SlideShare a Scribd company logo

Data manipulation for configuration management using Ansible

Download as PPTX, PDF
Joel W. King
Joel W. King

Ansible Durham Meetup 19 February 2020

Technology
1 of 43
February2020 Joel W. King Engineering and Innovations Global Solutions Development Data manipulation techniques for configuration management using Ansible
Title: Data manipulation techniques for configuration management using Ansible What is the most important thing that people will learn from your presentation?: This talk explores techniques and best practices for ingesting, manipulating and storing configuration management data for managing multi-cloud infrastructure deployments using Ansible. Abstract: Ansible is widely adopted as a configuration management tool for both on-premise infrastructure and multi-cloud deployments. Most learning tracks focus on procedural programming concepts, learning playbook syntax. This talk focuses on techniques to ingest, manipulate and optimize configuration management data to drive the process. We examine techniques to create data sinks for audit and input to downstream workflows. Also highlighted is the application of relational, NoSQL and graph databases as well as sequential files used for configuration management.
@joelwking @joel_w_king @programmablenetworks/ www.slideshare.net/joelwking/ https://www.wwt.com/
 Low Barrier to Entry  Highly Extensible  Broad Industry adoption for Configuration Management  ACI Modules 100 for ACI and MSO https://youtu.be/3vuPRoyOIFo WWT Saves Time and Money Using Ansible Automation docs.ansible.com/ansible/latest/modules/list_of_network_modules.html#aci docs.ansible.com/ansible/latest/scenario_guides/guide_aci.html
AUTOMATION: BASICS: variables and facts AUTOMATION: PRIVATE CLOUD : Cisco ACI AUTOMATION: SECURITY AND COMPLIANCE AUTOMATION: ADVANCED FEATURES: plugins | facts modules KNOWLEDGE EXPERIENCE USE CASES SHARE YOUR
Background and use cases are typically network and security automation focused. Ansible Playbooks != programming language https://developer.cisco.com/codeexchange/explore#search=joelwking Use Ansible Collections! Design playbooks to be data driven
01100100011000010111010001100001 DATA (SOURCE OF TRUTH) PROCESS (TASKS) INFRASTRUCTURE BUSINESS REQUIREMENTS DESIRED STATE KNOWLEDGE EXPERIENCE
01100100011000010111010001100001 DATA (SOURCE OF TRUTH) PROCESS (TASKS) INFRASTRUCTURE BUSINESS REQUIREMENTS DESIRED STATE KNOWLEDGE EXPERIENCE How Google does Machine Learning … It's all about data https://www.coursera.org/learn/google-machine-learning/
#SILICONVALLEYINSTLAUTOMATION: BASICS
Ansible facts are variables that are automatically discovered by Ansible from a managed host. Facts are pulled by the setup module.(*) (*) Automation with Ansible -Student Workbook Variables can be defined in a bewildering variety of places in an Ansible project.(*) HOSTS NETWORK DEVICES { API }
IPAM GLOBAL CONFIG YAML ENCRYPTED CREDENTIALS SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK PROGRAMMABILITY DEVELOPER MongoDB DEVELOPMENT OPERATIONALIZE ANSIBLE PLAYBOOKANSIBLE PLAYBOOK ROLES | COLLECTIONS Minio INFRASTRUCTURE MANAGEMENT PUBLISH CONSUME
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable command line values (eg “-u user”) role defaults [1] inventory file or script group vars [2] inventory group_vars/all [3] playbook group_vars/all [3] inventory group_vars/* [3] playbook group_vars/* [3] inventory file or script host vars [2] inventory host_vars/* [3] playbook host_vars/* [3] host facts / cached set_facts [4] play vars play vars_prompt play vars_files role vars (defined in role/vars/main.yml) block vars (only for tasks in block) task vars (only for the task) include_vars set_facts / registered vars role (and include_role) params include params extra vars (always win precedence) most least
administrator@flint:~/ansible/playbooks$ python Python 2.7.12 (default, Oct 8 2019, 14:14:10) [GCC 5.4.0 20160609] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import yaml >>> input = ''' ... - name: '/usr/bin/ansible' ... state: put ... meta_data: 'foo=bar' ... - name: '{{ playbook_dir }}/files/csv123.csv' ... state: put ... meta_data: 'foo=bar' ... ''' >>> data = yaml.load(input) >>> type(data) <type 'list'> >>> type(data[0]) <type 'dict'> >>> data[0] {'state': 'put', 'meta_data': 'foo=bar', 'name': '/usr/bin/ansible'} >>> #!/usr/bin/ansible-playbook --- # # - name: Data Manipulation | Meetup | Ansible Durham | S3 hosts: s3.amazonaws.com connection: local gather_facts: '{{ facts | default("no") }}' module_defaults: aws_s3: aws_access_key: '{{ access.key }}' aws_secret_key: '{{ secret.key }}' bucket: '{{ bucket }}' vars: input: - name: '/usr/bin/ansible' state: put meta_data: 'foo=bar' - name: '{{ playbook_dir }}/files/csv123.csv' state: put meta_data: 'foo=bar'
