SlideShare a Scribd company logo
IT AUTOMATION MADE EASY - INTRO
Marcelo Quintiliano da Silva
Technical Account Manager - Red Hat
marcelo.quintiliano@gmail.com
ABOUT THE MEETUP ANSIBLE SP
● A series of 50 min presentations + 10 min Q&A
● Hands On always it's possible
● Time to exchange ideas
● Suggested topics and presenters are very welcome
AGENDA
● WHAT IS ANSIBLE?
● ANSIBLE CORE COMPONENTS
● ANSIBLE CLI TIPS & TRICKS
● ANSIBLE GALAXY
● PROTECTING SENSITIVE DATA IN PLAYBOOKS
● DEMO SESSION
● ADDITIONAL REFERENCES
SIMPLE
● Human readable
automation
● No special coding skills
needed
● Tasks executed in
predefined order
Get productive
quickly
Orchestrate the App
lifecycle
More efficient and
secure
POWERFUL
● Application deployments
● Continuous delivery
● Beyond just servers
AGENTLESS
● Agentless architecture
● Uses OpenSSH and
WinRM
● No exploits or updates
IS INFRASTRUCTURE AS A CODE…
It’s a simple automation language that can perfectly describe an IT application infrastructure in Ansible Playbooks. It's also an
automation engine that runs the Ansible Playbooks.
Ansible is an open source IT configuration management, deployment, and orchestration tool, based on Python.
Designed to be minimal in nature, consistent, secure, and highly reliable, with an extremely low learning curve for administrators,
developers, and IT managers.
REQUIREMENTS
● CONTROL NODE
1. Ansible can be run from any machine with Python 2.6 or 2.7
● MANAGED NODES
1. Linux/Unix
1.1. SSH
1.2. Python 2.4 or later
1.2.1. ​If running less than Python 2.5 on the managed nodes, the package "python-simplejson" is required.
2. Windows (Ansible 1.7+) - enable and configure PowerShell remoting 3.0+ (WinRM)
HOW ANSIBLE WORKS
● Ansible works by connecting from the control node to your managed nodes and pushing out small programs, called "Ansible
modules" to them. These programs are written to be resource models of the desired state of the system.
● Ansible then executes these modules (over SSH by default) in the order they are specified in the playbook(s), and removes
them when finished.
*API - Available on
Ansible Tower
ANSIBLE USE CASES
PROVISIONING
ORCHESTRATION
CONFIGURATION
MANAGEMENT
APPLICATION
DEPLOYMENT
SECURITY &
COMPLIANCE
CONTINUOUS
DELIVERY
CORE COMPONENTS
● INVENTORIES
● MODULES
● VARIABLES
● FACTS
● PLAYS
● PLAYBOOKS
● CONFIGURATION FILES
INVENTORIES
Defines which hosts Ansible manages
Static - Defined in simple text files, a host can be member of more than one group, which is useful to identify the hosts' role in the
datacenter.
Dynamic - Generated for outside providers, some examples include pulling* inventory from a cloud provider (OpenStack, AWS, etc),
LDAP, Cobbler, or a piece of expensive enterprise CMDB software.
[webservers]
web1.example.com
web2.example.com
[dbservers]
db[0:1].example.com
[appserver]
192.168.1.[4:7]
Default location: /etc/ansible/hosts
Note: from command line Ad-hoc commands use --inventory | -i pathname to specify a different host inventory
MODULES
Small programs that comes with Ansible
"Ansible Modules" are written to be resource models of the desired state of the system. Ansible then executes these modules (over
SSH by default), and removes them when finished.
The default module library (currently v2.2.1) has 770+ modules available that allows us to manage from basic systems resources to
sophisticated ones. For example, to manage users, packages, network*, files, services, as well provision cloud instances, create
databases, and many more.
Core, extra and custom modules
● Core modules - Written and maintained by Ansible development team, they are the most important modules and are used for
common administration tasks.
● Extra modules - Generally not maintained by Ansible team but by the community, typically implementing features for
managing newer technologies.
● Custom modules - Developed by end users and not shipped by Ansible.
Idempotence - Is an important characteristic of a module, allows executing the same task multiple times without
resulting in the error state.
Ansible has four modules into this category and provide us the options to choose from while running system commands or scripts:
● Raw - Do not require Python on target/managed host
