SlideShare a Scribd company logo

Ansible inside

Ideato
Ideato

- Ideato uses Ansible to provision and configure 50+ VMs across development, staging, and production environments. This allows developers easy configuration of their environments and saves sysadmins time on maintenance tasks. - Ansible roles provide a painless way to perform rolling updates across environments similarly to Puppet modules. Learning YAML is easier than Ruby DSLs for configuring nodes. - A demo was shown using Ansible to deploy an Elasticsearch cluster on AWS across multiple availability zones for high availability. Tasks included launching EC2 instances, configuring the cluster, and inserting sample data.

Technology
1 of 43
Download to read offline
ANSIBLE INSIDE IDEATO Alessandro Mazzoli Sysadmin@Ideato am@ideato.it @alendmazz
WHY ANSIBLE we will consider some facts: ideato’s scenario dev needs sysadm needs
IDEATO SCENARIO focus on great software development and good practices 
 50+VM’s to provision, configure and maintain, no need a high level of orchestration
DEV NEEDS • easy CM tool to setup their environments • time spent to debug CM tool error is waste
SYSADM NEEDS • painless rolling updates
 • going to mass production environments
VS
ANSIBLE ROLES ≈ PUPPET MODULES
LEARNING CURVE
YAML vs RubyDSL i don’t want learn Ruby or other DSL… - name: set up user user: name=alemazz shell=/bin/bash password={{ password}} user{"$user": managehome=>true, ensure => present, } file{"/home/$user": ensure=>directory, mode=>755, require=>User["$user"], } file{"/home/$user/.ssh": ensure=>directory, require=>File["/home/$user"], }
Node specific information Hiera
Node specific information template Jinja + ansible vars + ansible vault add a yaml file on host_vars/ or group_vars for example: — aws_access_key: AKIA aws_secret_key: ngxiw and encrypt to AES: ansible-vault encrypt aws.yaml
Agentless only SSH/SFTP/SCP are required no central server scalability no need to update minions or puppet over your infrastructure
Inconsistency • Ruby & PE • Puppetforge modules • Puppet skip everything based on dep what just failed • Rspec needed
TOWARD MASS PRODUCTION SYSTEM DEMO: ELASTICSEARCH CLUSTER ON AWS USING ANSIBLE
our demo will be on AWS multi AZ……
Why Elasticsearch is fit for CM management tools like Ansible? Lot of sys adm configuration tips for a cluster environment • java settings( jmx, mlockall….) • sysctl settings( swappiness, max_map,count..) • ulimit settings
 Do I have to change these settings by hand repeated for n° instance times? NOTHANKS!
As a mention before Ansible has a plenty of sysadm modules:
 - name: firewalld applying conf firewalld: service=elasticsearch permanent=true zone=public state=enabled tags: - firewall
 - name: sysctl configs sysctl: name=fs.file-max value=64000 state=present tags: - sysctl
Here’ s come AWS AWS provides a special plugin for discovery your ES instances inside your cluster just by their security group! discovery.type: ec2 discovery.zen.ping.multicast.enabled: false discovery.ec2.groups: my_security_group I don’t have to update the other node -1 configurations if i need to replace or add a new node!!
Create our instances-- - hosts: localhost connection: local vars_files: - host_vars/el.yml vars: security_group: elsg instance_type: t2.medium image: ami-7cc4f661 region: eu-central-1 keypair: example.pem n_instances: "1" tasks: - name: Launch Instance to Frankfurt av 1 ec2: group: elsg instance_type: "{{ instance_type }}" image: ami-7cc4f661 wait: true region: eu-central-1 keypair: "{{ keypair }}" vpc_subnet_id: subnet-id count: "1" register: ec2 with_items: ec2_instances_fav1
… - name: Launch Instance to Frankfurt av 2 ec2: group: elsg instance_type: "{{ instance_type}}" image: ami-7cc4f661 wait: true region: eu-central-1 keypair: "{{ keypair }}" vpc_subnet_id: subnet-id2 count: "2" register: ec2 with_items: ec2_instances_fav2 remote_user: centos gather_facts: True sudo: false ansible-playbook -i inventories/local/local el-aws_create-instance.yml
--- - name: ensure pip is installed for curator yum: name=python-pip state=installed enablerepo=epel tags: - curator sudo: true - stat: path=/opt/jre-8u45-linux-x64.rpm register: jre_exists tags: - jre - name: Install Elasticsearch Curator and required dependencies. pip: "name={{ item }}" with_items: - elasticsearch-curator - argparse tags: - curator sudo: true - name: download Oracle Java JRE Runtime command: 'wget -q -O /opt/jre-8u45-linux-x64.rpm --no-cookies --no-check-certificate —header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u45-b14/jre-8u45-linux-x64.rpm"' when: jre_exists.stat.exists == False - name: install Oracle Java JRE Runtime yum: name="/opt/jre-8u45-linux-x64.rpm" state=present tags: - jre Set up ES cluster(1/4)
