Taking a Moment 1 CC BY-NC 4.0 Justin Yost

Ansible: What Is It and What Is It Good For? Justin Yost Lead Software Engineer Wirecutter 2 CC BY-NC 4.0 Justin Yost

What is Ansible? • Provision • Configuration • Deployment 3 CC BY-NC 4.0 Justin Yost

Provision • Setup your server software with a particular set of tools for a particular environment 4 CC BY-NC 4.0 Justin Yost

Configuration • Store and manage secrets and mundane values across various environments 5 CC BY-NC 4.0 Justin Yost

Deployment • Deploy the software, with the matching configuration into an environment 6 CC BY-NC 4.0 Justin Yost

What makes Ansible different? • No agents (Python and SSH are the only requirements on managed nodes) • No custom software code (just YAML English language scripts) • Models the whole IT infrastructure • Idempotent, running it multiple times produces the same infrastructure 7 CC BY-NC 4.0 Justin Yost

Ansible - Basic Setup • Playbooks - describe automation tasks (literally SSH commands to be run) • Inventory - not a database, but Ansible's knowledge of the hosts to run commands on • Module - a standalone set of automation tasks • Management Node - the node that runs the Ansible software and runs the playbooks against the inventory, deploying the modules to each corresponding remote host 8 CC BY-NC 4.0 Justin Yost

Ansible 9 CC BY-NC 4.0 Justin Yost

Ansible - What can it do? • Provision - create a new from scratch or not server to do whatever. • Configuration - add code, add secrets, add environment values, for said servers. • Deployment - deploy those from scratch servers to multiple cloud or self-hosting providers (AWS, Azure, GCP, OpenStack, VMWare, etc) 10 CC BY-NC 4.0 Justin Yost

Ansible - What can't it do? ! 11 CC BY-NC 4.0 Justin Yost

What does Ansible look like? • YAML Files • Build an Inventory File (hosts being managed) • Write Playbooks against the hosts • Playbooks execute tasks • Tasks are typically executed via a called module to execute against a collection of hosts • Tasks can use some Ansible wrapping logic around ssh commands • Tasks can also just run generic ssh commands • Handlers execute at the end of a set of tasks 12 CC BY-NC 4.0 Justin Yost

Inventory File hosts.yml --- all: local: 192.0.2.50 web: aserver.example.org bserver.example.org dns: dns[01:50].example.org: 13 CC BY-NC 4.0 Justin Yost

Playbook File verify-user.yml --- - hosts: all remote_user: root tasks: - name: test connection ping: remote_user: yourname 14 CC BY-NC 4.0 Justin Yost

Playbook load-apache.yml --- - hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: ensure apache is at the latest version yum: name: httpd state: latest - name: ensure apache is running service: name: httpd state: started handlers: - name: restart apache service: name: httpd state: restarted 15 CC BY-NC 4.0 Justin Yost

Ansible Has • Variables • Loops • Truth Evaluation • Whens • Blocks and Block Level Errors 16 CC BY-NC 4.0 Justin Yost

Ansible Vault • Locally Encrypted/Decreypted Secrets Manager • Store secrets and load into Ansible at run time 17 CC BY-NC 4.0 Justin Yost

Ansible Ad Hoc Commands • Execute ad-hoc commands against the inventory (ie restart/ shutdown/update a one-off service/server/server-cluster) 18 CC BY-NC 4.0 Justin Yost

Ansible Dynamic Inventory • Supports multiple cloud providers Dynamic Scaling systems • Supports LDAP, Cobbler, other cloud based inventory management systems 19 CC BY-NC 4.0 Justin Yost

Ansible • All in one tool to create servers and any underlying service on said servers • Configure said servers and services • Deploy said servers into various environments 20 CC BY-NC 4.0 Justin Yost

Thanks Questions? • twitter.com/justinyost • github.com/justinyost • justinyost.com • linkedin.com/learning/instructors/justin-yost 21 CC BY-NC 4.0 Justin Yost