SlideShare a Scribd company logo

Writing your First Ansible Playbook

Sana Khan
Sana Khan

DevOps Indulgence Day, 30 May 2020 Cloud Seeders

Technology
1 of 16
Download to read offline
Writing your First Ansible Playbook By Sana Khan
About me ➔ Infrastructure Engineer/ SysAdmin ➔ Former Software Developer ➔ GNOME Outreach Intern (2016) - OpenStack ➔ RGSoC Intern (2014)
Agenda ➔ Challenges in managing server configurations before Configuration Management tools. ➔ Benefits of Configuration Management tool. ➔ Where does Ansible fit in the suite of IaaC tools? ➔ What are the features of IaaC tools? ➔ Why learn Ansible? ➔ Understanding an Ansible Setup. ➔ Basics concepts of Ansible. ➔ Writing your own Playbook. ➔ Security Best Practices.
Before Configuration Management Tools Setup a Webserver (nginx) & an application stack (php) ➔ Step-1: Login to the server ➔ Step-2: Install the nginx package ➔ Step-3: Configure nginx configuration ➔ Step-4: Ensure required users, groups are present ➔ Step-5: Ensure correct permissions, user roles are assigned to conf files. ➔ Step-6: Install php packages ➔ Step-7: Configure the application ➔ Step-8: Configure web server to redirect to application
Before Configuration Management Tools -2 ➔ Doable ➔ Couple of servers ➔ The only form of automation available: Bash Scripts ➔ Inconsistent environments Problem: Large groups of servers that need to be managed in a flexible way.
Configuration Management Tools - Today Goal: Install, manage software and configuration at scale with ease. ➔ Helps automate Infrastructure ➔ Centralized management ➔ Helps manage Infrastructure at large scale ➔ Consistent environments
Where does Ansible fit in suite of IaaC Tools?
What are the features of IaaC Tools? ➔ Declarative Syntax (describes the state of the infrastructure) ➔ Code form (revision control) ➔ Idempotence ( current state == desired state )? -> take actions accordingly.
Why Ansible? ➔ Learning curve is less, easy to pick it up. ➔ Agentless, only requires Python to be installed on the managed servers. ➔ Modules are written in Python, easily accessible. ➔ Modules that integrate with Cloud Providers like AWS, OpenStack. ➔ Modules for Docker, Ovirt, etc. ➔ Modules for network devices, windows, etc.
Ansible Setup Prerequisites: ➔ Python needs to be installed ➔ Sudo user ➔ SSH access
Ansible Concepts ➔ Inventory file ➔ Syntax of a YAML file ➔ Tasks ➔ Modules ➔ Ad-Hoc Commands ➔ Playbooks ➔ Roles (Ready to use playbooks - Ansible Galaxy)
YAML Basics ➔ All YAML files begin with --- ➔ At basic level YAML file consists of lists and dictionaries. ➔ YAML file starts with a list.
YAML Basics -- contd Source: YAML Syntax
Demo ➔ Ansible | jonatanblue ➔ https://github.com/sanakhanlibre/Ansible101
Security Best Practices ➔ Control Node needs to be secure/hardened. ➔ Don’t use passwords, use Key based Authentication. ➔ Use Ansible Vault for secrets. ➔ Don’t expose sensitive data in Ansible Output. ➔ Verify before using Roles from Ansible Galaxy.
Thank You.

Recommended

Ansible Introduction
Ansible IntroductionAnsible Introduction
Ansible Introduction
Gong Haibing
 
Spinnaker - Bay Area AWS Meetup - 20160726
Spinnaker - Bay Area AWS Meetup - 20160726Spinnaker - Bay Area AWS Meetup - 20160726
Spinnaker - Bay Area AWS Meetup - 20160726
Adam Jordens
 
Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUp
tylerturk
 
Owin and Katana
Owin and KatanaOwin and Katana
Owin and Katana
Ugo Lattanzi
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic intro
Anton Babenko
 
Continuous delivery in AWS
Continuous delivery in AWSContinuous delivery in AWS
Continuous delivery in AWS
Anton Babenko
 
Ansible day 1.ppt
Ansible day 1.pptAnsible day 1.ppt
Ansible day 1.ppt
Gourav Varma
 
03 ansible towerbestpractices-nicholas
03 ansible towerbestpractices-nicholas03 ansible towerbestpractices-nicholas
03 ansible towerbestpractices-nicholas
Khairul Zebua
 