- stat: path=/opt/elasticsearch-1.5.1.noarch.rpm register: el_exists tags: - elinstall - name: download Elasticsearch command: 'wget -q -O /opt/elasticsearch-1.5.1.noarch.rpm https://download.elastic.co/elasticsearch/elasticsearch/ elasticsearch-1.5.1.noarch.rpm' when: el_exists.stat.exists == False - name: install Elasticsearch yum: name="/opt/elasticsearch-1.5.1.noarch.rpm" state=present tags: - elinstall - name: install plugins command: "{{ item }} chdir=/usr/share/elasticsearch/bin/" with_items: - ./plugin -install elasticsearch/elasticsearch-cloud-aws/2.5.1 - ./plugin -install royrusso/elasticsearch-HQ ignore_errors: true tags: - plugin Set up ES cluster(2/4)
- name: copy conf to mem limit unlimited copy: src=99-elastic-nproc.conf dest=/etc/security/limits.d/99-elastic-nproc.conf owner=root mode=0640 tags: - ulimit sudo: true - name: sysctl configs sysctl: name=vm.swappiness value=0 state=present tags: - sysctl sudo: true - name: sysctl configs sysctl: name=vm.max_map_count=262144 value=0 state=present tags: - sysctl sudo: true - name: sysctl configs sysctl: name=fs.file-max value=64000 state=present tags: - sysctl sudo: true - name: disable swap command: swapoff -a tags: - swap sudo: true Set up ES cluster(3/4)
- name: set up elasticsearch.yaml template: src=elasticsearch.j2 dest=/etc/elasticsearch/elasticsearch.yml owner=root mode=0644 backup=yes tags: - elconf - name: ensure exists log directory and data directory file: path={{ item }} state=directory owner=elasticsearch with_items: - /var/data/elasticsearch - /var/log/elasticsearch tags: - directory sudo: true - name: start elastic service: name=elasticsearch state=restarted enabled=yes - name: copy json accounts copy: src=accounts.json dest=/home/centos owner=centos mode=0640 tags: - accounts sudo: true Set up ES cluster(4/4)
Ansible provides a special plugin to find the running instances inside your EC2 account… it’s called dynamic inventory ansible-playbook -i inventories/dynamic/ec2.py el-aws_deploy-instance.yml ./ec2.py —list "eu-central-1b": [ “5*.2*.8*.4*”, “5*.2*.3*.9*”, “5*.2*.4*.3*” ],
Insert some data let’s try to insert a sample bank dataset, here a small part of it: { "account_number": 0, "balance": 16623, "firstname": "Bradshaw", "lastname": "Mckenzie", "age": 29, "gender": "F", "address": "244 Columbus Place", "employer": "Euron", "email": "bradshawmckenzie@euron.com", "city": "Hobucken", "state": “CO" } curl -XPOST 'localhost:9200/bank/account/ _bulk?pretty' --data-binary @accounts.json
Let’s see the output
Elastic HQ
What we have achieved? • a mass production system without handy configuration • a fully reproducible environment • scalability • availability • exit staff proof • fully documentated by the code • reduced stress ……………………………………………………
state of the art & current workflow
I’m almost a DevOps
Current workflow Assumptions: dev environment = local environment developers usingVagrant and Ansible to configure their environment deploys are via Idephix or rsync dev asks to sysadmins to provision staging & prod
sysadmins add their roles to production environment !!
roles repo is inside local network, remote dev can’t obtain that roles we haven’t a single source of code for Ansible roles we don’t share efforts on roles Issues
we got rolling updates on all machines though Ansible on newer machines we have some sysadmin roles like: • distrib role • security role • s3 role • vpn role but we haven’t any application oriented roles like webserver role or php role on stag/prod
easiest workflow sysadmin will provision staging and production using same roles that dev use •developers deploy app code •syasadmin deploy roles
2nd workflow developers also deploy the infrastructural code
Can Idephix be also a provisioner ??
Resources http://www.ansible.com/home https://docs.ansible.com/playbooks_vault.html https://puppetlabs.com/ http://docs.puppetlabs.com/hiera/1/ https://www.elastic.co/ https://github.com/elastic/elasticsearch-cloud-aws https://github.com/ansible/ansible/blob/devel/plugins/inventory/ec2.py http://pavelpolyakov.com/2014/08/14/elasticsearch-cluster-on-aws- part-2-configuring-the-elasticsearch/ https://github.com/royrusso/elasticsearch-HQ http://getidephix.com/
Questions???

