Ansible push with IoT

Published on November 1, 21

Synpse is an end-to-end platform to manage your device fleet that can grow to hundreds of thousands of devices, perform OTA software updates, collect metrics, logs, deploy your containerized applications and facilitate tunnel-based SSH access to any of your device. You can find a Quick Start here .


There are few leading infrastructure lifecycle management tools. Ansible is for sure one favorites in this area. It is being used to manage network devices, servers, edge devices, and more.

When it comes to IoT device management, most common pattern is ansible pull model. You can find more about it in the Ansible documentation. But it has few limitations:

  1. Flexibility how to access devices. Lack of direct access makes it hard to understand current state.
  2. Once device is configured, it is hard to change the configuration related to ansible itself.
  3. If a bad change was delivered, it might be a while until next pull period runs.
  4. Without lack of direct access it is hard to debug snowflakes.
  5. Pull model is challenging in the environment where devices changes location and network connectivity. In example IoT in the transportation industry.

Push-Pull
Push-Pull

Technologies used

  1. Synpse Cloud for hosting and running applications
  2. Ansible for configuration management

Ansible with Synpse

Synpse supports native SSH access. More on this can be found in Synpse documentation. This means you can SSH to edge devices, even if they are behind CGNAT or without external IP address. In addition Synpse CLI can produce Ansible compatible inventory list!

Lets see this in practice. In our lab we have multiple devices registered to Synpse.

Configure Synpse CLI with SSH keys:

1
synpse ssh-keys configure

Create a dynamic inventory wrapper script synpse_inventory.sh:

1
2
3
4
#!/bin/bash

#  Add filtering if you want to target certain devices
synpse devices list -o ansible # -f status=online

Use this script with the ansible command:

ansible -i synpse_inventory.sh all -m ping
beagleboardai | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
} 
rpi4 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.8"
    },
    "changed": false,
    "ping": "pong"
}
rpi3 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3.8"
    },
    "changed": false,
    "ping": "pong"
}

Success
Success

Wrapping up

Ansible is one of the most common tools to manage servers and other devices. And there is no reason you should not be able to use all benefits of in in your IoT deployments.

With Synpse native SSH support this is now possible.

If you have any questions or suggestions, feel free to start a new discussion in our forum or drop us a line on Discord