Ansible for Enterprise

Transcript

1. Ansible: Automation made simple

2. Efficient & Secure /Uses OpenSSH /No extra code to manage

   /More secure /More scalable /Ready for cloud-scale /More efficient Automate Faster /Uses YAML for playbooks /Human-readable /No special coding skills needed /No single-point-of-knowledge problem /Tasks executed in order /Get productive quickly Orchestration + /App deployment /Configuration management /Workflow orchestration /Provisioning /Team tools with Tower /Multiple tools in one Simple. Agentless. Powerful.

3. Configuration Management Application Deployments Workflow Orchestration Provisioning Powerful, flexible and

   Interoperable:

4. Reasons for Ansible • Wide OS support For those heterogeneous

   environments or those that are homogeneous but plan to change. • Works with the colo and the cloud You can maintain either, both or migrate one to the other, your choice. • Integrates with most clouds A plethora of cloud modules and they can also be used inventory sources. • Small footprint It reuses common existing tools (ssh, sudo, python, etc). No additional infrastructure, no new firewall rules, no new permissions and no SSL certificates. • Plays well with others It can substitute many other products or work with them for better results. • Easy to expand plugin architecture Makes custom developments a lot easier to integrate.

5. Reasons for Ansible • Lower system maintenance costs You can

   quickly and easily do security & performance updates. • Deploy more reliably, faster, more often Easy to structure release process, make it reproducible, reliable and distributed. • Automate recovery and failover Faster time to recovery, less downtime, less risk. • Mitigate the pain of migration Make it easier to take advantage of new technologies, easily integrate the into the cloud. • Gentle learning curve and easy adaptation Easy to adapt, non intrusive, plays well with existing infrastructure. • Intelligible Makes it easy to learn, audit and verify.

6. Openstack support Many modules: glance_image - Add/Delete images from glance

   keystone_user - Manage OpenStack Identity (keystone) users, tenants and roles nova_compute - Create/Delete VMs from OpenStack nova_keypair - Add/Delete key pair from nova quantum_floating_ip - Add/Remove floating IP from an instance quantum_floating_ip_associate - Manage a particular floating IP with an instance quantum_network - Creates/Removes networks from OpenStack quantum_router - Create or Remove router from openstack quantum_router_gateway - Manages gateway interfaces for a defined router quantum_router_interface - Attach/Dettach a subnet’s interface to a router quantum_subnet - Add/remove subnet from a network Major players engaged: Major backers and users of Openstack also support and/or use ansible: Rackspace, HP Helion, Bluebox and we even get help from Monty Taylor.

7. Openstack simple examples --- -hosts: localhost connection: local vars_files: -

   ostack_bcs.yml tasks: - name: create tenants keystone_user: token: "{{ security_token }}" tenant: "{{ item }}" tenant_description: "Tenant" with_items: [ ‘tenant1’, ‘tenant2’, ‘tenant3’] - name: add image to glance glance_image: copy_from: "http://download.myimages.com/1/custom.img" name: myfirstimage disk_format: qcow2 is_public: true container_format: bare login_username: admin login_tenant_name: tenant1 login_password: "{{ admin_password}}" region_name: RegionOne auth_url: "http://{{ controller }}:{{ controller_port}}/v2.0"

8. Ansible Inc, Products Ansible Core Tower Support Consulting

9. PUSH-BUTTON LAUNCH Launch automation jobs with a button ACCESS CONTROL

   Role-based access control & LDAP integration DELEGATION OF CREDENTIALS Delegate credentials without giving away secrets SCHEDULING Schedule automation jobs (great for periodic remediation) INVENTORY MANAGEMENT Graphically manage your internal & cloud resources API & CLI Documented RESTful API and Tower CLI to integrate Tower into your tools AUDITING See a full Ansible job history with drill-in details Ansible Tower The best way to run Ansible in your organization.

10. THANK YOU