Proper variable naming can make plays more readable and avoid variable name conflicts(*) Use descriptive, unique human-meaningful variable names(*) Prefix variables with it’s “owner” such as a role name or package(*) (*) ANSIBLE BEST PRACTICES: THE ESSENTIALS – Kyle Benson vars: mongodb_database: "{{ database }}" mongodb_collection: "{{ collection }}" mongodb_document: "{{ filename }}" vars: dns: ipv6: - '2001:4860:4860::8888' - '2001:4860:4860::8844' dns6: "{{ dns.ipv6 }}"collection: "{{ mongodb_collection }}"
- name: Data Manipulation | Meetup | Ansible Durham hosts: sandboxapicdc.cisco.com connection: local gather_facts: '{{ facts | default("no") }}' vars: foo: name: bar description: '{{ desc | default("This is a test") }}' vars_files: - '{{ playbook_dir }}/files/LTM_vip_v6-3.json' tasks: - name: Hostvars | run with or without gathering facts debug: var: hostvars[inventory_hostname] - name: Variable from vars_file specified debug: var: imdata - name: Variable defined in playbook debug: msg: '{{ foo.description }}' Why might you run gather facts on a local host? Using a dictionary rather than a scalar variable Where is variable ‘imdata’ defined? Difference between? -e 'desc=this is a test’ and -e 'desc="this is a test"'
https://gitlab.com/joelwking/cisco_dc_community_of_interest/-/blob/master/demos/engine/playbooks/sample.yml --- all: children: APIC: hosts: sandboxapicdc.cisco.com: apic_hostname: sandboxapicdc.cisco.com apic_username: admin apic_use_proxy: no apic_validate_certs: no apic_password: foo!bar inventory.yml
KNOWLEDGE EXPERIENCE SHARE YOUR
#SILICONVALLEYINSTLAUTOMATION: ADVANCED TOPICS
https://docs.ansible.com/ansible/latest/plugins/plugins.html Filters in Ansible… are used for transforming data … Lookup plugins allow Ansible to access data from outside sources. Lookups are an integral part of loops Modules are used as information gatherers _info _facts Modules have modes to ‘put’ or ‘get’ aws_s3
#!/usr/bin/ansible-playbook --- # # Copyright (c) 2019 World Wide Technology, Inc. # All rights reserved. # # author: Joel W. King, World Wide Technology # - name: Msg broker for big or little Tetration hosts: localhost gather_facts: yes connection: local vars: verify_broker: 'no' big_tetration: '10.6.36.24:443,10.6.36.25:443,10.6.36.26:443' little_tetration: '192.0.2.1:443' tasks: - debug: msg: 'Big Tetration have three Kafka brokers, pick one: {{ item }}' with_random_choice: '{{ big_tetration.split(",") }}' - debug: msg: 'Little Tetration only has one Kafka broker: {{ item }}' with_random_choice: '{{ little_tetration.split(",") }}' - set_fact: kafka_broker: '{{ item }}' with_random_choice: '{{ big_tetration.split(",") }}' - name: Optionally verify reachability to the broker shell: 'openssl s_client -connect {{ kafka_broker }} -tls1 ' ignore_errors: False register: openssl when: verify_broker|bool return random element from list 10.6.36.24:443 10.6.36.25:443 10.6.36.26:443 192.0.2.1:443 Little Big FORM FACTORS filter returning boolean
acl_action: {"ALLOW": "permit", "DROP": "deny"} # translator for action verbs - name: Configure firewall access-list debug: msg: "access-list {{ acl_name }} line 1 extended {{ acl_action[item.action] }} {{item.ip_protocol }}" loop: "{{ tnp.ansible_facts.intents }}" https://gitlab.com/tetration-network-policy-publisher/policy-stream-12-pub-vrf/-/blob/master/view_network_policy_decrypt.yml Policy engine uses different keywords than the firewall where the policy is being applied
IPAM GLOBAL CONFIG YAML ENCRYPTED CREDENTIALS YAML SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER https://github.wwt.com/it-automation-aci/ansible-aci-include-data MongoDB BOOTSTRAP EXTRA_VARS PRE-PROCESSING POST-PROCESSING ANSIBLE PLAYBOO K
ENCRYPTED CREDENTIALS YAML SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER BOOTSTRAP EXTRA_VARS https://github.wwt.com/it-automation-aci/ansible-aci-credentials ANSIBLE PLAYBOO K
https://gitlab.com/joelwking/cisco_dc_community_of_interest/-/blob/master/demos/engine/playbooks/sample_wwt_roles.yml ./sample.yml -v -i inventory.yml --e 'bootstrap=sample456 All playbooks call these roles for managing credentials and including data
VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER MongoDB MongoDB is an open-source document / NoSQL database. Implemented as a Docker Container ANSIBLE PLAYBOO K
SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface. ANSIBLE PLAYBOO K
- name: Data Manipulation | Meetup | Ansible Durham | S3 hosts: s3.amazonaws.com connection: local gather_facts: '{{ facts | default("no") }}' module_defaults: aws_s3: aws_access_key: '{{ access.key }}' aws_secret_key: '{{ secret.key }}' bucket: '{{ bucket }}' vars: keys: '/home/administrator/amazon_web_service/access_keys/s3.yml' input: - name: '/usr/bin/ansible' state: put meta_data: 'foo=bar' - name: '{{ playbook_dir }}/files/sample_csv_file.csv' state: put meta_data: 'foo=bar' vars_files: - '{{ keys }}' tasks: - name: PUT/upload with metadata aws_s3: object: '{{ item.name }}' src: '{{ item.name }}' mode: '{{ item.state }}' metadata: '{{ item.meta_data }}' loop: '{{ input }}'
https://min.io/product MinIO is best suited for high performance tasks such as analytics, machine learning and modern, high throughput application development. … … As an object store, MinIO can store unstructured data such as photos, videos, log files, backups and container / VM images. Size of an object can range from a few KBs to a maximum of 5TB. https://en.wikipedia.org/wiki/Minio Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface.
KNOWLEDGE EXPERIENCE SHARE YOUR
#SILICONVALLEYINSTLAUTOMATION: Cisco ACI
Configuration  Network Engineers like spreadsheets  Free and readily available – no training  YAML, JSON and XML confound non-programmers tabular structure to hierarchical
./csv_to_mongo.yml -e filename="/it-automation-aci/TEST_DATA/aci_constructs_policies_3.csv" --skip-tags "mongo" tasks: - name: Get facts from CSV file csv_to_facts: src: '{{ filename }}' table: spreadsheet vsheets: - VRFs: - VRF - Tenant - TENANTs: - Tenant - APs: - Tenant - AppProfile - debug: msg: '{{ TENANTs }}' TASK [debug] ****************************************************************************************************************** ok: [localhost] => {} MSG: [{u'Tenant': u'WWT-INT'}, {u'Tenant': u'WWT-DMZ'}, {u'Tenant': u'WWT_NULL'}] UNIQUE (SET) OF TENANTS PRESENT IN THE SPREADSHEET CSV FILE FROM EXCEL VIRTUAL SPREADSHEET https://github.com/joelwking/csv-source-of-truth
Contract Subject (vzSubj) Contract (vzBrCP) Filter (vzFilter) Filter Entry (vzEntry) Bind Filter to Contract Subject (vzRsSubjFiltAtt) Tenant (fvTenant) End Point Group (fvAEPg) Application Profile (fvAP) Bind EPGs to Contracts (fv:RsCons, fv:RsProv) Looping over ‘virtual spreadsheet
# # This Excel / CSV file is managed by network engineering, it identifies the target Tenant, AP and EPG # - block: - name: Extract the specified sheet from the Excel file xls_to_csv: src: '{{ spreadsheet }}' dest: '{{ playbook_dir }}/files/aci/' sheets: '{{ sheet_name }}' - name: Load the EPG, AP and Tenant mapping csv_to_facts: src: '{{ playbook_dir }}/files/aci/{{ sheet_name }}.csv' vsheets: - TENANTs: - ap - epg - tenant - name: Iterate over the spreadsheet roles, creating an associative array (dictionary) using the EPG as the key set_fact: epg_ap_tenant: "{{ epg_ap_tenant | combine( {item.epg: item} ) }}" loop: "{{ TENANTs }}"
#SILICONVALLEYINSTLAUTOMATION: SECURITY AND COMPLIANCE
When network configuration (policy) is generated programmatically, it must be applied to network devices programmatically. Zero Trust Architecture (2nd Draft) https://csrc.nist.gov/publications/detail/sp/800-207/draft
VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER ANSIBLE PLAYBOO K
api_create_policy.yml
 Most Network Engineers are not familiar with data serialization formats – which is why we use spreadsheets.  Don’t clutter playbooks with conditionals validating data format  Playbooks are not intended to be programming languages, write modules, and plugins.  Structure your data so it drives the functionality of the playbooks
Examples from the Cisco Data Center webinar https://gitlab.com/joelwking/cisco_dc_community_of_interest CSV source of truth https://github.com/joelwking/csv-source-of-truth Foray into Ansible Content Collections https://www.slideshare.net/joelwking/foray-into-ansible-content-collections YAML Magic https://www.slideshare.net/roidelapluie/yaml-magic The 100% Open Source, Enterprise-Grade, Amazon S3 Compatible Object Storage https://min.io/ https://docs.minio.io/docs/minio-quickstart-guide.html
Data manipulation for configuration management using Ansible

