AI-Powered Ansible Playbooks: Exploring IT Automation of Tomorrow

Let's delve into the thrilling world of AI and its impact on crafting top-notch, secure, and dependable production-ready Ansible Playbooks. In this blog post, we shed light on the pivotal role played by tools like Ansible Lint and Steampunk Spotter while harnessing the power of AI tools like ChatGPT.

Note: I am part of the Steampunk Spotter team, sharing knowledge and experience on IT automation topics.

The Potential of AI in Production-ready Infrastructure as Code

As the demand for expedited and highly efficient content generation continues to surge with the emergence of AI tools like ChatGPT, GitHub Copilot, Amazon CodeWhisperer, and Ansible Lightspeed, one pressing question remains: Can AI indeed produce Infrastructure as Code that is robust and ready for production? Particularly when it comes to Ansible Playbooks.

Among the renowned AI tools, we emphasize the widely recognized ChatGPT’s track record in delivering favorable outcomes for Ansible and similar undertakings. Our ultimate objective is to ensure that our playbooks exemplify excellence, showcasing quality, reliability, security, and trustworthiness. We'll leverage additional tools such as Ansible Lint and Steampunk Spotter to validate our examples.

Crafting exemplary Ansible Playbooks with ChatGPT and Steampunk Spotter

Let's forge ahead to develop a cutting-edge Ansible playbook for setting up an application. We aim to deploy a "hello world" web page within an nginx Docker container. By specifying our requirements to ChatGPT, we obtain a tailor-made playbook that caters to our specific needs:

 ---  

- name: Deploy web page using Ansible and Docker  
  hosts: localhost  
  gather_facts: false  
  become: false  

  tasks:  
    - name: Create temporary directory  
      tempfile:  
        state: directory  
        prefix: web_deploy_  
        dir: /tmp  
      register: temp_dir  

    - name: Copy index.html file  
      copy:  
        content: |  
          <html>  
          <head>  
            <title>Hello World!</title>  
          </head>  
          <body>  
            <h1>Hello world! I was deployed using Ansible.</h1>  
          </body>  
          </html>  
        dest: "{{ temp_dir.path }}/index.html"    

    - name: Create Docker container for web page  
      docker_container:  
        name: my-web-page  
        image: nginx  
        state: started  
        ports:  
          - "80:80"  
        volumes:  
          - "{{ temp_dir.path }}:/usr/share/nginx/html"   

    - name: Wait for Nginx to start  
      uri:  
        url: "http://localhost/"  
        return_content: yes  
      register: response  
      until: response.status == 200  
      retries: 10  
      delay: 2    

    - name: Display website URL  
      debug:  
        msg: "Web page deployed successfully! Access it at http://localhost/" 

Within this playbook, we receive detailed instructions outlining the various steps involved in the deployment process. However, we encounter a small hiccup. The dir parameter needs to be supported for the tempfile module. Seeking clarification from ChatGPT, it confidently advises us on the parameter's validity.

We enlist Spotter's support. In short, it is an Ansible Playbooks scanning tool; you can think of it as an amped-up Ansible Lint. We scan the playbook and realize that the parameter is indeed unsupported. Thanks to Spotter's advanced capabilities, we scan parameter values using the full scan profile mode, which encompasses all checks the tool offers.

We find various issues ranging from fully qualified collection names (FQCNs) to invalid and deprecated parameters, default parameter value changes, and best practices, including the recommendation to specify the copy module’s mode and remove the debug module.

Refining the Playbook with Spotter and ChatGPT

Spotter also provides automated fixes. Using the spotter scan-- rewrite command, we can effortlessly correct FQCN errors within our playbook. It even goes the extra mile by generating a requirements.yml file. This guarantees compatibility between the Ansible collection's version and the specific Ansible installation on our system.

For any remaining issues that necessitate a personal touch, we turn to ChatGPT for guidance. By establishing a continuous feedback loop, we steadily achieve improved results. By incorporating Spotter's output into ChatGPT, we iteratively enhance the playbook, effectively addressing any remaining errors and carving out a playbook we can be proud of.

Leveraging Ansible Lint to Perfect the Playbook

We subject the refined playbook to an Ansible Lint scan to ensure an unparalleled quality standard. We reformat the file with the --write command according to the recommended guidelines. Ansible Lint reveals its indispensability by addressing issues with setting file permissions and promptly adding the necessary quotes where needed.

Through multiple iterations involving ChatGPT, Spotter, and Lint, our playbook reaches its final stage of refinement.

The finished playbook:

---   

- name: Deploy web page using Ansible and Docker  
  hosts: localhost  
  gather_facts: false  
  become: false    

  tasks:  
    - name: Create temporary directory  
      ansible.builtin.tempfile:  
        state: directory  
        prefix: web_deploy_  
      register: temp_dir    

    - name: Set permissions for temporary directory  
      ansible.builtin.file:  
        path: "{{ temp_dir.path }}"  
        mode: '0755'  

    - name: Copy index.html file  
      ansible.builtin.copy:  
        content: |  
          <html>  
          <head>  
            <title>Hello World!</title>  
          </head>  
          <body>  
            <h1>Hello world! I was deployed using Ansible.</h1>  
          </body>  
          </html>  
        dest: "{{ temp_dir.path }}/index.html"  
        mode: '0644'  

    - name: Create Docker container for web page  
      community.docker.docker_container:  
        name: my-web-page  
        image: nginx  
        state: started  
        published_ports: 80:80  
        volumes:  
          - "{{ temp_dir.path }}:/usr/share/nginx/html"    

    - name: Wait for Nginx to start  
      ansible.builtin.uri:  
        url: http://localhost/  
        return_content: true  
        force: false  
        use_proxy: true  
        validate_certs: true  
        force_basic_auth: false  
      register: response  
      until: response.status == 200  
      retries: 10  
      delay: 2

The Vast Potential of AI Tools and the Imperative of Validation

While current AI tools may still require further advancements to create production-ready Ansible Playbooks, there is an undeniable need to develop specialized tools with focused intelligence. These generative AI tools and AI assistants hold immense promise in delivering tailored results with pinpoint accuracy, specifically tailored for various domains and purposes, including mastering Ansible or creating complex playbooks. Further expanding the capabilities of general-purpose AI solutions like ChatGPT by incorporating customization for specific queries can unlock an array of exciting possibilities.

Tools like Ansible Lint and Steampunk Spotter are pivotal in delivering the highest caliber Ansible content. These indispensable tools meticulously identify issues and potential vulnerabilities within playbooks, while the playbooks and rules used for auto-remediation can serve as invaluable training examples for AI models.

As we continue to explore the vast potential of AI in Ansible automation, one thing becomes abundantly clear – a collaborative effort that combines human professionals' expertise with AI's powerful capabilities is undeniably the path toward the future.

If you are interested in this topic and would like to explore it in more detail, you can check out this free webinar on AI powered Ansible Playbooks that walks you through the steps listed in this blog in depth.