SlideShare a Scribd company logo
1 of 67
Download to read offline
OPENNTF WEBINARS
February OpenNTF Webinar:
Introduction to Ansible for
Newbies
AGENDA
• Welcome – Howard Greenberg and Graham Acres
• Christoph Stoettener, HCL Ambassador
• Q and A - All
ASKING QUESTIONS
• First Question – Will this be recorded?
• Yes, view on YouTube!!!
• https://www.youtube.com/user/OpenNTF
• Use the Questions Pane in GoToWebinar
• We will get to your questions at the end of
the webinar
• The speakers will respond to your questions
verbally
• (not in the Questions pane)
• Please keep all questions related to the
topics that our speakers are discussing!!!
• Unrelated Question => post at:
• http://openntf.slack.com/
THANKS TO THE OPENNTF SPONSORS
• HCL made a significant contribution to help our
organization
• Funds these webinars!
• Contests like Hackathons
• Running the organization
• Prominic donates all IT related services
• Cloud Hosting for OpenNTF
• Infrastructure management for HCL Domino and Atlassian
Servers
• System Administration for day-to-day operation
THIS IS OUR COMMUNITY
• Join us and get involved!
• We are all volunteers
• No effort is too small
• If your idea is bigger than you can do on your own, we
can connect you to a team to work on it
• Test or help or modify an existing project
• Write guides or documentation
• Add reviews on projects / stars on Snippets
NEXT WEBINAR
• March OpenNTF Webinar: Nomad Mobile -
Tips and Tricks
• For Domino developers who would like to
optimize their apps for Nomad.
• Thomas Hampel, HCL
• Maxx Sutton, HCL
• Theo Heselmans, HCL Lifetime Ambassador
• Tom Van Aken, HCL Ambassador
• Thursday, March 18, 2021 at 11:00 AM (New
York time)
• www.openntf.org/webinars
INTRODUCTION TO ANSIBLE FOR
NEWBIES
Christoph Stoettner <stoeps@vegardit.com>
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 1 / 60
WHO AM I?
Christoph Stoettner
Senior Consultant @Vegard IT
Focusing on HCL Connections deployments and migrations
Ansible since 2017 — Social Connections 12 [1]
 Example code on
1.
github.com/stoeps13/ansible-examples
share.stoeps.de/2017-10-16-ansible4connections.pdf
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 2 / 60
HANDCRAFTED SERVERS
Hard to maintain
Setups are not reproducible
Complicated vendor documentation
Inhouse documentation outdated
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 3 / 60
IMMUTABLE VERSUS MUTABLE
SERVER
Mutable infrastructure just gets updates
Software 6.0 → + I x 1 + I x 2 + I x 3
In production 6.0 → i x 3
Result will be different
Immutable creates a new environment with 6.0.x
Migrates data after testing
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 4 / 60
SNOWFLAKE SERVERS
Special tweaks or versions needed for proper function
Exception of your standards
Dif cult to reproduce
Fragile if they need a change
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 5 / 60
TEST ENVIRONMENTS
twitter.com/stahnma/status/634849376343429120
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 6 / 60
WHY ARE DEDICATED
TESTENVIRONMENTS IMPORTANT?
Reliable testing can give you con dence during live migration
Applying Fix 3 over Fix 2 over Fix 1 often different from Fix3 over Fix1
Use the same scripts to build development, test or production systems
Handcrafted is always different from production
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 7 / 60
ADVANTAGES
Developer
Build a development environment which is compareable to production
Adminstrator
Build a test environment to go through a migration
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 8 / 60
BE AS PRECISE AS POSSIBLE
Avoid different hostnames
Production: example.com
Test: test.example.com
Better:
example.com
example-test.com
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 9 / 60
HOW CAN WE SOLVE THIS?
Deployment and Application development should follow a fully automated approach
Avoid Snow akes
Easier to have a full clone of production as test environment
Reducing production bugs caused by con guration differences
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 10 / 60
AUTOMATE DEPLOYMENTS AND
CONFIGURATION CHANGES
Large ecosystem of tools to do automatic deployments
Puppet
Chef
Saltstack
Ansible
Wikipedia OSS Con guration Management
puppet.com
www.chef.io
saltstack.com
ansible.com
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 11 / 60
ANSIBLE
Written in Python
Encryption and Security built in
Easy to read (Everything is YAML)
Easy to use (Extensible via modules)
Uses SSH
YAML Tool Kit
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 12 / 60
ANSIBLE HISTORY
Created by AnsibleWorks Inc, acquired by
Red Hat in 2015
Initial release: 20. February 2012
Stable release: 2.10.6
3.0.0 announced for the 16th of February
(two days ago)
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 13 / 60
A VERY IMPORTANT TERM:
IDEMPOTENCY
 Mathematics
denoting an element of a set which is unchanged in value when multiplied or otherwise operated on by itself
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 14 / 60
IDEMPOTENCY — EXAMPLE
Add entry to hosts
Don’t add when present
Change if different
Restart services only when changes were made
Not idempotent
Idempotent
echo "192.168.1.1 cnx-websphere.example.com" >> /etc/hosts
grep -qxF '192.168.1.1 cnx-websphere.example.com' /etc/hosts || 
echo "192.168.1.1 cnx-websphere.example.com" >> /etc/hosts
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 15 / 60
WHAT IS ANSIBLE?
Helps automating tasks during installation and migration
Secure (SSH)
Open (tons of free playbooks)
Well documented
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 16 / 60
WHAT IS ANSIBLE NOT?
A GUI Tool (Get used to console!)[1]
A one click installer
1. Ansible Tower and AWX are browser tools
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 17 / 60
ANSIBLE INSTALLATION
pip install ansible on the machine you want to run it
Newer version than distribution package
Needs internet connection
targets need at least ssh and python installed
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 18 / 60
WINDOWS AND ANSIBLE
Ansible "server" needs Linux (but works with WSL)
Windows support through
Windows Remote Shell (WinRM)
SSH
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 19 / 60
INVENTORY INI OR YAML FORMAT
[leafs]
leaf01.example.com
leaf02.example.com
[spines]
spine01.example.com
spine02.example.com
[network:children]
leafs
spines
---
leafs:
hosts:
leaf01.example.com:
leaf02.example.com:
spines:
hosts:
spine01.example.com:
spine02.example.com:
network:
children:
leafs:
spines:
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 20 / 60
VARIABLES IN INVENTORIES
[leafs]
leaf01.example.com
leaf02.example.com
[leafs:vars]
username=abc
---
leafs:
hosts:
leaf01:
leaf02:
vars:
username: abc
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 21 / 60
VARIABLES
Lots of places to de ne
Presedence important for large
environments
 no hyphens in variable names!
Allowed variable
Not allowed variable
ldap_user: abc
ldap-user: abc
docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 22 / 60
PLAYBOOK
Run commands (so called tasks) on your inventory servers
Select servers or server groups
Roles
Tasks
Handlers
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 23 / 60
TASKS
Lots of modules built-in
Package install
Copy and Edit les
Create les and folders (directly and with templates)
Manage services
Command
Shell
Sudo aware
Become: true
Become_user: xyz
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 24 / 60
TASKS FOR DIFFERENT OS
1 or use yum
2 valid terms are Redhat | Darwin | Debian | Windows
3 or use apt
4 check OS family (Debian) or distribution
...
tasks:
- name: Install mkpasswd
package:
name: whois
state: present
when: ansible_os_family == "Redhat"
- name: Install mkpasswd
package:
name: expect
state: present
when: ansible_distribution == "Ubuntu"
1
2
3
4
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 25 / 60
EXAMPLE (BUILD AN ANSIBLE ROLE)
Most products of IBM or HCL need disabled SELinux during installation
So let’s disable SELinux on a host
Additional steps will be
Con gure limits.conf
Reboot after changes
Create a user
Install packages with yum
All example les can be found at
Branches named for the steps
github.com/stoeps13/ansible-examples
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 26 / 60
DISABLE SELINUX (INVENTORY)
inventory
1 if hostname is resolvable that is enough
Sometimes you need to add IP or SSH Port! For example
[websphere_servers]
cnx-was.stoeps.internal 1
[websphere_servers]
cnx-was.stoeps.internal ansible_host=10.0.11.101 ansible_port=2222
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 27 / 60
SET SELINUX TO permissive
playbook.yml
1 Run this tasks on this server group
2 Use sudo to execute command
3 sudo to user root
4 tasks (one or multiple tasks)
5 use module selinux
6 policy and state are arguments / parameters for module selinux
---
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
1
2
3
4
5
6
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 28 / 60
Ansible Workshop - step1
Ansible Workshop - step1
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:35
0:35
youtu.be/g8OvWIcmNgU
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 29 / 60
DISPLAY A MESSAGE
playbook.yml
1 register a variable to keep the status of this task
2 run only when the task had status changed
---
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
register: selinux_status
- debug:
msg: "SELinux changed. Please reboot the server to apply changes"
when: selinux_status.changed == true
1
2
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 30 / 60
Ansible Workshop - step2
Ansible Workshop - step2