Recommended

DevNet Associate : Python introduction
DevNet Associate : Python introductionDevNet Associate : Python introduction
DevNet Associate : Python introductionJoel W. King
 
Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Joel W. King
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxiesLibbySchulze
 
Monitoring&Logging - Stanislav Kolenkin
Monitoring&Logging - Stanislav Kolenkin Monitoring&Logging - Stanislav Kolenkin
Monitoring&Logging - Stanislav Kolenkin Kuberton
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
OpenStack in Enterprise
OpenStack in EnterpriseOpenStack in Enterprise
OpenStack in EnterpriseNalee Jang
 

Recommended

DevNet Associate : Python introduction
DevNet Associate : Python introductionDevNet Associate : Python introduction
DevNet Associate : Python introductionJoel W. King
 
Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Joel W. King
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxiesLibbySchulze
 
Monitoring&Logging - Stanislav Kolenkin
Monitoring&Logging - Stanislav Kolenkin Monitoring&Logging - Stanislav Kolenkin
Monitoring&Logging - Stanislav Kolenkin Kuberton
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
OpenStack in Enterprise
OpenStack in EnterpriseOpenStack in Enterprise
OpenStack in EnterpriseNalee Jang
 
Kubernetes for the PHP developer
Kubernetes for the PHP developerKubernetes for the PHP developer
Kubernetes for the PHP developerPaul Czarkowski
 
Kubernetes best practices
Kubernetes best practicesKubernetes best practices
Kubernetes best practicesBill Liu
 
Kubernetes and Istio
Kubernetes and IstioKubernetes and Istio
Kubernetes and IstioKetan Gote
 
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes ClusterKubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes Clustersmalltown
 
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...NETWAYS
 
Security model for a remote company
Security model for a remote companySecurity model for a remote company
Security model for a remote companyPierre Mavro
 
Openshift Container Platform on Azure
Openshift Container Platform on AzureOpenshift Container Platform on Azure
Openshift Container Platform on AzureGlenn West
 
How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2Fernando Lopez Aguilar
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021WDDay
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architectureOpenStack Korea Community
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetesdtoledo67
 
Enabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via KubernetesEnabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via Kubernetesmountpoint.io
 
