Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AnsibleWorkshopMay2019.pdf
Search
Andreas Mosti
May 14, 2019
Programming
0
250
AnsibleWorkshopMay2019.pdf
https://dipsas.github.io/AnsibleCourse/
Andreas Mosti
May 14, 2019
Tweet
Share
More Decks by Andreas Mosti
See All by Andreas Mosti
Deterministic Builds and where to find them
andmos
0
29
Correct Maps Are Useless: A guide to mental models
andmos
0
150
LEGO I Praksis
andmos
0
54
Supply Chain Attacks: Når den digitale forsyningslinja blir angrepsvektor
andmos
0
31
IoIT: Internet of Insecure Things
andmos
0
120
Containers'n stuff
andmos
0
34
IoT - Bevisstgjøring
andmos
0
34
GitOps in a nutshell
andmos
0
180
Supply Chain Attack
andmos
0
40
Other Decks in Programming
See All in Programming
Porting a visionOS App to Android XR
akkeylab
0
200
PicoRuby on Rails
makicamel
2
120
Kotlin エンジニアへ送る:Swift 案件に参加させられる日に備えて~似てるけど色々違う Swift の仕様 / from Kotlin to Swift
lovee
1
260
ペアプロ × 生成AI 現場での実践と課題について / generative-ai-in-pair-programming
codmoninc
1
4.3k
なぜ適用するか、移行して理解するClean Architecture 〜構造を超えて設計を継承する〜 / Why Apply, Migrate and Understand Clean Architecture - Inherit Design Beyond Structure
seike460
PRO
3
730
AI時代のソフトウェア開発を考える(2025/07版) / Agentic Software Engineering Findy 2025-07 Edition
twada
PRO
37
7.1k
Hypervel - A Coroutine Framework for Laravel Artisans
albertcht
1
110
『自分のデータだけ見せたい!』を叶える──Laravel × Casbin で複雑権限をスッキリ解きほぐす 25 分
akitotsukahara
2
610
Rubyでやりたい駆動開発 / Ruby driven development
chobishiba
1
560
エラーって何種類あるの?
kajitack
5
340
A2A プロトコルを試してみる
azukiazusa1
2
1.3k
Code as Context 〜 1にコードで 2にリンタ 34がなくて 5にルール? 〜
yodakeisuke
0
120
Featured
See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.8k
Statistics for Hackers
jakevdp
799
220k
Stop Working from a Prison Cell
hatefulcrawdad
270
20k
YesSQL, Process and Tooling at Scale
rocio
173
14k
The Cost Of JavaScript in 2023
addyosmani
51
8.5k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
20
1.3k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
46
9.6k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
What's in a price? How to price your products and services
michaelherold
246
12k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.3k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
Transcript
and infrastructure as code workshop Andreas Mosti
Key takeaways • Infrastructure as Code • Configuration Management •
What can Ansible solve? • What can it not solve? • Enough knowledge to understand the key principles
Dev/Build Runtime
Dev/Build Runtime
Dev/Build Runtime
Dev/Build Runtime
None
The complexity moves
None
None
Site A Site A Replica Site B Replica Site B
• Application platforms / runtimes • Permissions • Users •
Firewall rules • Config Files • Updates • Running Services • Upgrades
• Application platforms / runtimes • Permissions • Users •
Firewall rules • Config Files • Updates • Running Services • Upgrades 20
None
Inconsistent server farms
Platform requirements, «What are we releasing on?»
«We need new environments quickly, in a reproducible fashion»
Automate the infrastructure
Snowflake vs. Phoenix Servers
Infrastructure as code:
Reproducible Environments
Servers in version control
Configuration management
Explicit process
Safety!
Code Review
Baked vs. Fried servers
The usual suspects
None
None
Why Ansible?
None
None
Open Source
SSH WinRM
Most important:
The correct abstraction (for us)
None
Playbooks push Database Appserver Load Balancer
None
Remember: Ansible keeps state
The benefits of Infrastructure as Code: 1) Automation 2) Version
control 3) Code Review 4) Testing 5) Documentation 6) Reuse
The holy grale: Imutable infrastructure
Warning 1:
None
None
None
None
The files don’t represent reality!
None
Warning 2:
If not run often, the system might regress
Part 1: Inventory and connection
SSH WinRM
WinRM Port 5986 Local / AD admin user w. remoting
Powershell 3.0 ConfigureRemotingForAnsible.ps1
SSH Port 22 root / dedicated user(s)
None
None
The Inventory
inventory/Example.inventory
inventory/Testlab18.inventory
Exercise 1: Inventory and server connection
Part 2: Playbooks and tasks
Playbooks push Database Appserver Loadbalancer
LoadBalancer.yaml Zookeeper.yaml Solr.yaml Database.yaml ArenaAppServer.yaml
WebServer.yaml
WebServer.yaml
WebServer.yaml
WebServer.yaml
roles/DotNet461/tasks/main.yaml
None
None
Exercise 2: Playbook and simple tasks
Part 3: Roles and variables
WebServer.yaml
To reuse tasks or implement components, we make roles
Example roles: • IIS • DotnetFramework45 • Oracle12C • TeamcityAgent
• Java • GoogleChrome • SplunkForwarder
None
Buildserver.yaml
roles/Oracle12Driver/tasks/main.yaml
roles/Oracle12Driver/tasks/main.yaml
roles/Oracle12Driver/defaults/main.yaml
Lists and iterators
roles/Zookeeper/tasks/main.yaml roles/Zookeeper/defaults/main.yaml
A word on variable precendence
From least to most important: • role defaults • group_vars/
• host_vars/ • host facts • play vars • include_vars • set_facts • extra vars
A word on state and idempotency
Always pick modules over shell commands (if possible)
roles/MKDocs/tasks/main.yaml
roles/MKDocs/tasks/main.yaml
Exercise 3: Roles, variables and iterators
Part 4: Handlers, templates, files
None
Files vs Templates
roles/TeamCityAgent/tasks/main.yaml
True configuration management with templating and JINJA2
roles/TeamCityAgent/templates/buildAgent.properties
roles/SplunkForwarder/templates/input.conf.j2
roles/HAProxy/templates/haproxy.conf.j2
roles/Prometheus/templates/alertmanager.yml.j2
roles/Prometheus/defaults/main.yml
roles/TeamCityAgent/tasks/main.yaml
roles/TeamCityAgent/handlers/main.yaml
Exercise 4: Templates, handlers and files
Part 5: Ansible Vault
When working with secrets roles/TeamCityAgent/tasks/main.yaml
roles/TeamCityAgent/defaults/main.yaml
None
roles/TeamCityAgent/defaults/main.yaml
None
roles/TeamCityAgent/defaults/main.yaml
Exercise 5: Vault and encryptet secrets