Ansible for FreeBSD - use cases?

Ruben mail at osfux.nl
Sat Oct 5 20:43:34 UTC 2019 

Hi,

I've been using ansible in production for both Linux and FreeBSD for a 
couple of years now. There are about 150 Linux servers and 50 FreeBSD 
our team manages.

Our main usecases for using ansible specifically on/for FreeBSD targets:

- user management

The user modules are running fine on FreeBSD.

- pf management

The blockinfile module together with jinja2 functionality really kicks ass.

- setting up GELI/ZFS/NFS

We use several modules to orchestrate zfs fileservers: blockinfile, 
raw/shell , service,  etc

- maintaining haproxy installations

blockinfile (with jinja2) / service modules


Using ansible to orchestrate FreeBSD servers just works. We can use 
native modules for most of our payloads, using the shell/raw modules for 
other stuff; there really is nothing we cannot do.

The only stuff that - in my experience - is cumbersome to orchestrate 
with Ansible:

- portstree  compiles (for which we (try) to use portmaster with the Q 
branches of the portstree)
- freebsd-update (crossing . releases, so using the "upgrade" switch)

I, for one, cannot wait to see the functionality provided by the 
freebsd-update tool lifted to pkgng. From an Ansible point of view this 
would decomplicate stuff quite a lot.

Ansible integrates quite nicely with Jinja2, which allows us to 
configure/adminstrate all applications we run on FreeBSD servers.

I think using a framework to administer stuff that is used by many other 
sysadmins makes more sense than writing one's own framework. I don't 
know of any other orchestration framework out there that is OS and only 
needs ssh/python in order to function, thats why I use Ansible.

Regards,

Ruben

On 10/5/19 4:15 PM, Victor Sudakov wrote:
> Dear Colleagues,
> 
> Is anyone using ansible on FreeBSD for anything useful in production?
> 
> I understand the power of ansible is in its modules. If there is no
> module for your task, you are in a fix.
> 
> I've experimented with the pkgng module, it does install packages :-)
> Most modules are meant for Linux however.
> 
> What FreeBSD tasks do you automate with ansible, and with what modules?
> 
> I use net/rdist6 to update some configs on remote hosts, so I don't
> think I'll benefit much from file copying modules of ansible.
>

More information about the freebsd-questions mailing list