Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AnsibleWorkshopMay2019.pdf

Avatar for Andreas Mosti Andreas Mosti
May 14, 2019
Programming
0
250

 AnsibleWorkshopMay2019.pdf

https://dipsas.github.io/AnsibleCourse/

Avatar for Andreas Mosti

Andreas Mosti

May 14, 2019
Tweet

More Decks by Andreas Mosti

See All by Andreas Mosti
Deterministic Builds and where to find them
Avatar for Andreas Mosti andmos
0
36
Correct Maps Are Useless: A guide to mental models
Avatar for Andreas Mosti andmos
0
160
LEGO I Praksis
Avatar for Andreas Mosti andmos
0
59
Supply Chain Attacks: Når den digitale forsyningslinja blir angrepsvektor
Avatar for Andreas Mosti andmos
0
31
IoIT: Internet of Insecure Things
Avatar for Andreas Mosti andmos
0
120
Containers'n stuff
Avatar for Andreas Mosti andmos
0
36
IoT - Bevisstgjøring
Avatar for Andreas Mosti andmos
0
39
GitOps in a nutshell
Avatar for Andreas Mosti andmos
0
190
Supply Chain Attack
Avatar for Andreas Mosti andmos
0
47

Other Decks in Programming

See All in Programming
JSONataを使ってみよう Step Functionsが楽しくなる実践テクニック #devio2025
Avatar for dafujii dafujii
0
260
時間軸から考えるTerraformを使う理由と留意点
Avatar for Ryoma Fujiwara fufuhu
12
4k
Claude Codeで挑むOSSコントリビュート
Avatar for kmuto eycjur
0
190
TanStack DB ~状態管理の新しい考え方~
Avatar for じょうげん bmthd
2
440
Laravel Boost 超入門
Avatar for Arlo fire_arlo
2
180
2025 年のコーディングエージェントの現在地とエンジニアの仕事の変化について
Avatar for azukiazusa azukiazusa1
16
7.3k
Design Foundational Data Engineering Observability
Avatar for suci sucitw
2
140
Microsoft Orleans, Daprのアクターモデルを使い効率的に開発、デプロイを行うためのSekibanの試行錯誤 / Sekiban: Exploring Efficient Development and Deployment with Microsoft Orleans and Dapr Actor Models
Avatar for Tomohisa Takaoka tomohisa
0
230
TDD 実践ミニトーク
Avatar for Daisuke Garaike contour_gara
1
280
Langfuseと歩む生成AI活用推進
Avatar for matsukada licux
3
320
パッケージ設計の黒魔術/Kyoto.go#63
Avatar for kadota kyohei lufia
3
410
KessokuでDIでもgoroutineを活用する / Go Connect #6
Avatar for mazrean mazrean
0
140

Featured

See All Featured
The Language of Interfaces
Avatar for Des Traynor destraynor
160
25k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
19k
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
87
4.8k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
62k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
671
58k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
30
6.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
252
21k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
36
2.5k

Transcript

  1. and infrastructure as code workshop Andreas Mosti

  2. Key takeaways • Infrastructure as Code • Configuration Management •

    What can Ansible solve? • What can it not solve? • Enough knowledge to understand the key principles

  3. Dev/Build Runtime

  4. Dev/Build Runtime

  5. Dev/Build Runtime

  6. Dev/Build Runtime

  7. None

  8. The complexity moves

  9. None
  10. None

  11. Site A Site A Replica Site B Replica Site B

  12. • Application platforms / runtimes • Permissions • Users •

    Firewall rules • Config Files • Updates • Running Services • Upgrades

  13. • Application platforms / runtimes • Permissions • Users •

    Firewall rules • Config Files • Updates • Running Services • Upgrades 20
  14. None

  15. Inconsistent server farms

  16. Platform requirements, «What are we releasing on?»

  17. «We need new environments quickly, in a reproducible fashion»