Recommended

Hacking ansible
Hacking ansibleHacking ansible
Hacking ansiblebcoca
 
Ansible tips & tricks
Ansible tips & tricksAnsible tips & tricks
Ansible tips & tricksbcoca
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0bcoca
 
dotCloud and go
dotCloud and godotCloud and go
dotCloud and goFlavio Poletti
 
用Tornado开发RESTful API运用
用Tornado开发RESTful API运用用Tornado开发RESTful API运用
用Tornado开发RESTful API运用Felinx Lee
 
Phpne august-2012-symfony-components-friends
Phpne august-2012-symfony-components-friendsPhpne august-2012-symfony-components-friends
Phpne august-2012-symfony-components-friendsMichael Peacock
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기JeongHun Byeon
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricksbcoca
 

Recommended

Hacking ansible
Hacking ansibleHacking ansible
Hacking ansiblebcoca
 
Ansible tips & tricks
Ansible tips & tricksAnsible tips & tricks
Ansible tips & tricksbcoca
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0bcoca
 
dotCloud and go
dotCloud and godotCloud and go
dotCloud and goFlavio Poletti
 
用Tornado开发RESTful API运用
用Tornado开发RESTful API运用用Tornado开发RESTful API运用
用Tornado开发RESTful API运用Felinx Lee
 
Phpne august-2012-symfony-components-friends
Phpne august-2012-symfony-components-friendsPhpne august-2012-symfony-components-friends
Phpne august-2012-symfony-components-friendsMichael Peacock
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기JeongHun Byeon
 
More tips n tricks
More tips n tricksMore tips n tricks
More tips n tricksbcoca
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
 
CodeIgniter 3.0
CodeIgniter 3.0CodeIgniter 3.0
CodeIgniter 3.0Phil Sturgeon
 
Everything as Code with Terraform
Everything as Code with TerraformEverything as Code with Terraform
Everything as Code with TerraformMitchell Pronschinske
 
Dance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkDance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkMichael Peacock
 
New in php 7
New in php 7New in php 7
New in php 7Vic Metcalfe
 
Amazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend FrameworkAmazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend FrameworkShahar Evron
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony TechniquesKris Wallsmith
 
Play!ng with scala
Play!ng with scalaPlay!ng with scala
Play!ng with scalaSiarzh Miadzvedzeu
 
AnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and TricksAnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and Tricksjimi-c
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat SheetAndréia Bohner
 
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014Amazon Web Services
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteBram Vogelaar
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stackBram Vogelaar
 
Roll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and LuaRoll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and LuaJon Moore
 
Using ngx_lua in UPYUN
Using ngx_lua in UPYUNUsing ngx_lua in UPYUN
Using ngx_lua in UPYUNCong Zhang
 
