SlideShare a Scribd company logo
1 of 42
Download to read offline
Make your Ansible playbooks
flexible / maintainable / scalable
J E F F G E E R L I N G ( @ G E E R L I N G G U Y)
# A N S I B L E FEST
D E V E L O P E R
A U T H O R
P H O T O G R A P H E R
H O S T E D A PA C H E S O L R
D R U PA L V M &
M A C D E V P L AY B O O K
M E D I A
E C O M M E R C E P L AT F O R M
L E S S O N S L E A R N E D
1. Stay organized
2. Test early and often
3. Simplify, optimize
S TAY O R G A N I Z E D
• Playbooks always run from build server















– J E F F G E E R L I N G
“If it's important,
it will be forgotten.”
R E A D M E
1. Purpose
2. Links (CI, docs, issue tracking)
3. Instructions for local testing
S M A L L F I L E S
• < 100 lines per file
• Start by splitting out related tasks with
include_*
• Progress to single-responsibility roles
R O L E S
• Make roles generic
• Share roles among projects
• Contribute to / use from Galaxy?
T E S T E A R LY A N D O F T E N
The Ansible CI Spectrum
• yamllint
• ansible-playbook --syntax-check
• ansible-lint
• molecule test (integration)
• ansible-playbook --check (against prod)
• Parallel infrastructure
• yamllint
• ansible-playbook --syntax-check
• ansible-lint
• molecule test (integration)
• ansible-playbook --check (against prod)
• Parallel infrastructure
increasing
complexity
• Heed [DEPRECATION WARNING]s
• Read through porting guides
• Disable annoying WARN messages:
• Heed [DEPRECATION WARNING]s
• Read through porting guides
• Disable annoying WARN messages:
- name: Check if firewalld is installed.

command: yum list installed firewalld

args:

warn: no

register: firewalld_installed
• Target latest Ansible release
• Keep CI environment updated
S I M P L I F Y, O P T I M I Z E
S I M P L I F Y, O P T I M I Z E
– J E F F G E E R L I N G
“YAML is not a
programming language.”
• Prefer simple, flat variables over dicts
• Prefer simple, flat variables over dicts
apache:

startservers: 2

maxclients: 2!
• Prefer simple, flat variables over dicts
apache:

startservers: 2

maxclients: 2!
apache_startservers: 2

apache_maxclients: 250
✅
• Prefer simple, flat variables over dicts
apache:

startservers: 2

maxclients: 2!
apache_startservers: 2

apache_maxclients: 250
✅
S P E E D
• CI is useless if slow
S P E E D
• CI is useless if slow
• Disable gather_facts if not needed
• forks config - fully utilize resources
S P E E D
M O D U L E S
• package - pass list to name instead of a loop
• copy - only for single files or small dirs
• lineinfile - try to switch to template
instead of looping on one file
[defaults]

callback_whitelist = profile_roles, profile_tasks, timer
Monday 10 September 22:31:08 -0500 (0:00:00.851) 0:01:08.824 ******
===============================================================================
geerlingguy.docker ------------------------------------------------------ 9.65s
geerlingguy.security ---------------------------------------------------- 9.33s
geerlingguy.nginx ------------------------------------------------------- 6.65s
geerlingguy.firewall ---------------------------------------------------- 5.39s
geerlingguy.munin-node -------------------------------------------------- 4.51s
copy -------------------------------------------------------------------- 4.34s
geerlingguy.backup ------------------------------------------------------ 4.14s
geerlingguy.htpasswd ---------------------------------------------------- 4.13s
geerlingguy.ntp --------------------------------------------------------- 3.94s
geerlingguy.swap -------------------------------------------------------- 2.71s
template ---------------------------------------------------------------- 2.64s
...
[defaults]

callback_whitelist = profile_roles, profile_tasks, timer
Try other callback plugins!
(my fave: yaml)
L E S S O N S L E A R N E D
1. Stay organized
2. Test early and often
3. Simplify, optimize
T H A N K Y O U !
# A N S I B L E FEST

More Related Content

What's hot

What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
Simplilearn
 
Investigation of testing with ansible
Investigation of testing with ansibleInvestigation of testing with ansible
Investigation of testing with ansible
Dennis Rowe
 

What's hot (20)

Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUp
 
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
 
Ansible Crash Course
Ansible Crash CourseAnsible Crash Course
Ansible Crash Course
 
Serverspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collideServerspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collide
 
Kernelci.org needs you!
Kernelci.org needs you!Kernelci.org needs you!
Kernelci.org needs you!
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using Ansible
 
OSDC2014: Testing Server Infrastructure with #serverspec
OSDC2014: Testing Server Infrastructure with #serverspecOSDC2014: Testing Server Infrastructure with #serverspec
OSDC2014: Testing Server Infrastructure with #serverspec
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for Infrastructure
 
Continuous Updating with VersionEye at code.talks 2014
Continuous Updating with VersionEye at code.talks 2014Continuous Updating with VersionEye at code.talks 2014
Continuous Updating with VersionEye at code.talks 2014
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)
 
Verifying your Ansible Roles using Docker, Test Kitchen and Serverspec
Verifying your Ansible Roles using Docker, Test Kitchen and ServerspecVerifying your Ansible Roles using Docker, Test Kitchen and Serverspec
Verifying your Ansible Roles using Docker, Test Kitchen and Serverspec
 
Ansible introduction - XX Betabeers Galicia
Ansible introduction - XX Betabeers GaliciaAnsible introduction - XX Betabeers Galicia
Ansible introduction - XX Betabeers Galicia
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
 
Investigation of testing with ansible
Investigation of testing with ansibleInvestigation of testing with ansible
Investigation of testing with ansible
 
Ansible for large scale deployment
Ansible for large scale deploymentAnsible for large scale deployment
Ansible for large scale deployment
 
Hacking on WildFly 9
Hacking on WildFly 9Hacking on WildFly 9
Hacking on WildFly 9
 
Inside the Chef Push Jobs Service - ChefConf 2015
Inside the Chef Push Jobs Service - ChefConf 2015 Inside the Chef Push Jobs Service - ChefConf 2015
Inside the Chef Push Jobs Service - ChefConf 2015
 
Monitoring Open Source Databases with Icinga
Monitoring Open Source Databases with IcingaMonitoring Open Source Databases with Icinga
Monitoring Open Source Databases with Icinga
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
 
Ansible 101 - Presentation at Ansible STL Meetup
Ansible 101 - Presentation at Ansible STL MeetupAnsible 101 - Presentation at Ansible STL Meetup
Ansible 101 - Presentation at Ansible STL Meetup
 

Similar to Make your Ansible playbooks maintainable, flexible, and scalable

Javascript done right - Open Web Camp III
Javascript done right - Open Web Camp IIIJavascript done right - Open Web Camp III
Javascript done right - Open Web Camp III
Dirk Ginader
 

Similar to Make your Ansible playbooks maintainable, flexible, and scalable (20)

Linux Shell Scripting Craftsmanship
Linux Shell Scripting CraftsmanshipLinux Shell Scripting Craftsmanship
Linux Shell Scripting Craftsmanship
 
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017
 
Common Challenges in DevOps Change Management
Common Challenges in DevOps Change ManagementCommon Challenges in DevOps Change Management
Common Challenges in DevOps Change Management
 
Adding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17xAdding Security to Your Workflow With InSpec - SCaLE17x
Adding Security to Your Workflow With InSpec - SCaLE17x
 
InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017InSpec Workshop DevSecCon 2017
InSpec Workshop DevSecCon 2017
 
DevSecCon London 2017: Inspec workshop by Mandi Walls
DevSecCon London 2017: Inspec workshop by Mandi WallsDevSecCon London 2017: Inspec workshop by Mandi Walls
DevSecCon London 2017: Inspec workshop by Mandi Walls
 
DevOpsDays InSpec Workshop
DevOpsDays InSpec WorkshopDevOpsDays InSpec Workshop
DevOpsDays InSpec Workshop
 
Ingite Slides for InSpec
Ingite Slides for InSpecIngite Slides for InSpec
Ingite Slides for InSpec
 
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
 
Prescriptive System Security with InSpec
Prescriptive System Security with InSpecPrescriptive System Security with InSpec
Prescriptive System Security with InSpec
 
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019
 
DevOps for database
DevOps for databaseDevOps for database
DevOps for database
 
Ceph Deployment at Target: Customer Spotlight
Ceph Deployment at Target: Customer SpotlightCeph Deployment at Target: Customer Spotlight
Ceph Deployment at Target: Customer Spotlight
 
