Ansible introduction in 30 minutes @dagwieers

Introduction to Ansible Cfgmgmtcamp Ghent 2018 2 30 minutes... ● Who are you ? ● What is Ansible ? ● Ansible terminology ● How does it work ? ● Where do I go for help ? ● How to join the community ? ● Questions

Introduction to Ansible Cfgmgmtcamp Ghent 2018 3 Dag Wieërs ● Freelance Linux and Open Source consultant – Usually as System Engineer/Architect – Past 6 years mostly Ansible-related assignments ● Working for various companies (IT, Finance, Telco, Gov) – IBM, HP, Euroclear, Punch, EMC, AXA, ING – Ansible: BNP, Proximus, KBC, Telenet, FedPol, Cisco ● Started developing on Ansible from early 2012 ● Involved in: Core, Unix, VMware, Networking, Windows ● Various modules: debug, fail, set_fact mail, unarchive, xml, ...

Introduction to Ansible Cfgmgmtcamp Ghent 2018 4 Workflow automation tool ● Start automating in minutes… by doing it ● You are in control – The “what, when and where” ● One ring to rule them all – Ad-hoc execution/reporting √ – Bare-metal / VM provisioning √ – Configuration management √ – Standard operational procedures √ ● Security patch management, web deployments, ... ● GUI: Ansible Tower or AWX

Introduction to Ansible Cfgmgmtcamp Ghent 2018 5 Ansible: cleverly versatile ● Agentless, easy to set up and control ● Using native technologies/existing standards – well-known, proven and secure ● Well-defined interfaces, easy to extend – inventories, modules, plug-ins, connections ● Thousands of existing modules and roles ● Rich integration with hundreds of: – systems, VMs, containers, devices, appliances, applications

Introduction to Ansible Cfgmgmtcamp Ghent 2018 6 Concepts: Inventory and sources ● Inventory – Groups ● Group variables – Hosts ● Host variables ● Inventories can be: – INI, YAML, JSON – Dynamic inventories – Integrated with many sources Example INI inventory [firewalls] fw01 ansible_user=admin [webservers] web01 http_port=80 web02 http_port=8080 [databases] db01 db_type=postgresql

Introduction to Ansible Cfgmgmtcamp Ghent 2018 7 Concepts: Playbooks and tasks ● Playbook – Play ● Role ● Task (Module) ● Facts gathering ● Notification handlers ● Roles + Galaxy ● Plugins Example YAML playbook - hosts: webservers tasks: - name: Ensure Apache is up-to-date yum: name: httpd state: latest - name: Manage Apache configuration template: src: httpd.j2 dest: /etc/httpd.conf validate: apachectl -t -f %s notify: - reload-apache - name: Ensure Apache is running service: name: httpd state: started enabled: yes

Introduction to Ansible Cfgmgmtcamp Ghent 2018 8 Concepts: Task execution model ● Master sends instructions to individual target nodes ● Target nodes execute instructions ● Target nodes report back using JSON ● Ansible reports status back to user

Introduction to Ansible Cfgmgmtcamp Ghent 2018 9 More than 1600 modules... ● Platform – Linux, macOS, Unix, Windows – System, Config, Packaging ● Networking aci, aireos, asa, avi, bigswitch, citrix, dellos, f5, ios, iosxr, junos, lenovo, netconf, nso, nuage, nxos, sros, vyos ● Monitoring bigpanda, grafana, icinga2, monit, nagios, newrelic, pagerduty, sensu, zabbix ● Web infra apache2, django, jboss, jenkins, jira, letsencrypt, nginx, rundeck ● Clustering consul, kubernetes, openshift, pacemaker ● Cloud amazon, atomic, azure, cloudstack, docker, google, linode, lxc, lxd, openstack, ovirt, rackspace, softlayer, univention, vmware ● Database elasticsearch, influxdb, kibana, mongodb, mssql, mysql, postresql, proxysql, redis, riak ● Remote management foreman, hpilo, imc, ipmi, manageiq, oneview, stacki, ucs, wakeonlan ● Source control bzr, git, github, gitlab, hg, subversion ● Network tools cloudflare, dnsimple, dnsmadeasy, haproxy, ldap, lldp, nsupdate, omapi, snmp ● Identity cyberark, ipa, keycloak ● Crypto

Introduction to Ansible Cfgmgmtcamp Ghent 2018 10 “ ” Who knows what this means ? f(f(x)) = f(x)

Introduction to Ansible Cfgmgmtcamp Ghent 2018 11 Terminology ● Idempotency: f(f(x)) = f(x) – Imperative versus Declarative – Various techniques to achieve idempotency ● YAML + JSON – Describes datastructures – Domain-specific language ● Jinja2 templating – Used for templating configuration files – Or manipulating data inline

Introduction to Ansible Cfgmgmtcamp Ghent 2018 12 Important bits ● Keep playbooks readable – No programming constructs in playbooks – A well-designed inventory is key ! – Complex orchestration → Roles – Complex with locality → Modules – Data manipulation → Jinja2 filters – Differentiate using templates ● Testing and reporting – Check-mode -C, --check – Diff output -D, --diff

Introduction to Ansible Cfgmgmtcamp Ghent 2018 13 Where go for help ? ● Documentation – Latest stable: http://docs.ansible.com/ansible/latest/ – Devel branch: http://docs.ansible.com/ansible/devel/ ● Mailinglist – https://groups.google.com/forum/#!forum/ansible-project ● IRC – #ansible on Freenode ● Meetups (more than 200 worldwide) – http://ansible.meetup.com/

Introduction to Ansible Cfgmgmtcamp Ghent 2018 14 How to contribute ? ● Join us on Wednesday for a developer meeting ● Reporting issues – https://github.com/ansible/ansible/issues ● Discussing ideas – Mailinglist: https://groups.google.com/forum/#!forum/ansible-devel – IRC: #ansible-devel on Freenode ● Proposals – https://github.com/ansible/proposals/issues ● Join a Working group – https://github.com/ansible/community

Introduction to Ansible Cfgmgmtcamp Ghent 2018 15 Staying involved... ● Regular meetings – Twice a week core meetings and weekly Working Group meetings – Subscribe to meeting agenda: https://github.com/ansible/community/issues?q=is:open+label:meeting_agenda ● Roadmap and Changelog – http://docs.ansible.com/ansible/devel/roadmap/ROADMAP_2_5.html – https://github.com/ansible/ansible/blob/devel/CHANGELOG.md ● AnsibleFest – Twice a year, in London and San Francisco – Ansible contributor meetings ● Ansible Automates ● Cfgmgmtcamp

Introduction to Ansible Cfgmgmtcamp Ghent 2018 16 “ ” Feedback appreciated Don’t hesitate, I’ll be at Cfgmgmtcamp until Wednesday... Questions ? Remarks ?