V2 and beyond
V2 and beyondV2 and beyond
V2 and beyondjimi-c
 
Hopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to anotherHopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to anotherMichele Orselli
 
PofEAA and SQLAlchemy
PofEAA and SQLAlchemyPofEAA and SQLAlchemy
PofEAA and SQLAlchemyInada Naoki
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupGreg DeKoenigsberg
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Kris Wallsmith
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and ContainersRodolfo Carvalho
 
Configuration Management and Provisioning Are Different
Configuration Management and Provisioning Are DifferentConfiguration Management and Provisioning Are Different
Configuration Management and Provisioning Are DifferentCarlos Nunez
 

More Related Content

What's hot

Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
 
Dance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkDance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkMichael Peacock
 
Amazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend FrameworkAmazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend FrameworkShahar Evron
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony TechniquesKris Wallsmith
 
AnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and TricksAnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and Tricksjimi-c
 
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014Amazon Web Services
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteBram Vogelaar
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stackBram Vogelaar
 
Roll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and LuaRoll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and LuaJon Moore
 
Using ngx_lua in UPYUN
Using ngx_lua in UPYUNUsing ngx_lua in UPYUN
Using ngx_lua in UPYUNCong Zhang
 
V2 and beyond
V2 and beyondV2 and beyond
V2 and beyondjimi-c
 
Hopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to anotherHopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to anotherMichele Orselli
 
PofEAA and SQLAlchemy
PofEAA and SQLAlchemyPofEAA and SQLAlchemy
PofEAA and SQLAlchemyInada Naoki
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupGreg DeKoenigsberg
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Kris Wallsmith
 

What's hot (20)

Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
CodeIgniter 3.0
CodeIgniter 3.0CodeIgniter 3.0
CodeIgniter 3.0
 
Everything as Code with Terraform
Everything as Code with TerraformEverything as Code with Terraform
Everything as Code with Terraform
 
Dance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech TalkDance for the puppet master: G6 Tech Talk
Dance for the puppet master: G6 Tech Talk
 
New in php 7
New in php 7New in php 7
New in php 7
 
Amazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend FrameworkAmazon Cloud Services and Zend Framework
Amazon Cloud Services and Zend Framework
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony Techniques
 
Play!ng with scala
Play!ng with scalaPlay!ng with scala
Play!ng with scala
 
AnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and TricksAnsibleFest 2014 - Role Tips and Tricks
AnsibleFest 2014 - Role Tips and Tricks
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
 
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
Roll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and LuaRoll Your Own API Management Platform with nginx and Lua
Roll Your Own API Management Platform with nginx and Lua
 
Using ngx_lua in UPYUN
Using ngx_lua in UPYUNUsing ngx_lua in UPYUN
Using ngx_lua in UPYUN
 
V2 and beyond
V2 and beyondV2 and beyond
V2 and beyond
 
Hopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to anotherHopping in clouds: a tale of migration from one cloud provider to another
Hopping in clouds: a tale of migration from one cloud provider to another
 
PofEAA and SQLAlchemy
PofEAA and SQLAlchemyPofEAA and SQLAlchemy
PofEAA and SQLAlchemy
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetup
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)
 

Similar to Ansible inside

Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and ContainersRodolfo Carvalho
 
Configuration Management and Provisioning Are Different
Configuration Management and Provisioning Are DifferentConfiguration Management and Provisioning Are Different
Configuration Management and Provisioning Are DifferentCarlos Nunez
 
Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"Fwdays
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestrationPaolo Tonin
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013grim_radical
 
Automating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageAutomating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageVishal Uderani
 
Ufo Ship for AWS ECS
Ufo Ship for AWS ECSUfo Ship for AWS ECS
Ufo Ship for AWS ECSTung Nguyen
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationJohn Lynch
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of AnsibleDevOps Ltd.
 