Recommended

Ansible Introduction
Ansible IntroductionAnsible Introduction
Ansible Introduction
Gong Haibing
 
Spinnaker - Bay Area AWS Meetup - 20160726
Spinnaker - Bay Area AWS Meetup - 20160726Spinnaker - Bay Area AWS Meetup - 20160726
Spinnaker - Bay Area AWS Meetup - 20160726
Adam Jordens
 
Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUp
tylerturk
 
Owin and Katana
Owin and KatanaOwin and Katana
Owin and Katana
Ugo Lattanzi
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic intro
Anton Babenko
 
Continuous delivery in AWS
Continuous delivery in AWSContinuous delivery in AWS
Continuous delivery in AWS
Anton Babenko
 
Ansible day 1.ppt
Ansible day 1.pptAnsible day 1.ppt
Ansible day 1.ppt
Gourav Varma
 
03 ansible towerbestpractices-nicholas
03 ansible towerbestpractices-nicholas03 ansible towerbestpractices-nicholas
03 ansible towerbestpractices-nicholas
Khairul Zebua
 
Extending ansible
Extending ansibleExtending ansible
Extending ansible
Yan Kurniawan
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
Sascha Möllering
 
Using hapi plugins to version your API (hapiDays 2014)
Using hapi plugins to version your API (hapiDays 2014)Using hapi plugins to version your API (hapiDays 2014)
Using hapi plugins to version your API (hapiDays 2014)
Dave Stevens
 
End to End Testing with nightwatchjs
End to End Testing with nightwatchjsEnd to End Testing with nightwatchjs
End to End Testing with nightwatchjs
Srikanth Madduri
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
Bram Vogelaar
 
Why I am hooked on the future of React
Why I am hooked on the future of ReactWhy I am hooked on the future of React
Why I am hooked on the future of React
Maurice De Beijer [MVP]
 
An Introduction to hapi.js
An Introduction to hapi.jsAn Introduction to hapi.js
An Introduction to hapi.js
Dave Stevens
 
Cypress Automation
Cypress AutomationCypress Automation
Cypress Automation
Susantha Pathirana
 
How to Hack (And Secure) Serverless Apps on Azure
How to Hack (And Secure) Serverless Apps on AzureHow to Hack (And Secure) Serverless Apps on Azure
How to Hack (And Secure) Serverless Apps on Azure
Dean Bryen
 
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
Marco Obinu
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops Overview
Joel W. King
 
Rack
RackRack
Rack
Kerry Buckley
 
Women Who Code Connect 2018 Conference
Women Who Code Connect 2018 ConferenceWomen Who Code Connect 2018 Conference
Women Who Code Connect 2018 Conference
Supriya Premkumar
 
Protecting your site by detection
Protecting your site by detectionProtecting your site by detection
Protecting your site by detection
Marko Heijnen
 
Building an API in Node with HapiJS
Building an API in Node with HapiJSBuilding an API in Node with HapiJS
Building an API in Node with HapiJS
Loc Nguyen
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET Core
Andrea Dottor
 
Serverless architecture: introduction & first steps
Serverless architecture: introduction & first stepsServerless architecture: introduction & first steps
Serverless architecture: introduction & first steps
The Software House
 
Ansible @ Red Hat | December 2015 Ansible Meetup in Melbourne
Ansible @ Red Hat | December 2015 Ansible Meetup in MelbourneAnsible @ Red Hat | December 2015 Ansible Meetup in Melbourne
Ansible @ Red Hat | December 2015 Ansible Meetup in Melbourne
Ken Thompson
 
“ASP.NET Core. Features and architecture”
“ASP.NET Core. Features and architecture” “ASP.NET Core. Features and architecture”
“ASP.NET Core. Features and architecture”
HYS Enterprise
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
Mehmet Ali Aydın
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
NigussMehari4
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
Dharmit Shah
 

More Related Content

What's hot

End to End Testing with nightwatchjs
End to End Testing with nightwatchjsEnd to End Testing with nightwatchjs
End to End Testing with nightwatchjs
Srikanth Madduri
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
Bram Vogelaar
 
Why I am hooked on the future of React
Why I am hooked on the future of ReactWhy I am hooked on the future of React
Why I am hooked on the future of React
Maurice De Beijer [MVP]
 

What's hot (19)

