Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AnsibleWorkshopMay2019.pdf

Avatar for Andreas Mosti Andreas Mosti
May 14, 2019
Programming
0
250

 AnsibleWorkshopMay2019.pdf

https://dipsas.github.io/AnsibleCourse/

Avatar for Andreas Mosti

Andreas Mosti

May 14, 2019
Tweet

More Decks by Andreas Mosti

See All by Andreas Mosti
Deterministic Builds and where to find them
Avatar for Andreas Mosti andmos
0
29
Correct Maps Are Useless: A guide to mental models
Avatar for Andreas Mosti andmos
0
150
LEGO I Praksis
Avatar for Andreas Mosti andmos
0
54
Supply Chain Attacks: Når den digitale forsyningslinja blir angrepsvektor
Avatar for Andreas Mosti andmos
0
31
IoIT: Internet of Insecure Things
Avatar for Andreas Mosti andmos
0
120
Containers'n stuff
Avatar for Andreas Mosti andmos
0
34
IoT - Bevisstgjøring
Avatar for Andreas Mosti andmos
0
34
GitOps in a nutshell
Avatar for Andreas Mosti andmos
0
180
Supply Chain Attack
Avatar for Andreas Mosti andmos
0
40

Other Decks in Programming

See All in Programming
Porting a visionOS App to Android XR
Avatar for Akio Itaya akkeylab
0
200
PicoRuby on Rails
Avatar for makicamel makicamel
2
120
Kotlin エンジニアへ送る:Swift 案件に参加させられる日に備えて~似てるけど色々違う Swift の仕様 / from Kotlin to Swift
Avatar for Elvis Shi lovee
1
260
ペアプロ × 生成AI 現場での実践と課題について / generative-ai-in-pair-programming
Avatar for コドモン開発チーム codmoninc
1
4.3k
なぜ適用するか、移行して理解するClean Architecture 〜構造を超えて設計を継承する〜 / Why Apply, Migrate and Understand Clean Architecture - Inherit Design Beyond Structure
Avatar for shiro seike seike460
PRO
3
730
AI時代のソフトウェア開発を考える(2025/07版) / Agentic Software Engineering Findy 2025-07 Edition
Avatar for Takuto Wada twada
PRO
37
7.1k
Hypervel - A Coroutine Framework for Laravel Artisans
Avatar for Albert Chen albertcht
1
110
『自分のデータだけ見せたい!』を叶える──Laravel × Casbin で複雑権限をスッキリ解きほぐす 25 分
Avatar for AkitoTsukahara akitotsukahara
2
610
Rubyでやりたい駆動開発 / Ruby driven development
Avatar for chobishiba chobishiba
1
560
エラーって何種類あるの?
Avatar for Takuma Kajikawa kajitack
5
340
A2A プロトコルを試してみる
Avatar for azukiazusa azukiazusa1
2
1.3k
Code as Context 〜 1にコードで 2にリンタ 34がなくて 5にルール? 〜
Avatar for Yoda Keisuke yodakeisuke
0
120

Featured

See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
53
2.8k
Statistics for Hackers
Avatar for Jake VanderPlas jakevdp
799
220k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
270
20k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
173
14k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.5k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
20
1.3k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
46
9.6k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
26k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
110k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.3k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
248
1.3M

Transcript

  1. and infrastructure as code workshop Andreas Mosti

  2. Key takeaways • Infrastructure as Code • Configuration Management •

    What can Ansible solve? • What can it not solve? • Enough knowledge to understand the key principles

  3. Dev/Build Runtime

  4. Dev/Build Runtime

  5. Dev/Build Runtime

  6. Dev/Build Runtime

  7. None

  8. The complexity moves

  9. None
  10. None

  11. Site A Site A Replica Site B Replica Site B

  12. • Application platforms / runtimes • Permissions • Users •

    Firewall rules • Config Files • Updates • Running Services • Upgrades

  13. • Application platforms / runtimes • Permissions • Users •

    Firewall rules • Config Files • Updates • Running Services • Upgrades 20
  14. None

  15. Inconsistent server farms

  16. Platform requirements, «What are we releasing on?»

  17. «We need new environments quickly, in a reproducible fashion»