Ceph Deployment at Target: Customer Spotlight
Ceph Deployment at Target: Customer SpotlightCeph Deployment at Target: Customer Spotlight
Ceph Deployment at Target: Customer Spotlight
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practices
 
Javascript done right - Open Web Camp III
Javascript done right - Open Web Camp IIIJavascript done right - Open Web Camp III
Javascript done right - Open Web Camp III
 

More from Jeff Geerling

More from Jeff Geerling (20)

Continuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub ActionsContinuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub Actions
 
2020 Drupal Local Development Tools Survey - CMS Philly
2020 Drupal Local Development Tools Survey - CMS Philly2020 Drupal Local Development Tools Survey - CMS Philly
2020 Drupal Local Development Tools Survey - CMS Philly
 
There's a role for that! (AnsibleFest 2019)
There's a role for that! (AnsibleFest 2019)There's a role for that! (AnsibleFest 2019)
There's a role for that! (AnsibleFest 2019)
 
Everything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi clusterEverything I know about Kubernetes I learned from a Raspberry Pi cluster
Everything I know about Kubernetes I learned from a Raspberry Pi cluster
 
Real World DevOps - Jeff Geerling's NEDCamp 2018 Keynote
Real World DevOps - Jeff Geerling's NEDCamp 2018 KeynoteReal World DevOps - Jeff Geerling's NEDCamp 2018 Keynote
Real World DevOps - Jeff Geerling's NEDCamp 2018 Keynote
 
Ansible and Kubernetes
Ansible and KubernetesAnsible and Kubernetes
Ansible and Kubernetes
 
Drupal VM for Drupal 8 Dev - Drupal Camp STL 2017
Drupal VM for Drupal 8 Dev - Drupal Camp STL 2017Drupal VM for Drupal 8 Dev - Drupal Camp STL 2017
Drupal VM for Drupal 8 Dev - Drupal Camp STL 2017
 
Drupal VM for Drupal 8 Dev - MidCamp 2017
Drupal VM for Drupal 8 Dev - MidCamp 2017Drupal VM for Drupal 8 Dev - MidCamp 2017
Drupal VM for Drupal 8 Dev - MidCamp 2017
 
ProTips for Staying Sane while Working from Home
ProTips for Staying Sane while Working from Home ProTips for Staying Sane while Working from Home
ProTips for Staying Sane while Working from Home
 
Highly available Drupal on a Raspberry Pi cluster
Highly available Drupal on a Raspberry Pi clusterHighly available Drupal on a Raspberry Pi cluster
Highly available Drupal on a Raspberry Pi cluster
 
Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2
 
High Performance Drupal
High Performance DrupalHigh Performance Drupal
High Performance Drupal
 
Ansible for Drupal infrastructure and deployments
Ansible for Drupal infrastructure and deploymentsAnsible for Drupal infrastructure and deployments
Ansible for Drupal infrastructure and deployments
 
Ansible + Drupal: A Fortuitous DevOps Match
Ansible + Drupal: A Fortuitous DevOps MatchAnsible + Drupal: A Fortuitous DevOps Match
Ansible + Drupal: A Fortuitous DevOps Match
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!
 
Drupal 8 - A Brief Introduction
Drupal 8 - A Brief IntroductionDrupal 8 - A Brief Introduction
Drupal 8 - A Brief Introduction
 
Server Check.in case study - Drupal and Node.js
Server Check.in case study - Drupal and Node.jsServer Check.in case study - Drupal and Node.js
Server Check.in case study - Drupal and Node.js
 
Local Dev on Virtual Machines - Vagrant, VirtualBox and Ansible
Local Dev on Virtual Machines - Vagrant, VirtualBox and AnsibleLocal Dev on Virtual Machines - Vagrant, VirtualBox and Ansible
Local Dev on Virtual Machines - Vagrant, VirtualBox and Ansible
 
Florissant TIF - Cross Keys Redevelopment
Florissant TIF - Cross Keys RedevelopmentFlorissant TIF - Cross Keys Redevelopment
Florissant TIF - Cross Keys Redevelopment
 
How to Build a Drupal Module
How to Build a Drupal ModuleHow to Build a Drupal Module
How to Build a Drupal Module
 

Recently uploaded

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 

Recently uploaded (20)