● Command - Most recommended module for executing commands on target nodes
● Shell - Runs the command through the '/ bin/sh ' shell on the target host. It is less secure than a command module (can be
affected by a shell environment)
● Script - copy and execute a script in one step on remote host
Important Note: These modules are not idempotent by default, you need to take care about his, fortunately Ansible can help you with
such task as well.
Ansible is extensible too. If you do not find a module that does the job for you, it's
easy to write one, and it doesn't have to be in Python.
VARIABLES
A convenient way to manage dynamic values for a given environment
Ansible supports variable that can be used to store values that can be reused throughout files in an entire Ansible project.
● Global scope: Variables set from the command line or Ansible configuration file.
● Play scope: Variables set in the playbook and related structures.
● Host scope: Variables set on host groups and/or individual hosts by inventory, fact gathering or registered tasks.
Example: Defining variables in a playbook (Play scope):
---
- hosts: all
vars:
user: smith
homedir: /home/smith
Note: Variables must start with a letter and can only contain letters, numbers and underscores.
FACTS
Know the facts about your hosts
Ansible facts are variables that are automatically discovered by Ansible from a managed host.
Facts are pulled by the setup module and contain useful information stored into variables that administrators can reuse.
Fact variables can be used as part of playbooks, in conditionals, loops, or any other dynamic statement that depends on a value for a
managed host.
● Displaying facts from all hosts and store them indexed by hostname at /tmp/facts:
# ansible all -m setup --tree /tmp/facts
FACTS
Choosing what facts about your hosts you wanna see
$ ansible webserver1.local -m setup -a 'filter=ansible_dist*'
webserver1.local | SUCCESS => {
"ansible_facts": {
"ansible_distribution": "CentOS",
"ansible_distribution_major_version": "7",
"ansible_distribution_release": "Core",
"ansible_distribution_version": "7.2.1511"
},
"changed": false
}
$ ansible webserver1.local -m setup -a 'filter=ansible_all_ipv4*'
webserver1.local | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"172.16.10.101",
"192.168.121.93"
]
},
"changed": false
}
YAML
The playbook language
YAML format - a simple, human-readable, and familiar way to blueprint the infrastructure.
Users of this tool need not learn any special programming language to get started with, Ansible code is self-explanatory and
self-documenting in nature.
Playbooks are expressed in YAML format and have a minimum of syntax, which intentionally tries to not be a programming language
or script, but rather a model of a configuration or a process.
● Basic overview of correct YAML formatted file, including
lists and dictionaries:
---
# Employee records
- martin:
name: Martin D'vloper
job: Devops
skills:
- Ansible
- Docker
- tabitha:
name: Tabitha Bitumen
job: Developer
skills:
- python
- java
PLAYBOOKS
A simple + powerful automation language
A playbook consists of one or more plays, which map groups of hosts to well-defined tasks.
Plays also defines the order in which tasks are configured. This allows us to orchestrate multitier deployments.
By composing a playbook of multiple ‘plays’, it is possible to orchestrate multi-machine deployments, running certain steps on all
machines in the "webservers" group, then certain steps on the database server group, then more commands back on the webservers
group, etc.
As an orchestrate example, it is possible to create a playbook to configure the load balancers only after starting the web servers, or
perform two-phase deployment where the first phase only adds this configurations and the second phase starts the services in the
desired order.
Ansible Roles - The self-contained, portable and reusable Ansible Playbook format - While it is possible to write a playbook in one very
large file (and you might start out learning playbooks this way), eventually you’ll want to reuse files and start to organize things.
PLAYBOOKS
A simple + powerful automation language
---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root