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:12
0:12
youtu.be/HPFuliVmtBE
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 31 / 60
RUN REBOOT AS A TASK
playbook.yml
1 imagine multiple tasks, you’ll end up with tons of variables and complicated when clauses
---
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
register: selinux_status
- name: reboot
reboot:
msg: "Reboot initiated from Ansible"
connect_timeout: 30
reboot_timeout: 120
test_command: whoami
when: selinux_status.changed == true
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 32 / 60
Ansible Workshop - step3
Ansible Workshop - step3
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:25
0:25
youtu.be/JeeZMPitUs4
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 33 / 60
HANDLER
No need to register a variable
Just notify the handler (runs only when task status has changed)
1 Notify the handler that status has changed
hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
notify: reboot
handlers:
- name: reboot
reboot:
msg: "Reboot initiated from Ansible"
connect_timeout: 30
reboot_timeout: 120
test_command: whoami
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 34 / 60
Ansible Workshop - step4
Ansible Workshop - step4
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:29
0:29
youtu.be/OLmGwdNncUM
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 35 / 60
ADD MORE TASKS
1 Reuse the same handler as before (one task must be status changed for a reboot)
---
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
notify: reboot
- name: set number of open files in limits.conf
pam_limits:
domain: root
limit_type: '-'
limit_item: nofile
value: "65535"
notify: reboot
handlers:
- name: reboot
reboot:
msg: "Reboot initiated from Ansible"
connect_timeout: 30
reboot_timeout: 120
test_command: whoami
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 36 / 60
Ansible Workshop - step5
Ansible Workshop - step5
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:53
0:53
youtu.be/ya5TXDRSsHk
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 37 / 60
INSTALL A PACKAGE
1 flush_handler initiates the handler to run if needed, normally it runs on the end of the role/playbook
---
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
notify: reboot
- name: Reboot if necessary
meta: flush_handlers
- name: install compatibility package for installation manager
package:
name: compat-libstdc++-33.x86_64
state: present
handlers:
- name: reboot
reboot:
msg: "Reboot initiated from Ansible"
connect_timeout: 30
reboot_timeout: 120
test_command: whoami
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 38 / 60
Ansible Workshop - step6a
Ansible Workshop - step6a
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:29
0:29
youtu.be/HO1dkKlzQd0
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 39 / 60
REMOVED flush_handlers
Ansible Workshop - step6c
Ansible Workshop - step6c
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:24
0:24
youtu.be/B4b0LZAhl9c
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 40 / 60
INSTALL MULTIPLE PACKAGES
1 placeholder variable
2 all items will be installed
- name: install compatibility packages for installation manager
package:
name: "{{ item }}"
state: present
with_items:
- compat-libstdc++-33.x86_64
- compat-libstdc++-33.i686
- libstdc++.x86_64
1
2
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 41 / 60
Ansible Workshop - step7
Ansible Workshop - step7
Watch later
Watch later Share
Share
0:00
0:00 /
/ 2:06
2:06
youtu.be/DhGghnYgG0k
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 42 / 60
ADD ADDITIONAL SERVERS
1 Add a second server group
2 Add children of the servergroups to installationmanager
[websphere_servers]
cnx-was.stoeps.internal ansible_host=10.0.11.100
[web_servers]
cnx-web.stoeps.internal ansible_host=10.0.11.101
[installationmanager:children]
web_servers
websphere_servers
1
2
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 43 / 60
ADD SECOND HOSTGROUP
1 tasks for the new hostgroup (will install package to both server groups
---
- hosts: websphere_servers
tasks:
- name: ensure selinux is set to permissive
selinux:
[...]
handlers:
- name: reboot
[...]
- hosts: installationmanager
tasks:
- name: install compatibility package for installation manager
package:
name: "{{ item }}"
state: present
with_items:
- compat-libstdc++-33.x86_64
- compat-libstdc++-33.i686
- libstdc++.x86_64
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 44 / 60
Ansible Workshop - step8
Ansible Workshop - step8
Watch later
Watch later Share
Share
0:00
0:00 /
/ 2:22
2:22
youtu.be/P55Dp5EwpBY
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 45 / 60
ADD A GROUP AND A USER
1 Module needs hash, calculate with python -c "import crypt; print crypt.crypt('password')"
- name: add group for WebSphere users
group:
name: was
state: present
- name: add user for im and websphere (non_root)
user:
name: wassys
comment: WebSphere user
uid: 2000
group: was
shell: /bin/bash
state: present
password: "$6$40GE6/6h6A4UhpBT$kPtpBLe3Komc2bmadagr6S.v0/VRPJoJunEaMl5PBhAb4F5FTWsZff/6CYtTQlVm8Qa2wya4HV
1
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 46 / 60
Ansible Workshop - step9
Ansible Workshop - step9
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:29
0:29
youtu.be/z06fB5WRLyE
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 47 / 60
USE VARIABLES
Add to inventory
1 Calculate the password hash
2 register variable
3 Use stdout (output of hash command) for password hash
...
[installationmanager:vars]
was_user=wassys
was_user_password=password
- name: hash user password
shell: "python -c "import crypt; print crypt.crypt('{{ was_user_password }}')""
register: was_user_password_hash
changed_when: false
- name: add user for im and websphere (non_root)
user:
name: "{{ was_user }}"
comment: WebSphere user
uid: 2000
state: present
update_password: on_create
password: "{{ was_user_password_hash.stdout }}"
1
2
3
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 48 / 60
Ansible Workshop - step10
Ansible Workshop - step10
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:27
0:27
youtu.be/GPxHlQuU7N8
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 49 / 60
CREATE SEPARATE ROLES
playbook.yml
1 put into roles/ansible-demo2/tasks/main.yml
2 put into roles/ansible-demo2/handlers/main.yml
- hosts: websphere_servers
become: yes
become_user: root
tasks:
- name: ensure selinux is set to permissive
selinux:
policy: targeted
state: permissive
notify: reboot
...
handlers:
- name: reboot
reboot:
msg: "Reboot initiated from Ansible"
connect_timeout: 30
reboot_timeout: 120
test_command: whoami
1
2
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 50 / 60
VARIABLES DEFAULTS
Add a folder defaults to the role
Add used variables and their defaults
So even when you forget to de ne the variable, the role will run
ansible_demo2/defaults/main.yaml
1 add a variable and read the value from variable was_user, if not present use default wassys
2 default password
__websphere_user: "{{ was_user | default('wassys') }}"
__websphere_user_password: "{{ was_user_password | default('password') }}"
1
2
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 51 / 60
Ansible Workshop - step11
Ansible Workshop - step11
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:21
0:21
youtu.be/Yca0gHKOkxI
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 52 / 60
USE ANSIBLE VAULT TO SECURE THE
PASSWORD
move the
variables to group_vars/installationmanager.yml
passwords to group_vars/all.yaml
encrypt all.yml
ansible-vault encrypt group_vars/all.yml
ansible-playbook -i inventory playbook.yml --ask-vault-pass
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 53 / 60
Ansible Workshop - step12
Ansible Workshop - step12
Watch later
Watch later Share
Share
0:00
0:00 /
/ 0:34
0:34
youtu.be/Ktyy3MKeoRQ
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 54 / 60
RUN ANSIBLE PLAYBOOK
Manually through your shell
Ansible Tower (enterprise server, $$$)
On Windows use Windows Subsystem for Linux (WSL)
Ansible AWX
Jenkins (Pipeline)
Directly during provisioning of Vagrant and Terraform
github.com/ansible/awx
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 55 / 60
WHERE TO FIND ROLES?
Simple said: Download or write them
Check
Download role ansible-playbook install …
roles and collections make Ansible modular
Download complete repositories like connections-automation
galaxy.ansible.com
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 56 / 60
SECURITY
How do we store passwords or deployment keys
Ansible Vault
AES265 encrypted
Encrypted during ansible-playbook run
Ansible AWX
Allow users to run tasks and playbooks against hosts without having a root or user
account on it
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 57 / 60
WHERE TO START (LINKS)
Documentation
Books
Jeff Geerling: Ansible for Devops
Youtube
docs.ansible.com/intro_getting_started.html
github.com/orgs/ansible/people
Ansible 101 with Jeff Geerling
Build and deploy container images and containers
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 58 / 60
ADMINISTRATOR OR DEVELOPER
Have a look at Ansible
Saves you a ton of time
Easy to deploy
Easy to deploy different environments
Dev
QA
Test
Production
KISS
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 59 / 60
CONNECTIONS CUSTOMERS
Have a look at
github.com/HCL-TECH-SOFTWARE/connections-automation
OpenNTF Webinar
This work is licensed under a
Christoph Stoettner · @stoeps
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 60 / 60
QUESTIONS?
Use the GoToWebinar Questions Pane
Please keep all questions related to the
topics that our speakers are discussing!!!
Unrelated Question => post at:
http://openntf.slack.com/