  18. Automate the infrastructure

  19. Snowflake vs. Phoenix Servers

  20. Infrastructure as code:

  21. Reproducible Environments

  22. Servers in version control

  23. Configuration management

  24. Explicit process

  25. Safety!

  26. Code Review

  27. Baked vs. Fried servers

  28. The usual suspects

  29. None
  30. None

  31. Why Ansible?

  32. None
  33. None

  34. Open Source

  35. SSH WinRM

  36. Most important:

  37. The correct abstraction (for us)

  38. None

  39. Playbooks push Database Appserver Load Balancer

  40. None

  41. Remember: Ansible keeps state

  42. The benefits of Infrastructure as Code: 1) Automation 2) Version

    control 3) Code Review 4) Testing 5) Documentation 6) Reuse

  43. The holy grale: Imutable infrastructure

  44. Warning 1:

  45. None
  46. None
  47. None
  48. None

  49. The files don’t represent reality!

  50. None

  51. Warning 2:

  52. If not run often, the system might regress

  53. Part 1: Inventory and connection

  54. SSH WinRM

  55. WinRM Port 5986 Local / AD admin user w. remoting

    Powershell 3.0 ConfigureRemotingForAnsible.ps1

  56. SSH Port 22 root / dedicated user(s)

  57. None
  58. None

  59. The Inventory

  60. inventory/Example.inventory

  61. inventory/Testlab18.inventory

  62. Exercise 1: Inventory and server connection

  63. Part 2: Playbooks and tasks

  64. Playbooks push Database Appserver Loadbalancer

  65. LoadBalancer.yaml Zookeeper.yaml Solr.yaml Database.yaml ArenaAppServer.yaml

  66. WebServer.yaml

  67. WebServer.yaml

  68. WebServer.yaml

  69. WebServer.yaml

  70. roles/DotNet461/tasks/main.yaml

  71. None
  72. None

  73. Exercise 2: Playbook and simple tasks

  74. Part 3: Roles and variables

  75. WebServer.yaml

  76. To reuse tasks or implement components, we make roles

  77. Example roles: • IIS • DotnetFramework45 • Oracle12C • TeamcityAgent

    • Java • GoogleChrome • SplunkForwarder
  78. None

  79. Buildserver.yaml

  80. roles/Oracle12Driver/tasks/main.yaml

  81. roles/Oracle12Driver/tasks/main.yaml

  82. roles/Oracle12Driver/defaults/main.yaml

  83. Lists and iterators

  84. roles/Zookeeper/tasks/main.yaml roles/Zookeeper/defaults/main.yaml

  85. A word on variable precendence

  86. From least to most important: • role defaults • group_vars/

    • host_vars/ • host facts • play vars • include_vars • set_facts • extra vars

  87. A word on state and idempotency

  88. Always pick modules over shell commands (if possible)

  89. roles/MKDocs/tasks/main.yaml

  90. roles/MKDocs/tasks/main.yaml

  91. Exercise 3: Roles, variables and iterators

  92. Part 4: Handlers, templates, files

  93. None

  94. Files vs Templates

  95. roles/TeamCityAgent/tasks/main.yaml

  96. True configuration management with templating and JINJA2

  97. roles/TeamCityAgent/templates/buildAgent.properties

  98. roles/SplunkForwarder/templates/input.conf.j2

  99. roles/HAProxy/templates/haproxy.conf.j2

  100. roles/Prometheus/templates/alertmanager.yml.j2

  101. roles/Prometheus/defaults/main.yml

  102. roles/TeamCityAgent/tasks/main.yaml

  103. roles/TeamCityAgent/handlers/main.yaml

  104. Exercise 4: Templates, handlers and files

  105. Part 5: Ansible Vault

  106. When working with secrets roles/TeamCityAgent/tasks/main.yaml

  107. roles/TeamCityAgent/defaults/main.yaml

  108. None

  109. roles/TeamCityAgent/defaults/main.yaml

  110. None

  111. roles/TeamCityAgent/defaults/main.yaml

  112. Exercise 5: Vault and encryptet secrets