tasks:
- name: ensure apache is at the latest version
yum: name=httpd state=latest
- name: write the apache config file
template: src=/srv/httpd.j2 dest=/etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service: name=httpd state=started enabled=yes
handlers:
- name: restart apache
service: name=httpd state=restarted
A sample playbook:
CONFIGURATION FILES
Modifying Ansible behavior
Certain settings in Ansible are adjustable via a configuration file. The stock configuration should be sufficient for most users, but there
may be reasons you would want to change them.
Ansible will select its configuration file from one of several possible locations on the control node, the file precedence is:
* ANSIBLE_CONFIG (an environment variable)
* ansible.cfg (in the current directory)
* .ansible.cfg (in the home directory)
* /etc/ansible/ansible.cfg
Some configuration settings are:
● inventory - Change the location of the inventory file
● become - Enables or disables privilege escalation for operations on managed hosts.
● become_user - The user account to escalate privileges to on managed hosts.
● become_method - Defines the privilege escalation method on managed hosts
Note: You can find many more options on /etc/ansible/ansible.cfg
ANSIBLE IN ACTION
Command line Tips & Tricks
$ ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts"
$ ansible webservers -m yum -a "name=htop state=latest"
$ ansible webservers -m service -a "name=httpd state=restarted"
$ ansible myhost --sudo -m raw -a "yum install -y python2 python-simplejson
● Learning about modules:
● Ad-hoc commands - samples:
$ ansible-doc
Usage: ansible-doc [options] [module...]
Options:
-h, --help show this help message and exit
-l, --list List available modules
... output omitted ...
$ ansible-doc -s yum
- name: Manages packages with the `yum' package manager
action: yum
... output omitted ...
ANSIBLE IN ACTION
Command line Tips & Tricks
$ ansible-playbook --syntax-check my_playbook.yml
● Playbook syntax verification:
$ ansible-playbook --step site.yml
PLAY [Install WordPress, MariaDB, Nginx, and PHP-FPM] **************************
Perform task: TASK: setup (N)o/(y)es/(c)ontinue: y
Perform task: TASK: setup (N)o/(y)es/(c)ontinue: *******************************
TASK [setup] *******************************************************************
ok: [www01]
Perform task: TASK: common : Copy the NGINX repository definition
(N)o/(y)es/(c)ontinue:
● Reporting what changes would have occurred (Dry run) without actually execute any changes to the managed
hosts:
$ ansible-playbook -C some_playbook.yml
● Interactively running playbooks:
GALAXY
Locate and deploy Ansible roles with Ansible Galaxy
GALAXY
Command line tool
$ ansible-galaxy -h
Usage: ansible-galaxy [delete|import|info|init|install|list|login|remove|search|setup]
[--help] [options] ...
$ ansible-galaxy search 'haproxy' --platforms el
Found 50 roles matching your search:
Name Description
---- -----------
innohub-ansible.haproxy Creates an haproxy deployment
SimpliField.haproxy Setup HAProxy
kunik.haproxy install haproxy
. . . Output omitted . . .
$ ansible-galaxy init my_project
- my_project was created successfully
ANSIBLE VAULT
Protecting sensitive data in your playbooks
The vault feature can encrypt any structured data file used by Ansible. This can include “group_vars/” or “host_vars/” inventory
variables, variables loaded by “include_vars” or “vars_files”, or variable files passed on the ansible-playbook command line with “-e
@file.yml” or “-e @file.json”. Role variables and defaults are also included!
To create a new encrypted data file, run the following command:
$ ansible-vault create foo.yml
Similarly we can use edit, encrypt, decrypt and rekey, for more details on how to work with vault files, please check manual page:
$ man ansible-vault
LET'S GET ROCK
"Demo (a.k.a. getting trouble) session"
ADDITIONAL REFERENCES
Getting Started
● It's easy to get started:
Getting Started with Ansible | Ansible.com
● Want to learn more?
Ansible Resources - Whitepapers
● Using the Check Mode:
Check Mode (“Dry Run”) — Ansible Documentation
● Ansible Examples:
GitHub - ansible/ansible-examples: A few starter examples of ansible ...

