Aman Kothiyal

Ansible Auto-Healing NGINX Deployment (DevOps Automation Project) 1. Project Overview This project demonstrates a complete automation pipeline using Ansible to deploy, validate, and self-heal an NGINX web server environment on AWS EC2 instances. The system ensures configuration is deployed automatically, with auto-rollback on failure, email notifications for outcomes, and continuous validation using GitHub Actions CI. 2. Tools & Technologies Used - Ansible: Configuration management and automation. - AWS EC2: Cloud infrastructure for hosting nodes. - AWS SES: Email notification service for alerts. - Ansible Vault: Encryption for sensitive credentials. - YAML & Jinja2: Declarative syntax and templating. - GitHub Actions: CI/CD automation. - Ubuntu Linux: OS for controller and managed nodes. 3. Architecture Overview GitHub Actions CI/CD | v Ansible Controller (Dynamic Inventory + Roles) | v AWS EC2 Instances (Tag: App=nginx) 4. Key Concepts Explained Dynamic Inventory (aws_ec2 plugin): - Automatically discovers AWS EC2 instances tagged with App=nginx. Roles and Tasks: - Modular structure for reusable configuration (tasks, handlers, templates). Configuration Validation and Rollback: - Uses block/rescue for self-healing logic: Backup config -> Apply new -> Restart nginx -> Rollback on failure. Ansible Vault: - Encrypts SMTP credentials for SES with 'ansible-vault encrypt'. Jinja2 Templates: - Renders dynamic nginx.conf templates with variables. Email Notification via AWS SES: - Sends success/failure emails via SMTP. GitHub Actions CI/CD: - Linting and syntax validation for automation quality. 5. Core Playbook Example (deploy.yml) - hosts: all become: yes vars_files: - ses_credentials.yml roles: - nginx tasks: - name: Deploy and validate NGINX block: - name: Backup existing configuration copy: src: /etc/nginx/nginx.conf dest: /etc/nginx/nginx.conf.bak remote_src: yes backup: yes - name: Apply new configuration template: src: templates/nginx.conf.j2 dest: /etc/nginx/nginx.conf - name: Restart nginx service: name: nginx state: restarted - name: Send success email mail: host: "{{ smtp_host }}" port: "{{ smtp_port }}" username: "{{ smtp_username }}" password: "{{ smtp_password }}" to: "{{ receiver_email }}" from: "{{ sender_email }}" subject: "NGINX Deployment Successful" body: "Deployment completed successfully." rescue: - name: Restore backup configuration copy: src: /etc/nginx/nginx.conf.bak dest: /etc/nginx/nginx.conf remote_src: yes - name: Restart nginx after rollback service: name: nginx state: restarted - name: Send failure email mail: host: "{{ smtp_host }}" port: "{{ smtp_port }}" username: "{{ smtp_username }}" password: "{{ smtp_password }}" to: "{{ receiver_email }}" from: "{{ sender_email }}" subject: "NGINX Deployment Failed" body: "Rollback applied successfully after failure." 6. GitHub Actions Workflow (ansible-ci.yml) name: Ansible CI Syntax Check on: push: branches: [main] pull_request: jobs: lint: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install Ansible and Lint run: | pip install ansible ansible-lint - name: Run Lint run: ansible-lint . - name: Syntax Check run: ansible-playbook deploy.yml --syntax-check 7. Key Learnings & Interview Concepts - Idempotency: Ensures safe re-runs without redundant changes. - Fault Tolerance: Rollback mechanism ensures uptime. - IaC: Declarative and version-controlled infrastructure. - CI/CD: Automated quality checks via GitHub Actions. - Security: Secrets encrypted via Vault. - Observability: Email alerts improve visibility. Interview Focus Areas: - Explain block/rescue mechanism and idempotency. - Discuss Ansible Vault and Dynamic Inventory benefits. 8. Resume Summary Developed an Ansible-based auto-healing NGINX deployment pipeline for AWS EC2. Implemented rollback, validation, and SES notifications with secure Vault integration. Added GitHub Actions CI pipeline for linting and syntax validation. 9. Future Enhancements - Integrate Terraform for AWS provisioning. - Build Jenkins CI/CD pipelines for automation orchestration. - Containerize workloads using Docker. - Manage deployments using Kubernetes and Helm. - Implement monitoring using Prometheus and Grafana.