Extending ansible
Extending ansibleExtending ansible
Extending ansible
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
Using hapi plugins to version your API (hapiDays 2014)
Using hapi plugins to version your API (hapiDays 2014)Using hapi plugins to version your API (hapiDays 2014)
Using hapi plugins to version your API (hapiDays 2014)
 
End to End Testing with nightwatchjs
End to End Testing with nightwatchjsEnd to End Testing with nightwatchjs
End to End Testing with nightwatchjs
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
 
Why I am hooked on the future of React
Why I am hooked on the future of ReactWhy I am hooked on the future of React
Why I am hooked on the future of React
 
An Introduction to hapi.js
An Introduction to hapi.jsAn Introduction to hapi.js
An Introduction to hapi.js
 
Cypress Automation
Cypress AutomationCypress Automation
Cypress Automation
 
How to Hack (And Secure) Serverless Apps on Azure
How to Hack (And Secure) Serverless Apps on AzureHow to Hack (And Secure) Serverless Apps on Azure
How to Hack (And Secure) Serverless Apps on Azure
 
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
SQL Start! 2019 - Ancona - Distribuisci ed amministra le tue istanze SQL Serv...
 
Net Devops Overview
Net Devops OverviewNet Devops Overview
Net Devops Overview
 
Rack
RackRack
Rack
 
Women Who Code Connect 2018 Conference
Women Who Code Connect 2018 ConferenceWomen Who Code Connect 2018 Conference
Women Who Code Connect 2018 Conference
 
Protecting your site by detection
Protecting your site by detectionProtecting your site by detection
Protecting your site by detection
 
Building an API in Node with HapiJS
Building an API in Node with HapiJSBuilding an API in Node with HapiJS
Building an API in Node with HapiJS
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET Core
 
Serverless architecture: introduction & first steps
Serverless architecture: introduction & first stepsServerless architecture: introduction & first steps
Serverless architecture: introduction & first steps
 
Ansible @ Red Hat | December 2015 Ansible Meetup in Melbourne
Ansible @ Red Hat | December 2015 Ansible Meetup in MelbourneAnsible @ Red Hat | December 2015 Ansible Meetup in Melbourne
Ansible @ Red Hat | December 2015 Ansible Meetup in Melbourne
 
“ASP.NET Core. Features and architecture”
“ASP.NET Core. Features and architecture” “ASP.NET Core. Features and architecture”
“ASP.NET Core. Features and architecture”
 

Similar to Writing your First Ansible Playbook

Backroll: Production Grade KVM Backup Solution Integrated in CloudStack
Backroll: Production Grade KVM Backup Solution Integrated in CloudStackBackroll: Production Grade KVM Backup Solution Integrated in CloudStack
Backroll: Production Grade KVM Backup Solution Integrated in CloudStack
ShapeBlue
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overview
Tushar Dudhatra
 

Similar to Writing your First Ansible Playbook (20)

Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
MongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James Broadhead
 
Velocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ NetflixVelocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ Netflix
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
 
Devops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShiftDevops with Python by Yaniv Cohen DevopShift
Devops with Python by Yaniv Cohen DevopShift
 
Creating pools of Virtual Machines - ApacheCon NA 2013
Creating pools of Virtual Machines - ApacheCon NA 2013Creating pools of Virtual Machines - ApacheCon NA 2013
Creating pools of Virtual Machines - ApacheCon NA 2013
 
Deployment automation
Deployment automationDeployment automation
Deployment automation
 
ansible_rhel.pdf
ansible_rhel.pdfansible_rhel.pdf
ansible_rhel.pdf
 
Deep Dive into AWS Fargate
Deep Dive into AWS FargateDeep Dive into AWS Fargate
Deep Dive into AWS Fargate
 
RTP NPUG: Ansible Intro and Integration with ACI
RTP NPUG: Ansible Intro and Integration with ACIRTP NPUG: Ansible Intro and Integration with ACI
RTP NPUG: Ansible Intro and Integration with ACI
 
Apache Provisionr (incubating) - Bucharest JUG 10
Apache Provisionr (incubating) - Bucharest JUG 10Apache Provisionr (incubating) - Bucharest JUG 10
Apache Provisionr (incubating) - Bucharest JUG 10
 
Backroll: Production Grade KVM Backup Solution Integrated in CloudStack
Backroll: Production Grade KVM Backup Solution Integrated in CloudStackBackroll: Production Grade KVM Backup Solution Integrated in CloudStack
Backroll: Production Grade KVM Backup Solution Integrated in CloudStack
 