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 

Make your Ansible playbooks maintainable, flexible, and scalable

  • 1. Make your Ansible playbooks flexible / maintainable / scalable J E F F G E E R L I N G ( @ G E E R L I N G G U Y) # A N S I B L E FEST
  • 2. D E V E L O P E R A U T H O R P H O T O G R A P H E R
  • 3. H O S T E D A PA C H E S O L R
  • 4. D R U PA L V M & M A C D E V P L AY B O O K
  • 5. M E D I A E C O M M E R C E P L AT F O R M
  • 6. L E S S O N S L E A R N E D 1. Stay organized 2. Test early and often 3. Simplify, optimize
  • 7.
  • 8. S TAY O R G A N I Z E D
  • 9.
  • 10. • Playbooks always run from build server
 
 
 
 
 
 
 

  • 11. – J E F F G E E R L I N G “If it's important, it will be forgotten.”
  • 12. R E A D M E 1. Purpose 2. Links (CI, docs, issue tracking) 3. Instructions for local testing
  • 13. S M A L L F I L E S • < 100 lines per file • Start by splitting out related tasks with include_* • Progress to single-responsibility roles
  • 14. R O L E S • Make roles generic • Share roles among projects • Contribute to / use from Galaxy?
  • 15.
  • 16.
  • 17. T E S T E A R LY A N D O F T E N
  • 18.
  • 19. The Ansible CI Spectrum
  • 20. • yamllint • ansible-playbook --syntax-check • ansible-lint • molecule test (integration) • ansible-playbook --check (against prod) • Parallel infrastructure
  • 21. • yamllint • ansible-playbook --syntax-check • ansible-lint • molecule test (integration) • ansible-playbook --check (against prod) • Parallel infrastructure increasing complexity
  • 22.
  • 23. • Heed [DEPRECATION WARNING]s • Read through porting guides • Disable annoying WARN messages:
  • 24. • Heed [DEPRECATION WARNING]s • Read through porting guides • Disable annoying WARN messages: - name: Check if firewalld is installed.
 command: yum list installed firewalld
 args:
 warn: no
 register: firewalld_installed
  • 25. • Target latest Ansible release • Keep CI environment updated
  • 26. S I M P L I F Y, O P T I M I Z E
  • 27. S I M P L I F Y, O P T I M I Z E
  • 28. – J E F F G E E R L I N G “YAML is not a programming language.”
  • 29.
  • 30. • Prefer simple, flat variables over dicts
  • 31. • Prefer simple, flat variables over dicts apache:
 startservers: 2
 maxclients: 2!
  • 32. • Prefer simple, flat variables over dicts apache:
 startservers: 2
 maxclients: 2! apache_startservers: 2
 apache_maxclients: 250 ✅
  • 33. • Prefer simple, flat variables over dicts apache:
 startservers: 2
 maxclients: 2! apache_startservers: 2
 apache_maxclients: 250 ✅
  • 34. S P E E D
  • 35. • CI is useless if slow S P E E D
  • 36. • CI is useless if slow • Disable gather_facts if not needed • forks config - fully utilize resources S P E E D
  • 37. M O D U L E S • package - pass list to name instead of a loop • copy - only for single files or small dirs • lineinfile - try to switch to template instead of looping on one file
  • 39. Monday 10 September 22:31:08 -0500 (0:00:00.851) 0:01:08.824 ****** =============================================================================== geerlingguy.docker ------------------------------------------------------ 9.65s geerlingguy.security ---------------------------------------------------- 9.33s geerlingguy.nginx ------------------------------------------------------- 6.65s geerlingguy.firewall ---------------------------------------------------- 5.39s geerlingguy.munin-node -------------------------------------------------- 4.51s copy -------------------------------------------------------------------- 4.34s geerlingguy.backup ------------------------------------------------------ 4.14s geerlingguy.htpasswd ---------------------------------------------------- 4.13s geerlingguy.ntp --------------------------------------------------------- 3.94s geerlingguy.swap -------------------------------------------------------- 2.71s template ---------------------------------------------------------------- 2.64s ... [defaults]
 callback_whitelist = profile_roles, profile_tasks, timer
  • 40. Try other callback plugins! (my fave: yaml)
  • 41. L E S S O N S L E A R N E D 1. Stay organized 2. Test early and often 3. Simplify, optimize
  • 42. T H A N K Y O U ! # A N S I B L E FEST