The document discusses using Ansible to automate tasks beyond just Linux systems. It begins by introducing the speaker, Steve Clatterbuck from Red Hat, and his background with automation. He then provides an overview of World Wide Technology and their partnership with Red Hat. The rest of the document focuses on why automation is important and beneficial, how to get started with Ansible, the advantages of using Ansible and Ansible Tower, and demonstrates how Ansible can be used to automate other systems like Cisco NXOS and F5 devices.
1. Ansible for Everything Else
PRESENTED BY
Steve Clatterbuck
Red Hat Practice Architect, WWT
2. Questions: PSDevelopment@wwt.com
• Red Hat PS Practice Architect at World Wide Technology
• 15 years Sysadmin'ing around with Unix/Linux
• Started automating Operations in 2009 (ish)
• Not a programmer/developer
• Main focus areas are OpenShift Infrastructure, Ansible Tower, and
CloudForms
About Me
3. Questions: PSDevelopment@wwt.com
• Red Hat Business Transformation Partner of the Year 2018
• Red Hat Premier Partner
• F5 Platinum Partner
• Cisco super premier awesome gold biggest partner ever in the
world. (Gold)
About World Wide Technology
5. Questions: PSDevelopment@wwt.com
My journey with Automation
• Worked for a large payment processor
• Automated the Linux builds
• Everything outside of Linux was manual
• Outages we commonplace
6. Questions: PSDevelopment@wwt.com
Why should we automate?
• You shouldn't be doing anything manual that can be automated
• Less human errors
• Leads to a more stable environment
• Get your life back
7. Questions: PSDevelopment@wwt.com
How do you get started?
• VCS
• Start Small, Win Big
• Paired "Programming"
• Keep building, doing more and more challanging tasks
What's your biggest hurdle in automating your entire infrastructure? The most common answer we hear is, people. Now you can learn how tearing down silos and working as a cross-functional team can lead to automation throughout your infrastructure. Almost anything is possible with Ansible and we’re here to show you that Infrastructure as Code is real! Don’t just learn how to automate things like Cisco, F5,and your virtualization stack, but understand why, so you can go back to the office and turn the automation buzzword into a reality.
Ask about linux, windows, storage, network and security admins in the crowd.
How many of you work in silos?
When I started at my old company, everything linux/unix was done manually, or via perlscripts, stored on laptops, or a shared drive. I knew that we could use a configuration management tool to automate these manual tasks. There was a ton of firefighting (unplanned work) going on, and it was chaotic. Change boards took hours, we constantly had incident mangement calls (war rooms), and it wasn't a very good place to work.
Why I chose ansible? I had experience with Puppet, but I knew it would be a hard sell due to the learning curve. Ansible was simple, and let me do what I needed to do. We automated every aspect of Linux management, and builds. It took about 6 months. This eliminated 3am changes, and life got good.
We were a silo. None of the other teams wanted to automate, nor had time to automate. Management didn't support work stoppages to take time to automate. We decided to extend our services :) We worked in conjuction with the storage, Windows, and compute teams to help them use Ansible to automate the simple tasks that they were doing.
Why would you want to do things manually when a computer can do it for you? Doing repetitive, manual tasks keeps you from being able to work on things that matter; project work, new features within the company, or automating more things
Humans are error prone. How many times did someone type the wrong command, change the wrong setting, or just screwed something up? Even automating small tasks, that a level 1 or offshore team does, reduces errors.
The side affect of all this is going to be more stability. With more stability, comes more trust from executives, less all nighters, and the opportunity for you, and your company, to do things you want to do. (or just kick back and relax, whatever)
With all this stability, you're going to get your life back. Be able to leave work at work, leading to a better quality of life.
The first thing you need is a Version Control System, like Git. You don't want to store code on a server or laptop. This is counter productive. Learn to collaborate with each other in a tool like Git.
The first thing to tackle is something easy, that's annoying. These tasks may not seem like that big of a deal, but over time, these things build up, and you'd be surprised how much time you spend doing them.
Keep challanging yourself to do more difficult tasks.
You may not know a certain technology, such as Cisco, or F5, but you can work with your counterparts that do know them.
Measure your success!!!!!!! If you have a ticketing system or something like that, show management how your ticket time has gone down. Eventually, if you keep building and doing more with Automation, you'll get to the point where tickets will be open for seconds, not days. Hell, you even may be able to get rid of tickets.
The backend of Ansible is written in Python. I've been using Ansible for a long time now, and I rarely ever have to write anything in Python (and I'm a consultant). All playbooks are written in YAML, which is easy to learn. There's no custom DSL to learn, and no deep knowledge or programming required. It's literally just knowing where to put spaces, for the most part. On top of that, there's tools that will auto check (lint) your YAML.
NO AGENTS... I don't want to manage software that manages my software. This also gives ansible the edge on managing network devices. No need for a proxy host. The competition is actually trying to play catchup on this.
3 ports you'll need. SSH, WINRM, and HTTP/S. You don't have to have the firewall team pull off a miracle to make your CM software work
The API is without a doubt the best feature (to me) in tower. I can call Ansible plays in Tower from CloudForms, ServiceNow, etc. It's simple. I hear all the time from Automation pros that they don't need Tower, when they can just use ansible core. While this may be true for THEM, this may not be true for everyone else. You don't want to be that engineer that is the only one comfortable with the command line. Your Tier 1 NOC folks might want a button, or a workflow. You also really have to have a team that understands version control via the command line, and if you don't, it can lead to a huge mess.
Enterprise grade RBAC Support
Central reporting
Integration with most VCS. Subversion, Git, etc.
GUI... Same thing I said earlier... some may not be comfortable with the command line.
Templates rock... Workflows rock even more. You can string together Templates in a Workflow very easily in Tower.
Surveys are awesome. You can give people options to choose, as well as let them enter their own values. You write the play on the backend, all they have to do is fill in the information that they know.
This isn't an all inclusive list.... far from it. But this gives you an idea of what we can do with Ansible
- Networks, an amazing selection of Cisco Operating Systems, platforms and feature... the list is exhaustive
- F5. Manage GTM, LTM and the device itself.
- Compute... VMware, Ovirt, Hyper-V, etc etc
- Containers. OpenShift
- Storage... Robust selection of providers. NetApp, Gluster, and even EMC is starting to come along.
- All major cloud providers.