Ranger admin dev overview
Ranger admin dev overviewRanger admin dev overview
Ranger admin dev overview
 
Extending Build to the Client: A Maven User's Guide to Grunt.js
Extending Build to the Client: A Maven User's Guide to Grunt.jsExtending Build to the Client: A Maven User's Guide to Grunt.js
Extending Build to the Client: A Maven User's Guide to Grunt.js
 
Omaha (Google Update) server
Omaha (Google Update) serverOmaha (Google Update) server
Omaha (Google Update) server
 
apidays LIVE Paris 2021 - Edge Side APIs by Kevin Dunglas, Les Tilleuls
apidays LIVE Paris 2021 - Edge Side APIs by Kevin Dunglas, Les Tilleulsapidays LIVE Paris 2021 - Edge Side APIs by Kevin Dunglas, Les Tilleuls
apidays LIVE Paris 2021 - Edge Side APIs by Kevin Dunglas, Les Tilleuls
 
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
 

Recently uploaded

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Recently uploaded (20)

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

Writing your First Ansible Playbook

  • 1. Writing your First Ansible Playbook By Sana Khan
  • 2. About me ➔ Infrastructure Engineer/ SysAdmin ➔ Former Software Developer ➔ GNOME Outreach Intern (2016) - OpenStack ➔ RGSoC Intern (2014)
  • 3. Agenda ➔ Challenges in managing server configurations before Configuration Management tools. ➔ Benefits of Configuration Management tool. ➔ Where does Ansible fit in the suite of IaaC tools? ➔ What are the features of IaaC tools? ➔ Why learn Ansible? ➔ Understanding an Ansible Setup. ➔ Basics concepts of Ansible. ➔ Writing your own Playbook. ➔ Security Best Practices.
  • 4. Before Configuration Management Tools Setup a Webserver (nginx) & an application stack (php) ➔ Step-1: Login to the server ➔ Step-2: Install the nginx package ➔ Step-3: Configure nginx configuration ➔ Step-4: Ensure required users, groups are present ➔ Step-5: Ensure correct permissions, user roles are assigned to conf files. ➔ Step-6: Install php packages ➔ Step-7: Configure the application ➔ Step-8: Configure web server to redirect to application
  • 5. Before Configuration Management Tools -2 ➔ Doable ➔ Couple of servers ➔ The only form of automation available: Bash Scripts ➔ Inconsistent environments Problem: Large groups of servers that need to be managed in a flexible way.
  • 6. Configuration Management Tools - Today Goal: Install, manage software and configuration at scale with ease. ➔ Helps automate Infrastructure ➔ Centralized management ➔ Helps manage Infrastructure at large scale ➔ Consistent environments
  • 7. Where does Ansible fit in suite of IaaC Tools?
  • 8. What are the features of IaaC Tools? ➔ Declarative Syntax (describes the state of the infrastructure) ➔ Code form (revision control) ➔ Idempotence ( current state == desired state )? -> take actions accordingly.
  • 9. Why Ansible? ➔ Learning curve is less, easy to pick it up. ➔ Agentless, only requires Python to be installed on the managed servers. ➔ Modules are written in Python, easily accessible. ➔ Modules that integrate with Cloud Providers like AWS, OpenStack. ➔ Modules for Docker, Ovirt, etc. ➔ Modules for network devices, windows, etc.
  • 10. Ansible Setup Prerequisites: ➔ Python needs to be installed ➔ Sudo user ➔ SSH access
  • 11. Ansible Concepts ➔ Inventory file ➔ Syntax of a YAML file ➔ Tasks ➔ Modules ➔ Ad-Hoc Commands ➔ Playbooks ➔ Roles (Ready to use playbooks - Ansible Galaxy)
  • 12. YAML Basics ➔ All YAML files begin with --- ➔ At basic level YAML file consists of lists and dictionaries. ➔ YAML file starts with a list.
  • 13. YAML Basics -- contd Source: YAML Syntax
  • 14. Demo ➔ Ansible | jonatanblue ➔ https://github.com/sanakhanlibre/Ansible101
  • 15. Security Best Practices ➔ Control Node needs to be secure/hardened. ➔ Don’t use passwords, use Key based Authentication. ➔ Use Ansible Vault for secrets. ➔ Don’t expose sensitive data in Ansible Output. ➔ Verify before using Roles from Ansible Galaxy.