Infrastructure Automation

Infrastructure automation uses code to provision, configure, and manage servers instead of manual processes. The two main categories are provisioning tools (Terraform, Pulumi — create and destroy infrastructure) and configuration management tools (Ansible, Puppet — configure existing servers). Production teams use both: Terraform creates the VM, Ansible configures it. This separation of concerns keeps each tool focused on what it does best.

Infrastructure as Code concepts

Infrastructure automation layers:

  Provisioning (Terraform):
    Creates: VMs, networks, load balancers, DNS records
    Manages: Cloud resources, on-prem VMs via APIs
    State:   Terraform state file tracks what it created
    Command: terraform apply

  Configuration Management (Ansible):
    Installs: packages, users, firewall rules, services
    Configures: application settings, certificates, monitoring
    Idempotent: safe to run repeatedly to fix drift
    Command: ansible-playbook

  Together:
    Terraform create VM → Output: IP address
    Ansible configure VM → Input: IP address from Terraform output

Terraform basics on Ubuntu

# Install Terraform:
wget -O - https://apt.releases.hashicorp.com/gpg |   sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]   https://apt.releases.hashicorp.com $(lsb_release -cs) main" |   sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y terraform
terraform version

nano main.tf

main.tf — provision a local VM with Terraform (libvirt example)

terraform {
  required_providers {
    local = { source = "hashicorp/local" }
  }
}

# Simple example: create a local file (tests Terraform workflow)
resource "local_file" "server_config" {
  filename = "/tmp/server-config.txt"
  content  = "server_name=web-01
env=production
"
}

output "config_path" {
  value = local_file.server_config.filename
}

# Terraform workflow:
terraform init      # Download providers
terraform plan      # Preview changes (dry run)
terraform apply     # Apply changes
terraform destroy   # Remove everything created

Ansible at scale

# Dynamic inventory — discover hosts from cloud APIs instead of static files:
# AWS EC2 dynamic inventory:
pip3 install boto3
ansible-galaxy collection install amazon.aws

# ansible.cfg:
# [inventory]
# enable_plugins = amazon.aws.aws_ec2

# aws_ec2.yml inventory source:
# plugin: amazon.aws.aws_ec2
# regions: [us-east-1]
# filters:
#   tag:Environment: production

# List discovered hosts:
ansible-inventory -i aws_ec2.yml --list

# Run playbook against dynamically discovered EC2 instances:
ansible-playbook -i aws_ec2.yml site.yml

Automation patterns

Proven automation patterns:

  Immutable infrastructure:
    Never modify running servers — replace them
    Build new server image → deploy → destroy old
    Tools: Packer (image builder) + Terraform (deploy)

  GitOps:
    All infrastructure config in git
    Changes go through pull request review
    Automated pipeline applies changes on merge
    Tools: Git + CI/CD pipeline + Ansible/Terraform

  Bootstrap pattern:
    New server runs a bootstrap script on first boot
    Script installs Ansible, checks out config from git, runs playbook
    Server self-configures without manual SSH
    Tools: cloud-init, user-data scripts

# cloud-init example — auto-configure a new Ubuntu VM:
# In /etc/cloud/cloud.cfg.d/99-bootstrap.cfg or user-data:
# #cloud-config
# package_update: true
# packages:
#   - ansible
# runcmd:
#   - "git clone https://git.example.com/infra-config.git /opt/config"
#   - "ansible-playbook /opt/config/site.yml"

Conclusion

The most valuable infrastructure automation investment for a team of 1-5 sysadmins is a simple Ansible playbook repository in git that configures your standard server setup: security hardening, monitoring agent, backup client, firewall rules, and logging. With this in place, new servers are bootstrapped consistently in minutes. Add Terraform when you need to manage cloud resources or need to provision and destroy environments on demand.

FAQ

Is Infrastructure Automation important for Ubuntu administrators?+

Yes. It supports practical Ubuntu administration because it connects directly to server reliability, security, troubleshooting, or daily operations.

Should I practice this on a live server?+

Use a lab VM first. After you understand the command output and rollback path, apply the workflow carefully on real systems.

What should I do after reading this article?+

Run the practice commands, write down what each one shows, and continue to the next article in the Ubuntu roadmap.

Need help with Ubuntu administration?

Work directly with Muhammad Irfan Aslam for Ubuntu Server, Linux, cloud, Docker, DevOps, CI/CD, or infrastructure troubleshooting support.

Hire Me for Support