Itb session v_memcached
Itb session v_memcachedItb session v_memcached
Itb session v_memcachedSkills Matter
 
Harmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetHarmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetAchieve Internet
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpresoke4qqq
 
Artem Zhurbila - docker clusters (solit 2015)
Artem Zhurbila - docker clusters (solit 2015)Artem Zhurbila - docker clusters (solit 2015)
Artem Zhurbila - docker clusters (solit 2015)Artem Zhurbila
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Prajal Kulkarni
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as CodeAllan Shone
 
Ansible with oci
Ansible with ociAnsible with oci
Ansible with ociDonghuKIM2
 
Stack kicker devopsdays-london-2013
Stack kicker devopsdays-london-2013Stack kicker devopsdays-london-2013
Stack kicker devopsdays-london-2013Simon McCartney
 
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019Provectus
 
Puppet and Apache CloudStack
Puppet and Apache CloudStackPuppet and Apache CloudStack
Puppet and Apache CloudStackPuppet
 

Similar to Ansible inside (20)

Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and Containers
 
Configuration Management and Provisioning Are Different
Configuration Management and Provisioning Are DifferentConfiguration Management and Provisioning Are Different
Configuration Management and Provisioning Are Different
 
Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestration
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
 
Automating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageAutomating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngage
 
Ufo Ship for AWS ECS
Ufo Ship for AWS ECSUfo Ship for AWS ECS
Ufo Ship for AWS ECS
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
Itb session v_memcached
Itb session v_memcachedItb session v_memcached
Itb session v_memcached
 
Harmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and PuppetHarmonious Development: Via Vagrant and Puppet
Harmonious Development: Via Vagrant and Puppet
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpreso
 
Artem Zhurbila - docker clusters (solit 2015)
Artem Zhurbila - docker clusters (solit 2015)Artem Zhurbila - docker clusters (solit 2015)
Artem Zhurbila - docker clusters (solit 2015)
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as Code
 
Ansible
AnsibleAnsible
Ansible
 
Ansible with oci
Ansible with ociAnsible with oci
Ansible with oci
 
Stack kicker devopsdays-london-2013
Stack kicker devopsdays-london-2013Stack kicker devopsdays-london-2013
Stack kicker devopsdays-london-2013
 
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
 
Puppet and Apache CloudStack
Puppet and Apache CloudStackPuppet and Apache CloudStack
Puppet and Apache CloudStack
 

More from Ideato

serverless, a next level for devops
serverless, a next level for devopsserverless, a next level for devops
serverless, a next level for devopsIdeato
 
Continuous Integration: SaaS vs Jenkins in Cloud
Continuous Integration: SaaS vs Jenkins in CloudContinuous Integration: SaaS vs Jenkins in Cloud
Continuous Integration: SaaS vs Jenkins in CloudIdeato
 
Jenkins with superpowers
Jenkins with superpowersJenkins with superpowers
Jenkins with superpowersIdeato
 
Ansible pill09wp
Ansible pill09wpAnsible pill09wp
Ansible pill09wpIdeato
 
Elk devops
Elk devopsElk devops
Elk devopsIdeato
 
TogetherJS
TogetherJS TogetherJS
TogetherJS Ideato
 

More from Ideato (6)

serverless, a next level for devops
serverless, a next level for devopsserverless, a next level for devops
serverless, a next level for devops
 
Continuous Integration: SaaS vs Jenkins in Cloud
Continuous Integration: SaaS vs Jenkins in CloudContinuous Integration: SaaS vs Jenkins in Cloud
Continuous Integration: SaaS vs Jenkins in Cloud
 
Jenkins with superpowers
Jenkins with superpowersJenkins with superpowers
Jenkins with superpowers
 
Ansible pill09wp
Ansible pill09wpAnsible pill09wp
Ansible pill09wp
 
Elk devops
Elk devopsElk devops
Elk devops
 
TogetherJS
TogetherJS TogetherJS
TogetherJS
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