More Related Content

What's hot

September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)Howard Greenberg
 
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxl
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And DxlBp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxl
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxldominion
 
Hnd201 Building Ibm Lotus Domino Applications With Ajax Plugins
Hnd201 Building Ibm Lotus Domino Applications With Ajax PluginsHnd201 Building Ibm Lotus Domino Applications With Ajax Plugins
Hnd201 Building Ibm Lotus Domino Applications With Ajax Pluginsdominion
 
Git 101 - Crash Course in Version Control using Git
Git 101 - Crash Course in Version Control using GitGit 101 - Crash Course in Version Control using Git
Git 101 - Crash Course in Version Control using GitGeoff Hoffman
 
Contribute 101: Compose/Kitematic/Machine by Ben Bonnefoy
Contribute 101: Compose/Kitematic/Machine by Ben BonnefoyContribute 101: Compose/Kitematic/Machine by Ben Bonnefoy
Contribute 101: Compose/Kitematic/Machine by Ben BonnefoyDocker, Inc.
 
OpenNTF Webinar, May 19, 2020
OpenNTF Webinar, May 19, 2020OpenNTF Webinar, May 19, 2020
OpenNTF Webinar, May 19, 2020Howard Greenberg
 
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...Howard Greenberg
 
Continuous Delivery with Jenkins
Continuous Delivery with JenkinsContinuous Delivery with Jenkins
Continuous Delivery with JenkinsJadson Santos
 
Testing with Docker
Testing with DockerTesting with Docker
Testing with Dockertoffermann
 
Codifying the Build and Release Process with a Jenkins Pipeline Shared Library
Codifying the Build and Release Process with a Jenkins Pipeline Shared LibraryCodifying the Build and Release Process with a Jenkins Pipeline Shared Library
Codifying the Build and Release Process with a Jenkins Pipeline Shared LibraryAlvin Huang
 
Collaborating on GitHub for Open Source Documentation
Collaborating on GitHub for Open Source DocumentationCollaborating on GitHub for Open Source Documentation
Collaborating on GitHub for Open Source DocumentationAnne Gentle
 
Using Docker for Testing
Using Docker for TestingUsing Docker for Testing
Using Docker for TestingCarlos Sanchez
 
