignore_errors
    • Use handlers for service restarts
    • Implement idempotency checks

  4. Testing & Deployment

    • Test with --check --diff flags
    • Run on staging environment first
    • Use --limit for targeted deployments

Progress checklist for complex deployments:

  • Inventory configured
  • Variables defined
  • Playbook syntax validated
  • Dry run completed
  • Staged deployment tested
  • Production deployment executed
  • Post-deployment verification
Recommendation
Include a troubleshooting section with common error messages and their solutions (connection failures, permission issues, module not found errors)
Examples

Example 1: Database Server Setup Input: "Set up PostgreSQL with custom config and backup user" Output:

YAML
- name: Setup PostgreSQL
  hosts: database
  become: yes
  vars:
    postgres_version: "14"
    backup_user: "backup_user"
  tasks:
    - name: Install PostgreSQL
      package:
        name: "postgresql-{{ postgres_version }}"
        state: present
    
    - name: Configure PostgreSQL
      template:
        src: postgresql.conf.j2
        dest: /etc/postgresql/{{ postgres_version }}/main/postgresql.conf
      notify: restart postgresql
    
    - name: Create backup user
      postgresql_user:
        name: "{{ backup_user }}"
        password: "{{ backup_password }}"
        role_attr_flags: REPLICATION
      become_user: postgres

Example 2: API-based Cloud Resource Input: "Create AWS S3 bucket with versioning and lifecycle policy" Output:

YAML
- name: Create S3 bucket
  amazon.aws.s3_bucket:
    name: "{{ bucket_name }}"
    state: present
    versioning: yes
    lifecycle:
      - id: delete_old_versions
        status: enabled
        noncurrent_version_expiration_days: 30

Example 3: CLI Tool Automation Input: "Deploy Docker containers across multiple hosts" Output:

YAML
- name: Deploy application containers
  hosts: docker_hosts
  tasks:
    - name: Pull latest image
      docker_image:
        name: "{{ app_image }}"
        tag: "{{ app_version }}"
        source: pull
    
    - name: Run application container
      docker_container:
        name: "{{ app_name }}"
        image: "{{ app_image }}:{{ app_version }}"
        state: started
        restart_policy: unless-stopped
        ports:
          - "8080:8080"
        env:
          DATABASE_URL: "{{ database_url }}"
Recommendation
Provide specific command examples for testing and execution (exact ansible-playbook commands with common flags and expected output)
Best Practices
  • Use roles for reusable components across projects
  • Encrypt secrets with ansible-vault for passwords and API keys
  • Tag tasks for selective execution: ansible-playbook site.yml --tags "config"
  • Variable precedence: host_vars > group_vars > playbook vars > role defaults
  • Idempotency: Always use modules that check current state before making changes
  • Error handling: Use block/rescue/always for complex error scenarios
  • Documentation: Include meta/main.yml with role descriptions and dependencies
Common Pitfalls
  • Don't use shell module when specific modules exist (use package not shell: apt install)
  • Avoid hardcoded values - use variables and templates instead
  • Don't ignore return codes - always check task results for critical operations
  • Skip become: yes on tasks that don't need elevated privileges
  • Don't run without --check on production systems initially
  • Avoid command modules for file operations - use copy, template, file modules instead
0
Grade A-AI Skill Framework
Scorecard
Criteria Breakdown
Quick Start
11/15
Workflow
11/15
Examples
15/20
Completeness
15/20
Format
11/15
Conciseness
11/15
Save to My Skills