The document discusses the benefits and use cases of Ansible for automation in various organizations, including BinckBank, Hootsuite, and NASA. Each organization faced challenges related to server management and sought simplicity and efficiency through Ansible's agentless and powerful automation framework. The speakers highlight how Ansible has improved their infrastructure management, reduced complexity, and enhanced collaboration among technical and non-technical staff.

1. CASE STUDIES: NASA AND FRIENDS
Greg DeKoenigsberg (@gregdek)

2. GOOD MORNING!
(Who are you?)

3. THIS IS A TALK FOR BUSINESS FOLKS
(But we can go anywhere you like!)

4. ANSIBLE USERS HAVE A LOT OF USE CASES
Let's talk about a few of them today.

5. WHAT IS ANSIBLE, ANYWAY?

6. CONFIGURATION MANAGEMENT
Kinda like Puppet / Chef

7. ORCHESTRATION
Kinda like mCollective

8. APPLICATION DEPLOYMENT
Kinda like... Fabric / Capistrano

9. ALL OF THESE THINGS TOGETHER
Kinda like... nothing

10. "FANCY SSH FOR-LOOP"

11. NEXT GENERATION AUTOMATION FRAMEWORK

12. SIMPLE
(Get started on your lunch hour)
AGENTLESS
(Got ssh? Ansible is for you)
POWERFUL
(Batteries included)

13. BINCKBANK

14. About BinckBank
Based in Amsterdam, NL
Largest Dutch online discount broker
590 employees
760,000+ accounts
600 UNIX servers
Mark Maas, UNIX/Linux System Administrator

15. THE CHALLENGE

16. We have 600 UNIX servers in house. We have a lot of specialty
environments that we need to create while at the same time
managing our production environment.

17. Our problem was complexity in the datacenter. We wanted
automation but we also wanted simplicity and to not have to send
people to training in order to use the product.

18. BEFORE ANSIBLE

19. In the past we did our own scripting for menial tasks over a lot of
late nights of pizza.

20. WITH ANSIBLE

21. Ansible is quite fun to use right away-—as soon as you write five
lines of code it works.

22. With SSH and Ansible I can send commands to 500 servers
without having even used the servers before.

23. We are completely focused on automating as much as possible in
our datacenter and going beyond Unix to create more stuff for
more people to do be able to do more.

24. MOVING FORWARD

25. Recently I purchased a license for Ansible Tower. I would like to
give non-technical users access to it and open up the technical
side to people who have no idea what I am talking about. With
Tower, my Linux guys can access our templates without having to
do any coding. Tower opens up Ansible to the rest of company.

26. HOOTSUITE

27. About HootSuite
Based in Vancouver, BC, Canada
Social media management
~400 employees
Over 8 million users
75% of Fortune 500 uses HootSuite
Beier Cai, Director of Technology

28. THE CHALLENGE

29. Our infrastructure is not scripted, repeatable or immutable.

30. Rebuilding a server relies on limited documentation and mostly
memory.

31. Lack of repeatability makes automating our infrastructure and
application deployment difficult.

32. There was one time we had to spend over a month of an
engineer’s time to rebuild a server that had lived for 2 years with
random config changes by ops engineers along the way, with
limited documentation.

33. BEFORE ANSIBLE

34. We had limited experience with Puppet, but didn’t quite like it
because 1) it needs agents, and we don’t like agents; and 2) we
favor immutability over snowflake factory for infrastructure
management.

35. WITH ANSIBLE

36. Ops and devs both feel safer, literally. Before they were always
worried about ‘what if the server dies’. They aren’t worried about
this anymore after all servers are properly ‘Ansiblized’.

37. With the help of Vagrant we can test server builds locally as
many times as we want until it works, instead of testing it on EC2
cloud which is remote and always slow.

38. Increase our bus factor from 1 to infinite! Before, only 1 or 2
people know how a server was built from the beginning. With
Ansible, storing playbooks in source control gives everyone the
ability to rebuild the server at any time.

39. MOVING FORWARD

40. We want to build out "Devops" into HootSuite, and our vision is
"Software Engineers are engaged in the entire cycle of designing,
implementing, deploying and maintaining their software across
all environments".

41. NASA

42. About NASA
They put men on the freaking moon

43. About NASA WESTprime
WESTPrime == Web Enterprise Service Technologies prime
Blanket purchase agreement funded by NASA
Contracted to InfoZen Inc., a cloud broker and integrator
based in Rockville, MD
InfoZen responsible for entire cloud migration for all NASA
web assets
Jonathan Davila, Senior DevOps Lead, InfoZen

44. THE CHALLENGE

47. WESTPrime’s initial focus was to move roughly 65 applications
off the old data center as quickly as possible in a seemingly
impossible timeline.

48. All of a sudden we had an environment spanning multiple VPCs
and AWS accounts with no way of centrally managing it.

49. We were faced with a very ugly scenario where even simple
things like ensuring every SysAdmin had access to every server,
or simple patching were extremely burdensome.

50. BEFORE ANSIBLE

51. Previously, NASA WESTPrime was using a lot of shell scripts.
There was a lot of "manually ssh-in-and-do-x" type of work being
done.

52. We then created a demo day in which we invited the automation
players to demonstrate the enterprise flavors of their product.

53. After quite a long day of deep level demos and Q&A, and a week
of analysis with the technical team we decided unanimously that
Ansible was the best fit for us.

54. Why?
No agents
Very small learning curve (a day or less!)
Non-technical staff can read a play and know what's happening
Native use of SSH
The most active open source community among its
competitors

55. WITH ANSIBLE

56. NASA web app servers are being patched routinely and
automatically through Tower with a very simple 10-line Ansible
playbook.

57. Every single week www.nasa.gov is updated via Ansible,
generally only taking about 5 minutes to do, including the mobile
version of nasa.gov.

58. Because of Ansible we are able to organize our inventory of AWS
resources in a very granular way that was not at all possible
before.

59. One time we faced some strict deadlines for monitoring and we
didn’t have time to deploy Nagios agents (due to lengthy approval
workflows in place) to monitor RAM and CPU. So what did we
do? We did a very simple hack to be able to monitor CPU and
RAM with Ansible in near real-time (no agent required!).

60. Ansible was leveraged to remediate both OpenSSL issues this
year in ridiculous time (leadership was blown away).

61. It is also used to ensure our environment is compliant with
necessary Federal security standards as outlined by FedRAMP
and other regulatory requirements.

62. There is a level of comfort and confidence that Ansible has been
able to provide that simply was not there before.

63. MOVING FORWARD

64. We are working on moving many applications into cycles of
Continuous Integration and Deployment, which will be
leveraging Ansible as the conductor of these architectures.

65. The moment 1.7 is released, Ansible will be used to manage our
stack of Windows servers and do the same magic we've been
doing with Linux.

66. The end goal will be for our sysadmins to only need to
SSH/WINRM into servers manually for troubleshooting. All
server changes will eventually happen exclusively through
Ansible (and the occasional CloudFormation tempate).

67. A TWEET BEFORE WE GO

68. Adam Werewolf (@adamwwolf)
I use @ansible to do just about everything. If you say "I don't have
time to set it up" you're who it's for--you don't have time *not* to.
11:20 AM - 21 Oct 2014
https://twitter.com/adamwwolf/status/524626206470053889

69. THE WORLD IS CHANGING

70. THANKS / Q+A
greg@ansible.com
@gregdek