At Your Service: Using Jenkins in Operations
At Your Service: Using Jenkins in OperationsAt Your Service: Using Jenkins in Operations
At Your Service: Using Jenkins in OperationsMandi Walls
 
Improve your Java Environment with Docker
Improve your Java Environment with DockerImprove your Java Environment with Docker
Improve your Java Environment with DockerHanoiJUG
 
Brujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalabilityBrujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalabilityDamien Coraboeuf
 
Gitlab Training with GIT and SourceTree
Gitlab Training with GIT and SourceTreeGitlab Training with GIT and SourceTree
Gitlab Training with GIT and SourceTreeTeerapat Khunpech
 
How to Successfully Build a Local (Docker) Community
How to Successfully Build a Local (Docker) CommunityHow to Successfully Build a Local (Docker) Community
How to Successfully Build a Local (Docker) CommunityMathias Renner
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins UsersJules Pierre-Louis
 

What's hot (20)

September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
September-2021 OpenNTF Webinar: Domino Online Meeting Integration (DOMI)
 
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxl
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And DxlBp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxl
Bp308 Ibm Lotus Domino Web Facelift Using Ajax And Dxl
 
Hnd201 Building Ibm Lotus Domino Applications With Ajax Plugins
Hnd201 Building Ibm Lotus Domino Applications With Ajax PluginsHnd201 Building Ibm Lotus Domino Applications With Ajax Plugins
Hnd201 Building Ibm Lotus Domino Applications With Ajax Plugins
 
Git 101 - Crash Course in Version Control using Git
Git 101 - Crash Course in Version Control using GitGit 101 - Crash Course in Version Control using Git
Git 101 - Crash Course in Version Control using Git
 
Contribute 101: Compose/Kitematic/Machine by Ben Bonnefoy
Contribute 101: Compose/Kitematic/Machine by Ben BonnefoyContribute 101: Compose/Kitematic/Machine by Ben Bonnefoy
Contribute 101: Compose/Kitematic/Machine by Ben Bonnefoy
 
OpenNTF Webinar, May 19, 2020
OpenNTF Webinar, May 19, 2020OpenNTF Webinar, May 19, 2020
OpenNTF Webinar, May 19, 2020
 
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Continuous Delivery with Jenkins
Continuous Delivery with JenkinsContinuous Delivery with Jenkins
Continuous Delivery with Jenkins
 
Testing with Docker
Testing with DockerTesting with Docker
Testing with Docker
 
Codifying the Build and Release Process with a Jenkins Pipeline Shared Library
Codifying the Build and Release Process with a Jenkins Pipeline Shared LibraryCodifying the Build and Release Process with a Jenkins Pipeline Shared Library
Codifying the Build and Release Process with a Jenkins Pipeline Shared Library
 
Dockercon 2018 EU Updates
Dockercon 2018 EU Updates Dockercon 2018 EU Updates
Dockercon 2018 EU Updates
 
Collaborating on GitHub for Open Source Documentation
Collaborating on GitHub for Open Source DocumentationCollaborating on GitHub for Open Source Documentation
Collaborating on GitHub for Open Source Documentation
 
Using Docker for Testing
Using Docker for TestingUsing Docker for Testing
Using Docker for Testing
 
At Your Service: Using Jenkins in Operations
At Your Service: Using Jenkins in OperationsAt Your Service: Using Jenkins in Operations
At Your Service: Using Jenkins in Operations
 
Improve your Java Environment with Docker
Improve your Java Environment with DockerImprove your Java Environment with Docker
Improve your Java Environment with Docker
 
Brujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalabilityBrujug Jenkins pipeline scalability
Brujug Jenkins pipeline scalability
 
Gitlab Training with GIT and SourceTree
Gitlab Training with GIT and SourceTreeGitlab Training with GIT and SourceTree
Gitlab Training with GIT and SourceTree
 
How to Successfully Build a Local (Docker) Community
How to Successfully Build a Local (Docker) CommunityHow to Successfully Build a Local (Docker) Community
How to Successfully Build a Local (Docker) Community
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users
 

Similar to February OpenNTF Webinar: Introduction to Ansible for Newbies

Octopus Deploy @Erie Day of Code
Octopus Deploy @Erie Day of CodeOctopus Deploy @Erie Day of Code
Octopus Deploy @Erie Day of CodeCassey Lottman
 
Learn OpenStack from trystack.cn
Learn OpenStack from trystack.cnLearn OpenStack from trystack.cn
Learn OpenStack from trystack.cnOpenCity Community
 
How open source is driving DevOps innovation: CloudOpen NA 2015
How open source is driving DevOps innovation: CloudOpen NA 2015How open source is driving DevOps innovation: CloudOpen NA 2015
How open source is driving DevOps innovation: CloudOpen NA 2015Gordon Haff
 
When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?Niklas Heidloff
 
Opencast Project Update at Open Apereo 2015
Opencast Project Update at Open Apereo 2015Opencast Project Update at Open Apereo 2015
Opencast Project Update at Open Apereo 2015Stephen Marquard
 
How to Achieve more through Collaboration
How to Achieve more through Collaboration How to Achieve more through Collaboration
How to Achieve more through Collaboration Damien Garros
 
DevOps and Drupal
DevOps and DrupalDevOps and Drupal
DevOps and DrupalAarno Aukia
 
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...Niklas Heidloff
 
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)ITCamp
 
XPDDS18: Xen Project Weather Report 2018
XPDDS18: Xen Project Weather Report 2018XPDDS18: Xen Project Weather Report 2018
XPDDS18: Xen Project Weather Report 2018The Linux Foundation
 
Continuous Delivery With Containers
Continuous Delivery With ContainersContinuous Delivery With Containers
Continuous Delivery With ContainersAll Things Open
 
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13Dominopoint - Italian Lotus User Group
 
DevQAOps - Surviving in a DevOps World
DevQAOps - Surviving in a DevOps WorldDevQAOps - Surviving in a DevOps World
DevQAOps - Surviving in a DevOps WorldWinston Laoh
 
Micro services may not be the best idea
Micro services may not be the best ideaMicro services may not be the best idea
Micro services may not be the best ideaSamuel ROZE
 
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016DevOps as a Pathway to AWS | AWS Public Sector Summit 2016
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016Amazon Web Services
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAmazon Web Services
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAmazon Web Services
 
Lean Engineering: How to make Engineering a full Lean UX partner
Lean Engineering: How to make Engineering a full Lean UX partnerLean Engineering: How to make Engineering a full Lean UX partner
Lean Engineering: How to make Engineering a full Lean UX partnerBill Scott
 

Similar to February OpenNTF Webinar: Introduction to Ansible for Newbies (20)

Octopus Deploy @Erie Day of Code
Octopus Deploy @Erie Day of CodeOctopus Deploy @Erie Day of Code
Octopus Deploy @Erie Day of Code
 
Learn OpenStack from trystack.cn
Learn OpenStack from trystack.cnLearn OpenStack from trystack.cn
Learn OpenStack from trystack.cn
 
ON.LAB Mininet
ON.LAB MininetON.LAB Mininet
ON.LAB Mininet
 
How open source is driving DevOps innovation: CloudOpen NA 2015
How open source is driving DevOps innovation: CloudOpen NA 2015How open source is driving DevOps innovation: CloudOpen NA 2015
How open source is driving DevOps innovation: CloudOpen NA 2015
 
When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?When to use Serverless? When to use Kubernetes?
When to use Serverless? When to use Kubernetes?
 