Ansible inside

  • 1. ANSIBLE INSIDE IDEATO Alessandro Mazzoli Sysadmin@Ideato am@ideato.it @alendmazz
  • 2. WHY ANSIBLE we will consider some facts: ideato’s scenario dev needs sysadm needs
  • 3. IDEATO SCENARIO focus on great software development and good practices 
 50+VM’s to provision, configure and maintain, no need a high level of orchestration
  • 4. DEV NEEDS • easy CM tool to setup their environments • time spent to debug CM tool error is waste
  • 5. SYSADM NEEDS • painless rolling updates
 • going to mass production environments
  • 6. VS
  • 9. YAML vs RubyDSL i don’t want learn Ruby or other DSL… - name: set up user user: name=alemazz shell=/bin/bash password={{ password}} user{"$user": managehome=>true, ensure => present, } file{"/home/$user": ensure=>directory, mode=>755, require=>User["$user"], } file{"/home/$user/.ssh": ensure=>directory, require=>File["/home/$user"], }
  • 11. Node specific information template Jinja + ansible vars + ansible vault add a yaml file on host_vars/ or group_vars for example: — aws_access_key: AKIA aws_secret_key: ngxiw and encrypt to AES: ansible-vault encrypt aws.yaml
  • 12. Agentless only SSH/SFTP/SCP are required no central server scalability no need to update minions or puppet over your infrastructure
  • 13. Inconsistency • Ruby & PE • Puppetforge modules • Puppet skip everything based on dep what just failed • Rspec needed
  • 14.
  • 15. TOWARD MASS PRODUCTION SYSTEM DEMO: ELASTICSEARCH CLUSTER ON AWS USING ANSIBLE
  • 16. our demo will be on AWS multi AZ……
  • 17. Why Elasticsearch is fit for CM management tools like Ansible? Lot of sys adm configuration tips for a cluster environment • java settings( jmx, mlockall….) • sysctl settings( swappiness, max_map,count..) • ulimit settings
 Do I have to change these settings by hand repeated for n° instance times? NOTHANKS!
  • 18. As a mention before Ansible has a plenty of sysadm modules:
 - name: firewalld applying conf firewalld: service=elasticsearch permanent=true zone=public state=enabled tags: - firewall
 - name: sysctl configs sysctl: name=fs.file-max value=64000 state=present tags: - sysctl
  • 19. Here’ s come AWS AWS provides a special plugin for discovery your ES instances inside your cluster just by their security group! discovery.type: ec2 discovery.zen.ping.multicast.enabled: false discovery.ec2.groups: my_security_group I don’t have to update the other node -1 configurations if i need to replace or add a new node!!
  • 20.
  • 21. Create our instances-- - hosts: localhost connection: local vars_files: - host_vars/el.yml vars: security_group: elsg instance_type: t2.medium image: ami-7cc4f661 region: eu-central-1 keypair: example.pem n_instances: "1" tasks: - name: Launch Instance to Frankfurt av 1 ec2: group: elsg instance_type: "{{ instance_type }}" image: ami-7cc4f661 wait: true region: eu-central-1 keypair: "{{ keypair }}" vpc_subnet_id: subnet-id count: "1" register: ec2 with_items: ec2_instances_fav1
  • 22. … - name: Launch Instance to Frankfurt av 2 ec2: group: elsg instance_type: "{{ instance_type}}" image: ami-7cc4f661 wait: true region: eu-central-1 keypair: "{{ keypair }}" vpc_subnet_id: subnet-id2 count: "2" register: ec2 with_items: ec2_instances_fav2 remote_user: centos gather_facts: True sudo: false ansible-playbook -i inventories/local/local el-aws_create-instance.yml
  • 23. --- - name: ensure pip is installed for curator yum: name=python-pip state=installed enablerepo=epel tags: - curator sudo: true - stat: path=/opt/jre-8u45-linux-x64.rpm register: jre_exists tags: - jre - name: Install Elasticsearch Curator and required dependencies. pip: "name={{ item }}" with_items: - elasticsearch-curator - argparse tags: - curator sudo: true - name: download Oracle Java JRE Runtime command: 'wget -q -O /opt/jre-8u45-linux-x64.rpm --no-cookies --no-check-certificate —header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u45-b14/jre-8u45-linux-x64.rpm"' when: jre_exists.stat.exists == False - name: install Oracle Java JRE Runtime yum: name="/opt/jre-8u45-linux-x64.rpm" state=present tags: - jre Set up ES cluster(1/4)
