Context
LCH (London Clearing House) required a robust, auditable patch management solution across their mixed infrastructure estate. I designed and implemented an Ansible-based automation framework to standardize and accelerate patching operations.
Responsibilities
- Designed Ansible playbooks and roles for patching Linux operating systems (RHEL, CentOS)
- Automated patch management for databases: MySQL, Oracle
- Extended automation to network devices: Cisco routers and switches
- Implemented automated patching for web application servers (Tomcat)
- Built inventory management and dynamic grouping for targeting specific environments
- Created audit-ready reports of patch status and compliance across all systems
- Integrated Ansible workflows with change management processes (maintenance windows, rollback)
Key Achievements
- Reduced average patching cycle from 2 weeks (manual) to 2 hours (automated)
- Achieved 98% patch compliance rate across all managed systems
- Eliminated human errors associated with manual patching through idempotent playbooks
Technical environment: Ansible Automation Platform, Linux (RHEL/CentOS), MySQL, Oracle, Cisco IOS, Tomcat, Python