RPM Packaging for Ansible Automation Configuration Management in Linux

Abstract

Ansible automation is not a new configuration management method but is a widely used and accepted DevOps tool to manage Linux as well as non-Linux servers across the networks. It not only helps to manage systems from the control host but also enables remote administration tasks such as package management, system evaluation, security scans, user management as well as service configuration implementations. This paper utilises the same concept for systems management and enables the configuration files as well as ansible yaml files packages and shipped through fully secured and signed rpm package which guarantees that neither the rpm package is tampered nor the shipped ansible yaml playbooks are modified. The rpm package can be built on Red Hat Enterprise Linux and can also be signed to make sure that the package doesn't get any replaced files in between the time it is shipped by the vendor till it reaches the end user/customer. This paper will also talk about the rpm building best practices including spec files, public-private key pairs, rpm macros as well as yum metadata to host the package over the internet. The deployed package will make sure that it adheres to the complete lifecycle of the rpm package management, appropriate dependencies and suitable changelog as per the Open Source and Red Hat Package Management standards. Key Words: rpm, ansible, private-public keypair, rpm-macros- spec file, security.