Opencast Project Update at Open Apereo 2015
Opencast Project Update at Open Apereo 2015Opencast Project Update at Open Apereo 2015
Opencast Project Update at Open Apereo 2015
 
How to Achieve more through Collaboration
How to Achieve more through Collaboration How to Achieve more through Collaboration
How to Achieve more through Collaboration
 
DevOps and Drupal
DevOps and DrupalDevOps and Drupal
DevOps and Drupal
 
OaaS:Open as a Strategy
OaaS:Open as a StrategyOaaS:Open as a Strategy
OaaS:Open as a Strategy
 
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...
OpenNTF Webinar 05/07/13: OpenNTF - The IBM Collaboration Solutions App Dev C...
 
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)
Deep Dive into the Microsoft OpenStack CI Infrastructure (Alessandro Pilotti)
 
XPDDS18: Xen Project Weather Report 2018
XPDDS18: Xen Project Weather Report 2018XPDDS18: Xen Project Weather Report 2018
XPDDS18: Xen Project Weather Report 2018
 
Continuous Delivery With Containers
Continuous Delivery With ContainersContinuous Delivery With Containers
Continuous Delivery With Containers
 
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
 
DevQAOps - Surviving in a DevOps World
DevQAOps - Surviving in a DevOps WorldDevQAOps - Surviving in a DevOps World
DevQAOps - Surviving in a DevOps World
 
Micro services may not be the best idea
Micro services may not be the best ideaMicro services may not be the best idea
Micro services may not be the best idea
 
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016DevOps as a Pathway to AWS | AWS Public Sector Summit 2016
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid
 
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and HybridAWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps and Hybrid
 
Lean Engineering: How to make Engineering a full Lean UX partner
Lean Engineering: How to make Engineering a full Lean UX partnerLean Engineering: How to make Engineering a full Lean UX partner
Lean Engineering: How to make Engineering a full Lean UX partner
 

More from Howard Greenberg

January OpenNTF Webinar - Backup your Domino Server - New Options in V12
January OpenNTF Webinar - Backup your Domino Server - New Options in V12January OpenNTF Webinar - Backup your Domino Server - New Options in V12
January OpenNTF Webinar - Backup your Domino Server - New Options in V12Howard Greenberg
 
June OpenNTF Webinar - Domino V12 Certification Manager
June OpenNTF Webinar - Domino V12 Certification ManagerJune OpenNTF Webinar - Domino V12 Certification Manager
June OpenNTF Webinar - Domino V12 Certification ManagerHoward Greenberg
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
 
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!Howard Greenberg
 
Dev112 let's calendar that
Dev112   let's calendar thatDev112   let's calendar that
Dev112 let's calendar thatHoward Greenberg
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedHoward Greenberg
 
MWLUG Session- AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...
MWLUG Session-  AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...MWLUG Session-  AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...
MWLUG Session- AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...Howard Greenberg
 
Connect 2016-Move Your XPages Applications to the Fast Lane
Connect 2016-Move Your XPages Applications to the Fast LaneConnect 2016-Move Your XPages Applications to the Fast Lane
Connect 2016-Move Your XPages Applications to the Fast LaneHoward Greenberg
 
Webinar: From Frustration to Fascination: Dissecting Replication
Webinar: From Frustration to Fascination: Dissecting ReplicationWebinar: From Frustration to Fascination: Dissecting Replication
Webinar: From Frustration to Fascination: Dissecting ReplicationHoward Greenberg
 
XPages Application Layout Control - TLCC March, 2014 Webinar
XPages Application Layout Control - TLCC March, 2014 WebinarXPages Application Layout Control - TLCC March, 2014 Webinar
XPages Application Layout Control - TLCC March, 2014 WebinarHoward Greenberg
 
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014Howard Greenberg
 
Connect 2014 - JMP102: Creating a Great XPages User Interface
Connect 2014 - JMP102: Creating a Great XPages User InterfaceConnect 2014 - JMP102: Creating a Great XPages User Interface
Connect 2014 - JMP102: Creating a Great XPages User InterfaceHoward Greenberg
 
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...Howard Greenberg
 
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!Howard Greenberg
 

More from Howard Greenberg (17)

January OpenNTF Webinar - Backup your Domino Server - New Options in V12
January OpenNTF Webinar - Backup your Domino Server - New Options in V12January OpenNTF Webinar - Backup your Domino Server - New Options in V12
January OpenNTF Webinar - Backup your Domino Server - New Options in V12
 
BRPA November Meeting
BRPA November MeetingBRPA November Meeting
BRPA November Meeting
 
June OpenNTF Webinar - Domino V12 Certification Manager
June OpenNTF Webinar - Domino V12 Certification ManagerJune OpenNTF Webinar - Domino V12 Certification Manager
June OpenNTF Webinar - Domino V12 Certification Manager
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
 
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!
July 2020 OpenNTF Webinar - Hear the Latest from the User Groups!
 
Open ntf 2020-jun
Open ntf 2020-junOpen ntf 2020-jun
Open ntf 2020-jun
 
Dev112 let's calendar that
Dev112   let's calendar thatDev112   let's calendar that
Dev112 let's calendar that
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be Hacked
 
MWLUG Session- AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...
MWLUG Session-  AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...MWLUG Session-  AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...
MWLUG Session- AD112 - Take a Trip Into the Forest - A Java Primer on Maps, ...
 
Connect 2016-Move Your XPages Applications to the Fast Lane
Connect 2016-Move Your XPages Applications to the Fast LaneConnect 2016-Move Your XPages Applications to the Fast Lane
Connect 2016-Move Your XPages Applications to the Fast Lane
 
May 2014-webinar
May 2014-webinarMay 2014-webinar
May 2014-webinar
 
Webinar: From Frustration to Fascination: Dissecting Replication
Webinar: From Frustration to Fascination: Dissecting ReplicationWebinar: From Frustration to Fascination: Dissecting Replication
Webinar: From Frustration to Fascination: Dissecting Replication
 
XPages Application Layout Control - TLCC March, 2014 Webinar
XPages Application Layout Control - TLCC March, 2014 WebinarXPages Application Layout Control - TLCC March, 2014 Webinar
XPages Application Layout Control - TLCC March, 2014 Webinar
 
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014
Creating a Great XPages User Interface, TLCC Teamstudio Webinar - Feb, 2014
 
Connect 2014 - JMP102: Creating a Great XPages User Interface
Connect 2014 - JMP102: Creating a Great XPages User InterfaceConnect 2014 - JMP102: Creating a Great XPages User Interface
Connect 2014 - JMP102: Creating a Great XPages User Interface
 
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...
Connect 2014 - BP202: Rapid XPages Development Using the Application Layout C...
 
