Modern DevOps isn’t just about deploying applications—it’s about doing it consistently, repeatably, and at scale. One of the best ways to achieve this is by separating infrastructure provisioning from configuration management.
In this project, I built a production-style deployment pipeline using Terraform and Ansible, following the same patterns used in real-world DevOps environments.
🏗️ Architecture Overview
The solution is designed with a clean separation of responsibilities:
Terraform → Provisions Azure infrastructure
Ansible → Configures the server and deploys the application
Azure Linux VM → Hosts an Nginx web server serving a static site
This modular approach keeps the system organized, scalable, and easy to maintain.
☁️ Infrastructure Provisioning with Terraform
Terraform was used to define and deploy all required Azure resources as code. This ensures that the entire environment is version-controlled and reproducible.
🔧 Resources Provisioned
Resource Group
Virtual Network and Subnet
Network Security Group (allowing SSH on port 22 and HTTP on port 80)
Public IP Address
Network Interface
Ubuntu Linux Virtual Machine (B1s size)
SSH key-based authentication
By codifying infrastructure, deployments become predictable and easy to replicate across environments.
⚙️ Configuration & Deployment with Ansible
Once the infrastructure is ready, Ansible takes over to configure the server and deploy the application.
The automation is structured using two key files: inventory.ini and site.yml.
📄 Understanding inventory.ini — Target Host Definition
The inventory.ini file tells Ansible which servers to manage and how to connect to them.
Key Responsibilities:
Defines the target group [web]
Specifies the Azure VM’s public IP
Configures SSH access:
ansible_user (VM username)
ansible_ssh_private_key_file (path to private key)
👉 This eliminates the need for manual SSH setup and enables secure, automated access.
📄 Understanding site.yml — The Main Playbook
The site.yml file is the heart of the automation. It is structured into three distinct plays, each handling a specific stage of the deployment.
🧩 Play 1: Server Setup
This stage prepares the VM to act as a web server:
Updates the package cache
Installs Nginx and Git
Ensures Nginx is running and enabled
👉 At the end of this stage, the VM is fully ready to host applications.
📦 Play 2: Application Deployment
This stage handles the actual deployment of the Mini Finance application:
Clones the project from GitHub using the git module
Copies application files into /var/www/html
Sets proper ownership and permissions
Uses handlers to reload Nginx only when changes occur
👉 This ensures an idempotent deployment, meaning it can be safely re-run without unintended side effects.
🔍 Play 3: Deployment Verification
After deployment, validation is critical.
Runs locally on localhost
Uses the uri module to send HTTP requests
Confirms the application returns a 200 OK response
👉 This provides immediate feedback that the deployment was successful.
📄 Key Design Principles in the Playbook
Several best practices were applied in the Ansible design:
Handlers → Trigger service reloads only when necessary
Variables → Improve flexibility and reusability
Multi-play structure → Separates concerns (setup, deploy, verify)
Idempotency → Ensures consistent results across multiple runs
These patterns are essential for building reliable automation pipelines.
🔐 Access & Testing
Once deployment is complete:
SSH access is verified using key-based authentication
The application is accessible via browser:
http://
✅ Final Outcome
By the end of the process:
✔ Azure infrastructure is fully provisioned using Terraform
✔ Network security rules allow secure access (SSH & HTTP)
✔ Ubuntu VM is deployed and reachable
✔ Ansible inventory is configured for remote management
✔ Nginx is installed and running
✔ Application is deployed automatically from GitHub
✔ HTTP verification confirms successful deployment (200 OK)
💡 Key Takeaway
This project highlights a fundamental DevOps principle:
Terraform provisions infrastructure. Ansible configures and deploys applications.
By separating concerns across main.tf, inventory.ini, and site.yml, you create a workflow that is:
Scalable 📈
Maintainable 🧩
Production-ready 🚀
💡 Key Takeaway
This project reinforces a core DevOps principle:
Terraform provisions infrastructure. Ansible configures and deploys applications.
🧠 Final Thoughts
If you're building your DevOps skillset, mastering this pattern is a major step forward. It mirrors how real teams deploy applications in the cloud—cleanly separating infrastructure from application logic while maintaining full automation.
Repo:
https://lnkd.in/dZy25Cmr
Till next time, always stay positive 👍
Shout out to Pravin Mishra, Lead Co-Mentor: Praveen Pandey
🤝Co-Mentors: Egwu Oko, Tanisha Borana, Ranbir Kaur
P.S. This post is part of the DevOps Micro Internship (DMI) Cohort-2 by Pravin Mishra. You can start your DevOps journey by joining this
Discord community ( https://lnkd.in/e4wTfknn ).
Top comments (0)