  18. Automate the infrastructure

  19. Snowflake vs. Phoenix Servers

  20. Infrastructure as code:

  21. Reproducible Environments

  22. Servers in version control

  23. Configuration management

  24. Explicit process

  25. Safety!

  26. Code Review

  27. Baked vs. Fried servers

  28. The usual suspects

  29. None
  30. None

  31. Why Ansible?

  32. None
  33. None

  34. Open Source

  35. SSH WinRM

  36. Most important:

  37. The correct abstraction (for us)

  38. None

  39. Playbooks push Database Appserver Load Balancer

  40. None

  41. Remember: Ansible keeps state

  42. The benefits of Infrastructure as Code: 1) Automation 2) Version

    control 3) Code Review 4) Testing 5) Documentation 6) Reuse

  43. The holy grale: Imutable infrastructure

  44. Warning 1:

  45. None
  46. None
  47. None
  48. None

  49. The files don’t represent reality!

  50. None

  51. Warning 2:

  52. If not run often, the system might regress

  53. Part 1: Inventory and connection

  54. SSH WinRM

  55. WinRM Port 5986 Local / AD admin user w. remoting

    Powershell 3.0 ConfigureRemotingForAnsible.ps1

  56. SSH Port 22 root / dedicated user(s)

  57. None
  58. None

  59. The Inventory

  60. inventory/Example.inventory

  61. inventory/Testlab18.inventory

  62. Exercise 1: Inventory and server connection

  63. Part 2: Playbooks and tasks

  64. Playbooks push Database Appserver Loadbalancer

  65. LoadBalancer.yaml Zookeeper.yaml Solr.yaml Database.yaml ArenaAppServer.yaml

  66. WebServer.yaml

  67. WebServer.yaml

  68. WebServer.yaml

  69. WebServer.yaml

  70. roles/DotNet461/tasks/main.yaml

  71. None
  72. None

  73. Exercise 2: Playbook and simple tasks

  74. Part 3: Roles and variables

  75. WebServer.yaml

  76. To reuse tasks or implement components, we make roles

  77. Example roles: • IIS • DotnetFramework45 • Oracle12C • TeamcityAgent

    • Java • GoogleChrome • SplunkForwarder
  78. None

  79. Buildserver.yaml

  80. roles/Oracle12Driver/tasks/main.yaml

  81. roles/Oracle12Driver/tasks/main.yaml

  82. roles/Oracle12Driver/defaults/main.yaml

  83. Lists and iterators

  84. roles/Zookeeper/tasks/main.yaml roles/Zookeeper/defaults/main.yaml

  85. A word on variable precendence

  86. From least to most important: • role defaults • group_vars/

    • host_vars/ • host facts • play vars • include_vars • set_facts • extra vars

  87. A word on state and idempotency

  88. Always pick modules over shell commands (if possible)

  89. roles/MKDocs/tasks/main.yaml

  90. roles/MKDocs/tasks/main.yaml

  91. Exercise 3: Roles, variables and iterators

  92. Part 4: Handlers, templates, files

  93. None

  94. Files vs Templates

  95. roles/TeamCityAgent/tasks/main.yaml

  96. True configuration management with templating and JINJA2

  97. roles/TeamCityAgent/templates/buildAgent.properties

  98. roles/SplunkForwarder/templates/input.conf.j2

  99. roles/HAProxy/templates/haproxy.conf.j2

  100. roles/Prometheus/templates/alertmanager.yml.j2

  101. roles/Prometheus/defaults/main.yml

  102. roles/TeamCityAgent/tasks/main.yaml

  103. roles/TeamCityAgent/handlers/main.yaml

  104. Exercise 4: Templates, handlers and files

  105. Part 5: Ansible Vault

  106. When working with secrets roles/TeamCityAgent/tasks/main.yaml

  107. roles/TeamCityAgent/defaults/main.yaml

  108. None

  109. roles/TeamCityAgent/defaults/main.yaml

  110. None

  111. roles/TeamCityAgent/defaults/main.yaml

  112. Exercise 5: Vault and encryptet secrets