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!
Jmp103-Get the Jump on Mobilizing Your Notes and Domino Applications Today!
 

Recently uploaded

JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)Max Lee
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAlluxio, Inc.
 
Malaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptxMalaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptxMok TH
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024Shane Coughlan
 
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1KnowledgeSeed
 
What need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersWhat need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersEmilyJiang23
 
The Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionThe Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionWave PLM
 
how-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdfhow-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdfMehmet Akar
 
How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabbereGrabber
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMarkus Moeller
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAlluxio, Inc.
 
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfkalichargn70th171
 
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesGraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesNeo4j
 
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...Andrea Goulet
 
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfMicrosoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfQ-Advise
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAlluxio, Inc.
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAShane Coughlan
 
Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Soroosh Khodami
 

Recently uploaded (20)

JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
Malaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptxMalaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptx
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024
 
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
 
What need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersWhat need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java Developers
 
The Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionThe Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion Production
 
how-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdfhow-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdf
 
How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabber
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdf
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
 
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
 
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesGraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
 
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
 
AI Hackathon.pptx
AI                        Hackathon.pptxAI                        Hackathon.pptx
AI Hackathon.pptx
 
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfMicrosoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024
 
Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024
 

February OpenNTF Webinar: Introduction to Ansible for Newbies

  • 1. OPENNTF WEBINARS February OpenNTF Webinar: Introduction to Ansible for Newbies
  • 2. AGENDA • Welcome – Howard Greenberg and Graham Acres • Christoph Stoettener, HCL Ambassador • Q and A - All
  • 3. ASKING QUESTIONS • First Question – Will this be recorded? • Yes, view on YouTube!!! • https://www.youtube.com/user/OpenNTF • Use the Questions Pane in GoToWebinar • We will get to your questions at the end of the webinar • The speakers will respond to your questions verbally • (not in the Questions pane) • Please keep all questions related to the topics that our speakers are discussing!!! • Unrelated Question => post at: • http://openntf.slack.com/
  • 4. THANKS TO THE OPENNTF SPONSORS • HCL made a significant contribution to help our organization • Funds these webinars! • Contests like Hackathons • Running the organization • Prominic donates all IT related services • Cloud Hosting for OpenNTF • Infrastructure management for HCL Domino and Atlassian Servers • System Administration for day-to-day operation
  • 5. THIS IS OUR COMMUNITY • Join us and get involved! • We are all volunteers • No effort is too small • If your idea is bigger than you can do on your own, we can connect you to a team to work on it • Test or help or modify an existing project • Write guides or documentation • Add reviews on projects / stars on Snippets
  • 6. NEXT WEBINAR • March OpenNTF Webinar: Nomad Mobile - Tips and Tricks • For Domino developers who would like to optimize their apps for Nomad. • Thomas Hampel, HCL • Maxx Sutton, HCL • Theo Heselmans, HCL Lifetime Ambassador • Tom Van Aken, HCL Ambassador • Thursday, March 18, 2021 at 11:00 AM (New York time) • www.openntf.org/webinars
  • 7. INTRODUCTION TO ANSIBLE FOR NEWBIES Christoph Stoettner <stoeps@vegardit.com> OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 1 / 60
  • 8. WHO AM I? Christoph Stoettner Senior Consultant @Vegard IT Focusing on HCL Connections deployments and migrations Ansible since 2017 — Social Connections 12 [1]  Example code on 1. github.com/stoeps13/ansible-examples share.stoeps.de/2017-10-16-ansible4connections.pdf OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 2 / 60
  • 9. HANDCRAFTED SERVERS Hard to maintain Setups are not reproducible Complicated vendor documentation Inhouse documentation outdated OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 3 / 60
  • 10. IMMUTABLE VERSUS MUTABLE SERVER Mutable infrastructure just gets updates Software 6.0 → + I x 1 + I x 2 + I x 3 In production 6.0 → i x 3 Result will be different Immutable creates a new environment with 6.0.x Migrates data after testing OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 4 / 60
  • 11. SNOWFLAKE SERVERS Special tweaks or versions needed for proper function Exception of your standards Dif cult to reproduce Fragile if they need a change OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 5 / 60
  • 12. TEST ENVIRONMENTS twitter.com/stahnma/status/634849376343429120 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 6 / 60
  • 13. WHY ARE DEDICATED TESTENVIRONMENTS IMPORTANT? Reliable testing can give you con dence during live migration Applying Fix 3 over Fix 2 over Fix 1 often different from Fix3 over Fix1 Use the same scripts to build development, test or production systems Handcrafted is always different from production OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 7 / 60
  • 14. ADVANTAGES Developer Build a development environment which is compareable to production Adminstrator Build a test environment to go through a migration OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 8 / 60
  • 15. BE AS PRECISE AS POSSIBLE Avoid different hostnames Production: example.com Test: test.example.com Better: example.com example-test.com OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 9 / 60
  • 16. HOW CAN WE SOLVE THIS? Deployment and Application development should follow a fully automated approach Avoid Snow akes Easier to have a full clone of production as test environment Reducing production bugs caused by con guration differences OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 10 / 60
  • 17. AUTOMATE DEPLOYMENTS AND CONFIGURATION CHANGES Large ecosystem of tools to do automatic deployments Puppet Chef Saltstack Ansible Wikipedia OSS Con guration Management puppet.com www.chef.io saltstack.com ansible.com OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 11 / 60