More Related Content

What's hot

Ansible
AnsibleAnsible
Ansible
Knoldus Inc.
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
Anas
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
Knoldus Inc.
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
Omid Vahdaty
 
Ansible
AnsibleAnsible
Ansible
Kamil Lelonek
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
Robert Reiz
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
Mehmet Ali Aydın
 
Ansible - Introduction
Ansible - IntroductionAnsible - Introduction
Ansible - Introduction
Stephane Manciot
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with Ansible
Swapnil Jain
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
Khizer Naeem
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practices
Bas Meijer
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
Simplilearn
 
Accelerating with Ansible
Accelerating with AnsibleAccelerating with Ansible
Accelerating with Ansible
Global Knowledge Training
 
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
Simplilearn
 
ansible why ?
ansible why ?ansible why ?
ansible why ?
Yashar Esmaildokht
 
Getting started with Ansible
Getting started with AnsibleGetting started with Ansible
Getting started with Ansible
Ivan Serdyuk
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
Tim Fairweather
 
Ansible Automation Platform.pdf
Ansible Automation Platform.pdfAnsible Automation Platform.pdf
Ansible Automation Platform.pdf
VuHoangAnh14
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
Gena Mykhailiuta
 
DevOps Meetup ansible
DevOps Meetup   ansibleDevOps Meetup   ansible
DevOps Meetup ansible
sriram_rajan
 

What's hot (20)

Ansible
AnsibleAnsible
Ansible
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
Ansible
AnsibleAnsible
Ansible
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Ansible - Introduction
Ansible - IntroductionAnsible - Introduction
Ansible - Introduction
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with Ansible
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practices
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
 
Accelerating with Ansible
Accelerating with AnsibleAccelerating with Ansible
Accelerating with Ansible
 
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
Ansible Tutorial For Beginners | What Is Ansible And How It Works? | Ansible ...
 
ansible why ?
ansible why ?ansible why ?
ansible why ?
 
Getting started with Ansible
Getting started with AnsibleGetting started with Ansible
Getting started with Ansible
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
 
Ansible Automation Platform.pdf
Ansible Automation Platform.pdfAnsible Automation Platform.pdf
Ansible Automation Platform.pdf
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
 
DevOps Meetup ansible
DevOps Meetup   ansibleDevOps Meetup   ansible
DevOps Meetup ansible
 

Similar to Ansible intro

Ansible a tool for dev ops
Ansible a tool for dev opsAnsible a tool for dev ops
Ansible a tool for dev ops
René Ribaud
 
Ansible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonAnsible & Salt - Vincent Boon
Ansible & Salt - Vincent Boon
MyNOG
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
NigussMehari4
 
Top 50 Ansible Interview Questions And Answers in 2023.pdf
Top 50 Ansible Interview Questions And Answers in 2023.pdfTop 50 Ansible Interview Questions And Answers in 2023.pdf
Top 50 Ansible Interview Questions And Answers in 2023.pdf
Datacademy.ai
 
Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
Sahil Davawala
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
PLNOG Automation@Brainly
PLNOG Automation@BrainlyPLNOG Automation@Brainly
PLNOG Automation@Brainly
vespian_256
 
PLNOG14: Automation at Brainly - Paweł Rozlach
PLNOG14: Automation at Brainly - Paweł RozlachPLNOG14: Automation at Brainly - Paweł Rozlach
PLNOG14: Automation at Brainly - Paweł Rozlach
PROIDEA
 
Ansible
AnsibleAnsible
Ansible
Afroz Hussain
 
Introduction to Ansible - Peter Halligan
Introduction to Ansible - Peter HalliganIntroduction to Ansible - Peter Halligan
Introduction to Ansible - Peter Halligan
CorkOpenTech
 
Installing AtoM with Ansible
Installing AtoM with AnsibleInstalling AtoM with Ansible
Installing AtoM with Ansible
Artefactual Systems - AtoM
 
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
SlideTeam
 
UNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptxUNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptx
Pandiya Rajan
 
DevOps for database
DevOps for databaseDevOps for database
DevOps for database
Osama Mustafa
 
Ansible automation tool with modules
Ansible automation tool with modulesAnsible automation tool with modules
Ansible automation tool with modules
mohamedmoharam
 
Intro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetupIntro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetup
Ramesh Godishela
 
ansible_rhel.pdf
ansible_rhel.pdfansible_rhel.pdf
ansible_rhel.pdf
ssuser6d347b
 
ansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and moreansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and more
Sabarinath Gnanasekar
 
Ansible_Basics_ppt.pdf
Ansible_Basics_ppt.pdfAnsible_Basics_ppt.pdf
Ansible_Basics_ppt.pdf
PrabhjotSingh976002
 
Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)
Jude A. Goonawardena
 

Similar to Ansible intro (20)

Ansible a tool for dev ops
Ansible a tool for dev opsAnsible a tool for dev ops
Ansible a tool for dev ops
 
Ansible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonAnsible & Salt - Vincent Boon
Ansible & Salt - Vincent Boon
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
 
Top 50 Ansible Interview Questions And Answers in 2023.pdf
Top 50 Ansible Interview Questions And Answers in 2023.pdfTop 50 Ansible Interview Questions And Answers in 2023.pdf
Top 50 Ansible Interview Questions And Answers in 2023.pdf
 
Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
 
PLNOG Automation@Brainly
PLNOG Automation@BrainlyPLNOG Automation@Brainly
PLNOG Automation@Brainly
 
PLNOG14: Automation at Brainly - Paweł Rozlach
PLNOG14: Automation at Brainly - Paweł RozlachPLNOG14: Automation at Brainly - Paweł Rozlach
PLNOG14: Automation at Brainly - Paweł Rozlach
 
Ansible
AnsibleAnsible
Ansible
 
Introduction to Ansible - Peter Halligan
Introduction to Ansible - Peter HalliganIntroduction to Ansible - Peter Halligan
Introduction to Ansible - Peter Halligan
 
Installing AtoM with Ansible
Installing AtoM with AnsibleInstalling AtoM with Ansible
Installing AtoM with Ansible
 
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...Hands On Introduction To Ansible Configuration Management With Ansible Comple...
Hands On Introduction To Ansible Configuration Management With Ansible Comple...
 
UNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptxUNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptx
 
DevOps for database
DevOps for databaseDevOps for database
DevOps for database
 
Ansible automation tool with modules
Ansible automation tool with modulesAnsible automation tool with modules
Ansible automation tool with modules
 
Intro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetupIntro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetup
 
ansible_rhel.pdf
ansible_rhel.pdfansible_rhel.pdf
ansible_rhel.pdf
 
ansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and moreansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and more
 
Ansible_Basics_ppt.pdf
Ansible_Basics_ppt.pdfAnsible_Basics_ppt.pdf
Ansible_Basics_ppt.pdf
 
Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)
 

Recently uploaded

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 

Recently uploaded (20)

Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 

Ansible intro

  • 1. IT AUTOMATION MADE EASY - INTRO Marcelo Quintiliano da Silva Technical Account Manager - Red Hat marcelo.quintiliano@gmail.com
  • 2. ABOUT THE MEETUP ANSIBLE SP ● A series of 50 min presentations + 10 min Q&A ● Hands On always it's possible ● Time to exchange ideas ● Suggested topics and presenters are very welcome
  • 3. AGENDA ● WHAT IS ANSIBLE? ● ANSIBLE CORE COMPONENTS ● ANSIBLE CLI TIPS & TRICKS ● ANSIBLE GALAXY ● PROTECTING SENSITIVE DATA IN PLAYBOOKS ● DEMO SESSION ● ADDITIONAL REFERENCES
  • 4. SIMPLE ● Human readable automation ● No special coding skills needed ● Tasks executed in predefined order Get productive quickly Orchestrate the App lifecycle More efficient and secure POWERFUL ● Application deployments ● Continuous delivery ● Beyond just servers AGENTLESS ● Agentless architecture ● Uses OpenSSH and WinRM ● No exploits or updates
  • 5. IS INFRASTRUCTURE AS A CODE… It’s a simple automation language that can perfectly describe an IT application infrastructure in Ansible Playbooks. It's also an automation engine that runs the Ansible Playbooks. Ansible is an open source IT configuration management, deployment, and orchestration tool, based on Python. Designed to be minimal in nature, consistent, secure, and highly reliable, with an extremely low learning curve for administrators, developers, and IT managers.
  • 6. REQUIREMENTS ● CONTROL NODE 1. Ansible can be run from any machine with Python 2.6 or 2.7 ● MANAGED NODES 1. Linux/Unix 1.1. SSH 1.2. Python 2.4 or later 1.2.1. ​If running less than Python 2.5 on the managed nodes, the package "python-simplejson" is required. 2. Windows (Ansible 1.7+) - enable and configure PowerShell remoting 3.0+ (WinRM)
  • 7. HOW ANSIBLE WORKS ● Ansible works by connecting from the control node to your managed nodes and pushing out small programs, called "Ansible modules" to them. These programs are written to be resource models of the desired state of the system. ● Ansible then executes these modules (over SSH by default) in the order they are specified in the playbook(s), and removes them when finished. *API - Available on Ansible Tower
  • 9. CORE COMPONENTS ● INVENTORIES ● MODULES ● VARIABLES ● FACTS ● PLAYS ● PLAYBOOKS ● CONFIGURATION FILES
  • 10. INVENTORIES Defines which hosts Ansible manages Static - Defined in simple text files, a host can be member of more than one group, which is useful to identify the hosts' role in the datacenter. Dynamic - Generated for outside providers, some examples include pulling* inventory from a cloud provider (OpenStack, AWS, etc), LDAP, Cobbler, or a piece of expensive enterprise CMDB software. [webservers] web1.example.com web2.example.com [dbservers] db[0:1].example.com [appserver] 192.168.1.[4:7] Default location: /etc/ansible/hosts Note: from command line Ad-hoc commands use --inventory | -i pathname to specify a different host inventory
  • 11. MODULES Small programs that comes with Ansible "Ansible Modules" are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished. The default module library (currently v2.2.1) has 770+ modules available that allows us to manage from basic systems resources to sophisticated ones. For example, to manage users, packages, network*, files, services, as well provision cloud instances, create databases, and many more. Core, extra and custom modules ● Core modules - Written and maintained by Ansible development team, they are the most important modules and are used for common administration tasks. ● Extra modules - Generally not maintained by Ansible team but by the community, typically implementing features for managing newer technologies. ● Custom modules - Developed by end users and not shipped by Ansible. Idempotence - Is an important characteristic of a module, allows executing the same task multiple times without resulting in the error state.
  • 12. Ansible has four modules into this category and provide us the options to choose from while running system commands or scripts: ● Raw - Do not require Python on target/managed host ● Command - Most recommended module for executing commands on target nodes ● Shell - Runs the command through the '/ bin/sh ' shell on the target host. It is less secure than a command module (can be affected by a shell environment) ● Script - copy and execute a script in one step on remote host Important Note: These modules are not idempotent by default, you need to take care about his, fortunately Ansible can help you with such task as well. Ansible is extensible too. If you do not find a module that does the job for you, it's easy to write one, and it doesn't have to be in Python.
  • 13. VARIABLES A convenient way to manage dynamic values for a given environment Ansible supports variable that can be used to store values that can be reused throughout files in an entire Ansible project. ● Global scope: Variables set from the command line or Ansible configuration file. ● Play scope: Variables set in the playbook and related structures. ● Host scope: Variables set on host groups and/or individual hosts by inventory, fact gathering or registered tasks. Example: Defining variables in a playbook (Play scope): --- - hosts: all vars: user: smith homedir: /home/smith Note: Variables must start with a letter and can only contain letters, numbers and underscores.
  • 14. FACTS Know the facts about your hosts Ansible facts are variables that are automatically discovered by Ansible from a managed host. Facts are pulled by the setup module and contain useful information stored into variables that administrators can reuse. Fact variables can be used as part of playbooks, in conditionals, loops, or any other dynamic statement that depends on a value for a managed host. ● Displaying facts from all hosts and store them indexed by hostname at /tmp/facts: # ansible all -m setup --tree /tmp/facts
  • 15. FACTS Choosing what facts about your hosts you wanna see $ ansible webserver1.local -m setup -a 'filter=ansible_dist*' webserver1.local | SUCCESS => { "ansible_facts": { "ansible_distribution": "CentOS", "ansible_distribution_major_version": "7", "ansible_distribution_release": "Core", "ansible_distribution_version": "7.2.1511" }, "changed": false } $ ansible webserver1.local -m setup -a 'filter=ansible_all_ipv4*' webserver1.local | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "172.16.10.101", "192.168.121.93" ] }, "changed": false }
