USING ANSIBLE FOR DEVOPS

0438ae60cde4c7add6f9da48f28c15cc?s=47 Chris Short
September 12, 2018

USING ANSIBLE FOR DEVOPS

What is DevOps and how Ansible fits into the puzzle.

0438ae60cde4c7add6f9da48f28c15cc?s=128

Chris Short

September 12, 2018
Tweet

Transcript

  1. 2.

    2

  2. 3.

    3

  3. 4.

    4

  4. 5.

    5 DEVOPS DEFINED DevOps is a culture and practice that

    emphasizes the collaboration and communication of both software developers and IT operations professionals while automating the process of software delivery and infrastructure changes. ADAPTED FROM WIKIPEDIA
  5. 7.

    7 DEVOPS CREATES DEMAND FOR AUTOMATION ACROSS THE DEV AND

    OPS LIFECYCLES 100% Enterprises worldwide are investing in or evaluating DevOps 85% Enterprise IT decision makers state automation is either mission critical or very important to their future DevOps strategy DevOps is almost 10 Years Old!!! NEXT GENERATION IT INFRASTRUCTURE & MANAGEMENT SURVEY DEC 2017 N= 1171 Worldwide IT Operations Decision Makers
  6. 11.
  7. 12.

    12

  8. 13.

    13 ACCELERATE APP DELIVERY Increase agility and efficiency, and provide

    better control of existing and new IT environments Automate routine IT tasks to save time and increase stability Reduce IT environment complexity through automation Promote cultural changes needed to implement DevOps Transform culture, process and methodologies to accelerate digital transformation Speed & agility Collaboration & connection Catalyze innovation Accelerate application delivery with containers Deliver faster Develop faster Change faster Innovate faster BUSINESS INNOVATION IT AUTOMATION
  9. 14.

    14 VALUE OF AUTOMATION FOR DEVOPS GROW REVENUE • Rapid

    innovation of new services and applications • Scale applications and infrastructure on demand • Broaden use of cloud native apps & microservices for agility • Increase developer productivity REDUCE COST • Portability to optimize cost & performance • Maximize value of existing IT while rapidly evolving architecture • Improve IT Ops productivity • Consistent compliance & security
  10. 17.
  11. 20.

    20 WHAT IS ANSIBLE AUTOMATION? Ansible is an open source

    community project sponsored by Red Hat. It’s a simple automation language that can perfectly describe IT application environments in Ansible Playbooks. Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a UI and RESTful API.
  12. 21.

    21 WHY ANSIBLE? SIMPLE POWERFUL AGENTLESS App deployment Configuration management

    Workflow orchestration Network automation Orchestrate the app lifecycle Human readable automation No special coding skills needed Tasks executed in order Usable by every team Get productive quickly Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update Get started immediately More efficient & more secure
  13. 22.

    22 THE ANSIBLE WAY CROSS PLATFORM Agentless support for all

    major OS variants, physical, virtual, cloud and network devices. HUMAN READABLE Perfectly describe and document every aspect of your application environment. PERFECT DESCRIPTION OF APPLICATION Every change can be made by Playbooks, ensuring everyone is on the same page. VERSION CONTROLLED Playbooks are plain-text. Treat them like code in your existing version control. DYNAMIC INVENTORIES Capture all the servers 100% of the time, regardless of infrastructure, location, etc. ORCHESTRATION PLAYS WELL WITH OTHERS Every change can be made by Playbooks, ensuring everyone is on the same page.
  14. 23.

    23 ANSIBLE IS THE UNIVERSAL LANGUAGE DEV QA/SECURITY IT OPERATIONS

    BUSINESS Ansible is the first automation language that can be read and written across IT. Ansible is the only automation engine that can automate the entire application lifecycle and continuous delivery pipeline.
  15. 25.

    25 PLAYBOOK EXAMPLE --- - name: install and start apache

    hosts: web become: yes vars: http_port: 80 tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present copy: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started
  16. 26.

    26 WHAT CAN I DO WITH ANSIBLE? Automate the deployment

    and management of your entire IT footprint. Orchestration Do this... Firewalls Configuration Management Application Deployment Provisioning Continuous Delivery Security and Compliance On these... Load Balancers Applications Containers Clouds Servers Infrastructure Storage And more... Network Devices
  17. 27.