  • 24. - stat: path=/opt/elasticsearch-1.5.1.noarch.rpm register: el_exists tags: - elinstall - name: download Elasticsearch command: 'wget -q -O /opt/elasticsearch-1.5.1.noarch.rpm https://download.elastic.co/elasticsearch/elasticsearch/ elasticsearch-1.5.1.noarch.rpm' when: el_exists.stat.exists == False - name: install Elasticsearch yum: name="/opt/elasticsearch-1.5.1.noarch.rpm" state=present tags: - elinstall - name: install plugins command: "{{ item }} chdir=/usr/share/elasticsearch/bin/" with_items: - ./plugin -install elasticsearch/elasticsearch-cloud-aws/2.5.1 - ./plugin -install royrusso/elasticsearch-HQ ignore_errors: true tags: - plugin Set up ES cluster(2/4)
  • 25. - name: copy conf to mem limit unlimited copy: src=99-elastic-nproc.conf dest=/etc/security/limits.d/99-elastic-nproc.conf owner=root mode=0640 tags: - ulimit sudo: true - name: sysctl configs sysctl: name=vm.swappiness value=0 state=present tags: - sysctl sudo: true - name: sysctl configs sysctl: name=vm.max_map_count=262144 value=0 state=present tags: - sysctl sudo: true - name: sysctl configs sysctl: name=fs.file-max value=64000 state=present tags: - sysctl sudo: true - name: disable swap command: swapoff -a tags: - swap sudo: true Set up ES cluster(3/4)
  • 26. - name: set up elasticsearch.yaml template: src=elasticsearch.j2 dest=/etc/elasticsearch/elasticsearch.yml owner=root mode=0644 backup=yes tags: - elconf - name: ensure exists log directory and data directory file: path={{ item }} state=directory owner=elasticsearch with_items: - /var/data/elasticsearch - /var/log/elasticsearch tags: - directory sudo: true - name: start elastic service: name=elasticsearch state=restarted enabled=yes - name: copy json accounts copy: src=accounts.json dest=/home/centos owner=centos mode=0640 tags: - accounts sudo: true Set up ES cluster(4/4)
  • 27. Ansible provides a special plugin to find the running instances inside your EC2 account… it’s called dynamic inventory ansible-playbook -i inventories/dynamic/ec2.py el-aws_deploy-instance.yml ./ec2.py —list "eu-central-1b": [ “5*.2*.8*.4*”, “5*.2*.3*.9*”, “5*.2*.4*.3*” ],
  • 28. Insert some data let’s try to insert a sample bank dataset, here a small part of it: { "account_number": 0, "balance": 16623, "firstname": "Bradshaw", "lastname": "Mckenzie", "age": 29, "gender": "F", "address": "244 Columbus Place", "employer": "Euron", "email": "bradshawmckenzie@euron.com", "city": "Hobucken", "state": “CO" } curl -XPOST 'localhost:9200/bank/account/ _bulk?pretty' --data-binary @accounts.json
  • 29. Let’s see the output
  • 31. What we have achieved? • a mass production system without handy configuration • a fully reproducible environment • scalability • availability • exit staff proof • fully documentated by the code • reduced stress ……………………………………………………
  • 32.
  • 33. state of the art & current workflow
  • 34. I’m almost a DevOps
  • 35. Current workflow Assumptions: dev environment = local environment developers usingVagrant and Ansible to configure their environment deploys are via Idephix or rsync dev asks to sysadmins to provision staging & prod
  • 36. sysadmins add their roles to production environment !!
  • 37. roles repo is inside local network, remote dev can’t obtain that roles we haven’t a single source of code for Ansible roles we don’t share efforts on roles Issues
  • 38. we got rolling updates on all machines though Ansible on newer machines we have some sysadmin roles like: • distrib role • security role • s3 role • vpn role but we haven’t any application oriented roles like webserver role or php role on stag/prod
  • 39. easiest workflow sysadmin will provision staging and production using same roles that dev use •developers deploy app code •syasadmin deploy roles
  • 40. 2nd workflow developers also deploy the infrastructural code
  • 41. Can Idephix be also a provisioner ??