  • 16. YAML The playbook language YAML format - a simple, human-readable, and familiar way to blueprint the infrastructure. Users of this tool need not learn any special programming language to get started with, Ansible code is self-explanatory and self-documenting in nature. Playbooks are expressed in YAML format and have a minimum of syntax, which intentionally tries to not be a programming language or script, but rather a model of a configuration or a process. ● Basic overview of correct YAML formatted file, including lists and dictionaries: --- # Employee records - martin: name: Martin D'vloper job: Devops skills: - Ansible - Docker - tabitha: name: Tabitha Bitumen job: Developer skills: - python - java
  • 17. PLAYBOOKS A simple + powerful automation language A playbook consists of one or more plays, which map groups of hosts to well-defined tasks. Plays also defines the order in which tasks are configured. This allows us to orchestrate multitier deployments. By composing a playbook of multiple ‘plays’, it is possible to orchestrate multi-machine deployments, running certain steps on all machines in the "webservers" group, then certain steps on the database server group, then more commands back on the webservers group, etc. As an orchestrate example, it is possible to create a playbook to configure the load balancers only after starting the web servers, or perform two-phase deployment where the first phase only adds this configurations and the second phase starts the services in the desired order. Ansible Roles - The self-contained, portable and reusable Ansible Playbook format - While it is possible to write a playbook in one very large file (and you might start out learning playbooks this way), eventually you’ll want to reuse files and start to organize things.
  • 18. PLAYBOOKS A simple + powerful automation language --- - hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: ensure apache is at the latest version yum: name=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf notify: - restart apache - name: ensure apache is running (and enable it at boot) service: name=httpd state=started enabled=yes handlers: - name: restart apache service: name=httpd state=restarted A sample playbook:
  • 19. CONFIGURATION FILES Modifying Ansible behavior Certain settings in Ansible are adjustable via a configuration file. The stock configuration should be sufficient for most users, but there may be reasons you would want to change them. Ansible will select its configuration file from one of several possible locations on the control node, the file precedence is: * ANSIBLE_CONFIG (an environment variable) * ansible.cfg (in the current directory) * .ansible.cfg (in the home directory) * /etc/ansible/ansible.cfg Some configuration settings are: ● inventory - Change the location of the inventory file ● become - Enables or disables privilege escalation for operations on managed hosts. ● become_user - The user account to escalate privileges to on managed hosts. ● become_method - Defines the privilege escalation method on managed hosts Note: You can find many more options on /etc/ansible/ansible.cfg
  • 20. ANSIBLE IN ACTION Command line Tips & Tricks $ ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts" $ ansible webservers -m yum -a "name=htop state=latest" $ ansible webservers -m service -a "name=httpd state=restarted" $ ansible myhost --sudo -m raw -a "yum install -y python2 python-simplejson ● Learning about modules: ● Ad-hoc commands - samples: $ ansible-doc Usage: ansible-doc [options] [module...] Options: -h, --help show this help message and exit -l, --list List available modules ... output omitted ... $ ansible-doc -s yum - name: Manages packages with the `yum' package manager action: yum ... output omitted ...
  • 21. ANSIBLE IN ACTION Command line Tips & Tricks $ ansible-playbook --syntax-check my_playbook.yml ● Playbook syntax verification: $ ansible-playbook --step site.yml PLAY [Install WordPress, MariaDB, Nginx, and PHP-FPM] ************************** Perform task: TASK: setup (N)o/(y)es/(c)ontinue: y Perform task: TASK: setup (N)o/(y)es/(c)ontinue: ******************************* TASK [setup] ******************************************************************* ok: [www01] Perform task: TASK: common : Copy the NGINX repository definition (N)o/(y)es/(c)ontinue: ● Reporting what changes would have occurred (Dry run) without actually execute any changes to the managed hosts: $ ansible-playbook -C some_playbook.yml ● Interactively running playbooks:
  • 22. GALAXY Locate and deploy Ansible roles with Ansible Galaxy
  • 23. GALAXY Command line tool $ ansible-galaxy -h Usage: ansible-galaxy [delete|import|info|init|install|list|login|remove|search|setup] [--help] [options] ... $ ansible-galaxy search 'haproxy' --platforms el Found 50 roles matching your search: Name Description ---- ----------- innohub-ansible.haproxy Creates an haproxy deployment SimpliField.haproxy Setup HAProxy kunik.haproxy install haproxy . . . Output omitted . . . $ ansible-galaxy init my_project - my_project was created successfully
  • 24. ANSIBLE VAULT Protecting sensitive data in your playbooks The vault feature can encrypt any structured data file used by Ansible. This can include “group_vars/” or “host_vars/” inventory variables, variables loaded by “include_vars” or “vars_files”, or variable files passed on the ansible-playbook command line with “-e @file.yml” or “-e @file.json”. Role variables and defaults are also included! To create a new encrypted data file, run the following command: $ ansible-vault create foo.yml Similarly we can use edit, encrypt, decrypt and rekey, for more details on how to work with vault files, please check manual page: $ man ansible-vault
  • 25. LET'S GET ROCK "Demo (a.k.a. getting trouble) session"
  • 26. ADDITIONAL REFERENCES Getting Started ● It's easy to get started: Getting Started with Ansible | Ansible.com ● Want to learn more? Ansible Resources - Whitepapers ● Using the Check Mode: Check Mode (“Dry Run”) — Ansible Documentation ● Ansible Examples: GitHub - ansible/ansible-examples: A few starter examples of ansible ...