  • 18. ANSIBLE Written in Python Encryption and Security built in Easy to read (Everything is YAML) Easy to use (Extensible via modules) Uses SSH YAML Tool Kit OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 12 / 60
  • 19. ANSIBLE HISTORY Created by AnsibleWorks Inc, acquired by Red Hat in 2015 Initial release: 20. February 2012 Stable release: 2.10.6 3.0.0 announced for the 16th of February (two days ago) OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 13 / 60
  • 20. A VERY IMPORTANT TERM: IDEMPOTENCY  Mathematics denoting an element of a set which is unchanged in value when multiplied or otherwise operated on by itself OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 14 / 60
  • 21. IDEMPOTENCY — EXAMPLE Add entry to hosts Don’t add when present Change if different Restart services only when changes were made Not idempotent Idempotent echo "192.168.1.1 cnx-websphere.example.com" >> /etc/hosts grep -qxF '192.168.1.1 cnx-websphere.example.com' /etc/hosts || echo "192.168.1.1 cnx-websphere.example.com" >> /etc/hosts OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 15 / 60
  • 22. WHAT IS ANSIBLE? Helps automating tasks during installation and migration Secure (SSH) Open (tons of free playbooks) Well documented OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 16 / 60
  • 23. WHAT IS ANSIBLE NOT? A GUI Tool (Get used to console!)[1] A one click installer 1. Ansible Tower and AWX are browser tools OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 17 / 60
  • 24. ANSIBLE INSTALLATION pip install ansible on the machine you want to run it Newer version than distribution package Needs internet connection targets need at least ssh and python installed OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 18 / 60
  • 25. WINDOWS AND ANSIBLE Ansible "server" needs Linux (but works with WSL) Windows support through Windows Remote Shell (WinRM) SSH OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 19 / 60
  • 26. INVENTORY INI OR YAML FORMAT [leafs] leaf01.example.com leaf02.example.com [spines] spine01.example.com spine02.example.com [network:children] leafs spines --- leafs: hosts: leaf01.example.com: leaf02.example.com: spines: hosts: spine01.example.com: spine02.example.com: network: children: leafs: spines: OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 20 / 60
  • 27. VARIABLES IN INVENTORIES [leafs] leaf01.example.com leaf02.example.com [leafs:vars] username=abc --- leafs: hosts: leaf01: leaf02: vars: username: abc OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 21 / 60
  • 28. VARIABLES Lots of places to de ne Presedence important for large environments  no hyphens in variable names! Allowed variable Not allowed variable ldap_user: abc ldap-user: abc docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 22 / 60
  • 29. PLAYBOOK Run commands (so called tasks) on your inventory servers Select servers or server groups Roles Tasks Handlers OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 23 / 60
  • 30. TASKS Lots of modules built-in Package install Copy and Edit les Create les and folders (directly and with templates) Manage services Command Shell Sudo aware Become: true Become_user: xyz OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 24 / 60
  • 31. TASKS FOR DIFFERENT OS 1 or use yum 2 valid terms are Redhat | Darwin | Debian | Windows 3 or use apt 4 check OS family (Debian) or distribution ... tasks: - name: Install mkpasswd package: name: whois state: present when: ansible_os_family == "Redhat" - name: Install mkpasswd package: name: expect state: present when: ansible_distribution == "Ubuntu" 1 2 3 4 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 25 / 60
  • 32. EXAMPLE (BUILD AN ANSIBLE ROLE) Most products of IBM or HCL need disabled SELinux during installation So let’s disable SELinux on a host Additional steps will be Con gure limits.conf Reboot after changes Create a user Install packages with yum All example les can be found at Branches named for the steps github.com/stoeps13/ansible-examples OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 26 / 60
  • 33. DISABLE SELINUX (INVENTORY) inventory 1 if hostname is resolvable that is enough Sometimes you need to add IP or SSH Port! For example [websphere_servers] cnx-was.stoeps.internal 1 [websphere_servers] cnx-was.stoeps.internal ansible_host=10.0.11.101 ansible_port=2222 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 27 / 60
  • 34. SET SELINUX TO permissive playbook.yml 1 Run this tasks on this server group 2 Use sudo to execute command 3 sudo to user root 4 tasks (one or multiple tasks) 5 use module selinux 6 policy and state are arguments / parameters for module selinux --- - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive 1 2 3 4 5 6 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 28 / 60
  • 35. Ansible Workshop - step1 Ansible Workshop - step1 Watch later Watch later Share Share 0:00 0:00 / / 0:35 0:35 youtu.be/g8OvWIcmNgU OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 29 / 60
  • 36. DISPLAY A MESSAGE playbook.yml 1 register a variable to keep the status of this task 2 run only when the task had status changed --- - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive register: selinux_status - debug: msg: "SELinux changed. Please reboot the server to apply changes" when: selinux_status.changed == true 1 2 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 30 / 60
  • 37. Ansible Workshop - step2 Ansible Workshop - step2 Watch later Watch later Share Share 0:00 0:00 / / 0:12 0:12 youtu.be/HPFuliVmtBE OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 31 / 60
  • 38. RUN REBOOT AS A TASK playbook.yml 1 imagine multiple tasks, you’ll end up with tons of variables and complicated when clauses --- - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive register: selinux_status - name: reboot reboot: msg: "Reboot initiated from Ansible" connect_timeout: 30 reboot_timeout: 120 test_command: whoami when: selinux_status.changed == true 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 32 / 60
  • 39. Ansible Workshop - step3 Ansible Workshop - step3 Watch later Watch later Share Share 0:00 0:00 / / 0:25 0:25 youtu.be/JeeZMPitUs4 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 33 / 60
  • 40. HANDLER No need to register a variable Just notify the handler (runs only when task status has changed) 1 Notify the handler that status has changed hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive notify: reboot handlers: - name: reboot reboot: msg: "Reboot initiated from Ansible" connect_timeout: 30 reboot_timeout: 120 test_command: whoami 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 34 / 60
  • 41. Ansible Workshop - step4 Ansible Workshop - step4 Watch later Watch later Share Share 0:00 0:00 / / 0:29 0:29 youtu.be/OLmGwdNncUM OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 35 / 60
  • 42. ADD MORE TASKS 1 Reuse the same handler as before (one task must be status changed for a reboot) --- - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive notify: reboot - name: set number of open files in limits.conf pam_limits: domain: root limit_type: '-' limit_item: nofile value: "65535" notify: reboot handlers: - name: reboot reboot: msg: "Reboot initiated from Ansible" connect_timeout: 30 reboot_timeout: 120 test_command: whoami 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 36 / 60
  • 43. Ansible Workshop - step5 Ansible Workshop - step5 Watch later Watch later Share Share 0:00 0:00 / / 0:53 0:53 youtu.be/ya5TXDRSsHk OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 37 / 60
