Mateusz Suski
e5da6cfdad
- Implement 4-role architecture (base_provision, patching, hardening, decommission) - Extract hardcoded values to role defaults and group_vars - Add Ansible Vault integration for secrets management - Implement proper handlers for service restarts instead of direct tasks - Add Molecule testing framework with Docker driver - Configure ansible-lint with production profile settings Fix all 125+ ansible-lint violations: - Add FQCN (Fully Qualified Collection Names) to all modules - Replace yes/no with true/false for boolean values - Add explicit mode parameters to file/template operations - Remove duplicate post_tasks blocks from playbooks - Add newlines at end of all YAML files - Fix key ordering in tasks (name, when, block) - Convert service restarts to handlers with notify - Remove ignore_errors in favor of failed_when/changed_when - Fix line length violations and empty lines - Add noqa comments for unavoidable risky-file-permissions Update documentation: - Add REFACTORING.md with implementation details - Add VAULT_GUIDE.md for secrets management - Add per-role README.md files - Update existing documentation All playbooks now pass ansible-lint production profile with 0 violations.
Enterprise Infrastructure Simulator
Problem Statement
Infrastructure teams need a safe place to rehearse lifecycle operations before applying them to production fleets. Patch windows, hardening changes, scale events, and node failures all carry operational risk when they are tested only during real incidents.
Solution Overview
This project models common Linux infrastructure operations with Ansible playbooks and shell-based simulations. It keeps the automation readable and auditable while producing example evidence that resembles a real change record.
Architecture Overview
Operator -> Make/CLI -> Ansible Inventory -> Playbooks -> Linux Nodes
| |
v v
Scenarios Reports/Logs
Core components:
inventory/hosts.inidefines managed node groups.playbooks/contains provisioning, patching, hardening, and decommissioning workflows.scripts/injects scaling and failure conditions.scenarios/documents operational exercises.examples/stores representative outputs for review.
How to Run
cd enterprise-infra-simulator
# Validate playbook syntax.
make test
# Provision the simulated estate.
make run
# Apply security patches.
make patch
# Apply host hardening.
make harden
# Run the failure and patch demo.
make demo
Direct Ansible commands are also supported:
ansible-playbook -i inventory/hosts.ini playbooks/provision.yml
ansible-playbook -i inventory/hosts.ini playbooks/patch.yml
ansible-playbook -i inventory/hosts.ini playbooks/hardening.yml
Example Output
PLAY RECAP *********************************************************************
web01 : ok=21 changed=7 unreachable=0 failed=0 skipped=3 rescued=0 ignored=1
db01 : ok=18 changed=4 unreachable=0 failed=0 skipped=5 rescued=0 ignored=1
lb01 : ok=16 changed=3 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0
Patch status: SUCCESS
Updates applied: 12
Reboot required: false
Additional sample evidence is available in examples/patch-output.txt and examples/failure-simulation.txt.
Real-World Use Case
A platform team can use this project to demonstrate how routine operating procedures are encoded, reviewed, and tested before production change windows. The same patterns apply to regulated Linux estates where patch evidence, hardening controls, and incident drills must be repeatable.