    27 ANSIBLE AUTOMATES TECHNOLOGIES YOU USE CLOUD VIRT & CONTAINER

    WINDOWS NETWORK DEVOPS MONITORING AWS Azure Digital Ocean Google OpenStack Rackspace +more Docker VMware RHV OpenStack OpenShift +more ACLs Files Packages IIS Regedits Shares Services Configs Users Domains +more Arista A10 Cumulus Bigswitch Cisco Cumulus Dell F5 Juniper Palo Alto OpenSwitch +more Jira GitHub Vagrant Jenkins Bamboo Atlassian Subversion Slack Hipchat +more Dynatrace Airbrake BigPanda Datadog LogicMonitor Nagios New Relic PagerDuty Sensu StackDriver Zabbix +more STORAGE NetApp Red Hat Storage Infinidat +more OPERATING SYSTEMS RHEL and Linux UNIX Windows +more
  18. 28.

    28 WHEN WE WIN — START SMALL, THINK BIG 3

    HIGH-LEVEL BENEFITS FOR SUCCESSFUL IT AUTOMATION Infrastructure as YAML • Automate backup & restores • Manage “golden” versions of configurations Configuration management • Changes can be incremental or wholesale • Make it part of the process: agile, waterfall, etc. Ensure an ongoing steady state • Schedule tasks daily, weekly, or monthly • Perform regular state checking and validation
  19. 29.

    29 PLAYBOOK EXAMPLES LAMP + HAPROXY + NAGIOS github.com/ansible/ansible-examples/tree/master/lamp_haproxy WINDOWS

    github.com/ansible/ansible-examples/tree/master/windows SECURITY COMPLIANCE github.com/ansible/ansible-lockdown NETWORK github.com/privateip/network-demo MORE... galaxy.ansible.com github.com/ansible/ansible-examples
  20. 30.

    30 15,000 ROLES AT YOUR DISPOSAL Reusable Roles and Container

    Apps that allow you to do more, faster Built into the Ansible CLI and Tower galaxy.ansible.com
  21. 31.
  22. 33.

    33 --- - name: configure ios interface hosts: ios01 tasks:

    - name: collect device running-config ios_command: commands: show running-config interface GigabitEthernet0/2 provider: “{{ cli }}” register: config - name: administratively enable interface ios_config: lines: no shutdown parents: interface GigabitEthernet0/2 provider: “{{ cli }}” when: ‘”shutdown” in config.stdout[0]‘ - name: verify operational status ios_command: commands: - show interfaces GigabitEthernet0/2 - show cdp neighbors GigabitEthernet0/2 detail waitfor: - result[0] contains ‘line protocol is up’ - result[1] contains ‘iosxr03’ - result[1] contains ’10.0.0.42’ provider: “{{ cli }}” PLAYBOOK EXAMPLE: NETWORK AUTOMATION
  23. 34.

    34 - hosts: new_servers tasks: - name: ensure common OS

    updates are current win_updates: register: update_result - name: ensure domain membership win_domain_membership: dns_domain_name: contoso.corp domain_admin_user: '{{ domain_admin_username }}' domain_admin_password: '{{ domain_admin_password }}' state: domain register: domain_result - name: reboot and wait for host if updates or domain change require it win_reboot: when: update_result.reboot_required or domain_result.reboot_required - name: ensure local admin account exists win_user: name: localadmin password: '{{ local_admin_password }}' groups: Administrators - name: ensure common tools are installed win_chocolatey: name: '{{ item }}' with_items: ['sysinternals', 'googlechrome'] PLAYBOOK EXAMPLE: WINDOWS
  24. 35.

    Stability and security Training and Consulting Access to award winning

    Red Hat Customer Portal Fully supported RHEL/CentOS 7.2+, Ubuntu 14.04 & 16.04 LTS, Amazon Web Service (AWS) AWX code has not gone through Quality Engineering No training, certification, or consulting services available from Red Hat on AWX 100% community supported (GitHub, IRC, mailing lists, etc.) AWX ANSIBLE TOWER WHAT ABOUT AWX?!?! IT’S A VALID QUESTION