  • 44. INSTALL A PACKAGE 1 flush_handler initiates the handler to run if needed, normally it runs on the end of the role/playbook --- - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive notify: reboot - name: Reboot if necessary meta: flush_handlers - name: install compatibility package for installation manager package: name: compat-libstdc++-33.x86_64 state: present handlers: - name: reboot reboot: msg: "Reboot initiated from Ansible" connect_timeout: 30 reboot_timeout: 120 test_command: whoami 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 38 / 60
  • 45. Ansible Workshop - step6a Ansible Workshop - step6a Watch later Watch later Share Share 0:00 0:00 / / 0:29 0:29 youtu.be/HO1dkKlzQd0 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 39 / 60
  • 46. REMOVED flush_handlers Ansible Workshop - step6c Ansible Workshop - step6c Watch later Watch later Share Share 0:00 0:00 / / 0:24 0:24 youtu.be/B4b0LZAhl9c OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 40 / 60
  • 47. INSTALL MULTIPLE PACKAGES 1 placeholder variable 2 all items will be installed - name: install compatibility packages for installation manager package: name: "{{ item }}" state: present with_items: - compat-libstdc++-33.x86_64 - compat-libstdc++-33.i686 - libstdc++.x86_64 1 2 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 41 / 60
  • 48. Ansible Workshop - step7 Ansible Workshop - step7 Watch later Watch later Share Share 0:00 0:00 / / 2:06 2:06 youtu.be/DhGghnYgG0k OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 42 / 60
  • 49. ADD ADDITIONAL SERVERS 1 Add a second server group 2 Add children of the servergroups to installationmanager [websphere_servers] cnx-was.stoeps.internal ansible_host=10.0.11.100 [web_servers] cnx-web.stoeps.internal ansible_host=10.0.11.101 [installationmanager:children] web_servers websphere_servers 1 2 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 43 / 60
  • 50. ADD SECOND HOSTGROUP 1 tasks for the new hostgroup (will install package to both server groups --- - hosts: websphere_servers tasks: - name: ensure selinux is set to permissive selinux: [...] handlers: - name: reboot [...] - hosts: installationmanager tasks: - name: install compatibility package for installation manager package: name: "{{ item }}" state: present with_items: - compat-libstdc++-33.x86_64 - compat-libstdc++-33.i686 - libstdc++.x86_64 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 44 / 60
  • 51. Ansible Workshop - step8 Ansible Workshop - step8 Watch later Watch later Share Share 0:00 0:00 / / 2:22 2:22 youtu.be/P55Dp5EwpBY OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 45 / 60
  • 52. ADD A GROUP AND A USER 1 Module needs hash, calculate with python -c "import crypt; print crypt.crypt('password')" - name: add group for WebSphere users group: name: was state: present - name: add user for im and websphere (non_root) user: name: wassys comment: WebSphere user uid: 2000 group: was shell: /bin/bash state: present password: "$6$40GE6/6h6A4UhpBT$kPtpBLe3Komc2bmadagr6S.v0/VRPJoJunEaMl5PBhAb4F5FTWsZff/6CYtTQlVm8Qa2wya4HV 1 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 46 / 60
  • 53. Ansible Workshop - step9 Ansible Workshop - step9 Watch later Watch later Share Share 0:00 0:00 / / 0:29 0:29 youtu.be/z06fB5WRLyE OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 47 / 60
  • 54. USE VARIABLES Add to inventory 1 Calculate the password hash 2 register variable 3 Use stdout (output of hash command) for password hash ... [installationmanager:vars] was_user=wassys was_user_password=password - name: hash user password shell: "python -c "import crypt; print crypt.crypt('{{ was_user_password }}')"" register: was_user_password_hash changed_when: false - name: add user for im and websphere (non_root) user: name: "{{ was_user }}" comment: WebSphere user uid: 2000 state: present update_password: on_create password: "{{ was_user_password_hash.stdout }}" 1 2 3 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 48 / 60
  • 55. Ansible Workshop - step10 Ansible Workshop - step10 Watch later Watch later Share Share 0:00 0:00 / / 0:27 0:27 youtu.be/GPxHlQuU7N8 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 49 / 60
  • 56. CREATE SEPARATE ROLES playbook.yml 1 put into roles/ansible-demo2/tasks/main.yml 2 put into roles/ansible-demo2/handlers/main.yml - hosts: websphere_servers become: yes become_user: root tasks: - name: ensure selinux is set to permissive selinux: policy: targeted state: permissive notify: reboot ... handlers: - name: reboot reboot: msg: "Reboot initiated from Ansible" connect_timeout: 30 reboot_timeout: 120 test_command: whoami 1 2 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 50 / 60
  • 57. VARIABLES DEFAULTS Add a folder defaults to the role Add used variables and their defaults So even when you forget to de ne the variable, the role will run ansible_demo2/defaults/main.yaml 1 add a variable and read the value from variable was_user, if not present use default wassys 2 default password __websphere_user: "{{ was_user | default('wassys') }}" __websphere_user_password: "{{ was_user_password | default('password') }}" 1 2 OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 51 / 60
  • 58. Ansible Workshop - step11 Ansible Workshop - step11 Watch later Watch later Share Share 0:00 0:00 / / 0:21 0:21 youtu.be/Yca0gHKOkxI OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 52 / 60
  • 59. USE ANSIBLE VAULT TO SECURE THE PASSWORD move the variables to group_vars/installationmanager.yml passwords to group_vars/all.yaml encrypt all.yml ansible-vault encrypt group_vars/all.yml ansible-playbook -i inventory playbook.yml --ask-vault-pass OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 53 / 60
  • 60. Ansible Workshop - step12 Ansible Workshop - step12 Watch later Watch later Share Share 0:00 0:00 / / 0:34 0:34 youtu.be/Ktyy3MKeoRQ OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 54 / 60
  • 61. RUN ANSIBLE PLAYBOOK Manually through your shell Ansible Tower (enterprise server, $$$) On Windows use Windows Subsystem for Linux (WSL) Ansible AWX Jenkins (Pipeline) Directly during provisioning of Vagrant and Terraform github.com/ansible/awx OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 55 / 60
  • 62. WHERE TO FIND ROLES? Simple said: Download or write them Check Download role ansible-playbook install … roles and collections make Ansible modular Download complete repositories like connections-automation galaxy.ansible.com OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 56 / 60
  • 63. SECURITY How do we store passwords or deployment keys Ansible Vault AES265 encrypted Encrypted during ansible-playbook run Ansible AWX Allow users to run tasks and playbooks against hosts without having a root or user account on it OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 57 / 60
  • 64. WHERE TO START (LINKS) Documentation Books Jeff Geerling: Ansible for Devops Youtube docs.ansible.com/intro_getting_started.html github.com/orgs/ansible/people Ansible 101 with Jeff Geerling Build and deploy container images and containers OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 58 / 60
  • 65. ADMINISTRATOR OR DEVELOPER Have a look at Ansible Saves you a ton of time Easy to deploy Easy to deploy different environments Dev QA Test Production KISS OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 59 / 60
  • 66. CONNECTIONS CUSTOMERS Have a look at github.com/HCL-TECH-SOFTWARE/connections-automation OpenNTF Webinar This work is licensed under a Christoph Stoettner · @stoeps Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License 60 / 60
  • 67. QUESTIONS? Use the GoToWebinar Questions Pane Please keep all questions related to the topics that our speakers are discussing!!! Unrelated Question => post at: http://openntf.slack.com/