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...Henning Jacobs
 
Ansible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Ansible Automation - Enterprise Use Cases | Juncheng Anthony LinAnsible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Ansible Automation - Enterprise Use Cases | Juncheng Anthony LinVietnam Open Infrastructure User Group
 
Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s ClustersDeploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s ClustersSyah Dwi Prihatmoko
 
Cloud infrastructure as code
Cloud infrastructure as codeCloud infrastructure as code
Cloud infrastructure as codeTomasz Cholewa
 
Open Stack compute-service-nova
Open Stack compute-service-novaOpen Stack compute-service-nova
Open Stack compute-service-novaGHANSHYAM MANN
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Nati Shalom
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of TruthJoel W. King
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of TruthJoel W. King
 

More Related Content

What's hot

Kubernetes for the PHP developer
Kubernetes for the PHP developerKubernetes for the PHP developer
Kubernetes for the PHP developerPaul Czarkowski
 
Kubernetes best practices
Kubernetes best practicesKubernetes best practices
Kubernetes best practicesBill Liu
 
Kubernetes and Istio
Kubernetes and IstioKubernetes and Istio
Kubernetes and IstioKetan Gote
 
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes ClusterKubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes Clustersmalltown
 
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...NETWAYS
 
Security model for a remote company
Security model for a remote companySecurity model for a remote company
Security model for a remote companyPierre Mavro
 
Openshift Container Platform on Azure
Openshift Container Platform on AzureOpenshift Container Platform on Azure
Openshift Container Platform on AzureGlenn West
 
How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2Fernando Lopez Aguilar
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021WDDay
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architectureOpenStack Korea Community
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetesdtoledo67
 
Enabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via KubernetesEnabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via Kubernetesmountpoint.io
 
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...Henning Jacobs
 
Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s ClustersDeploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s ClustersSyah Dwi Prihatmoko
 
Cloud infrastructure as code
Cloud infrastructure as codeCloud infrastructure as code
Cloud infrastructure as codeTomasz Cholewa
 
Open Stack compute-service-nova
Open Stack compute-service-novaOpen Stack compute-service-nova
Open Stack compute-service-novaGHANSHYAM MANN
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Nati Shalom
 

What's hot (20)

Kubernetes for the PHP developer
Kubernetes for the PHP developerKubernetes for the PHP developer
Kubernetes for the PHP developer
 
Kubernetes best practices
Kubernetes best practicesKubernetes best practices
Kubernetes best practices
 
Kubernetes and Istio
Kubernetes and IstioKubernetes and Istio
Kubernetes and Istio
 
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes ClusterKubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
 
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
OSDC 2018 | Spicing up VMWare with Ansible and InSpec by Martin Schurz and S...
 
Security model for a remote company
Security model for a remote companySecurity model for a remote company
Security model for a remote company
 
Openshift Container Platform on Azure
Openshift Container Platform on AzureOpenshift Container Platform on Azure
Openshift Container Platform on Azure
 
How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2How to deploy spark instance using ansible 2.0 in fiware lab v2
How to deploy spark instance using ansible 2.0 in fiware lab v2
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
[OpenInfra Days Korea 2018] Day 2 - E4 - 딥다이브: immutable Kubernetes architecture
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetes
 
Enabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via KubernetesEnabling ceph-mgr to control Ceph services via Kubernetes
Enabling ceph-mgr to control Ceph services via Kubernetes
 
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
Why Kubernetes? Cloud Native and Developer Experience at Zalando - OWL Tech &...
 
Ansible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Ansible Automation - Enterprise Use Cases | Juncheng Anthony LinAnsible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Ansible Automation - Enterprise Use Cases | Juncheng Anthony Lin
 
Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s ClustersDeploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters
 
Cloud infrastructure as code
Cloud infrastructure as codeCloud infrastructure as code
Cloud infrastructure as code
 
Open Stack compute-service-nova
Open Stack compute-service-novaOpen Stack compute-service-nova
Open Stack compute-service-nova
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and Ops
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
 

Similar to Data manipulation for configuration management using Ansible

Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of TruthJoel W. King
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of TruthJoel W. King
 
DevOps Enabling Your Team
DevOps Enabling Your TeamDevOps Enabling Your Team
DevOps Enabling Your TeamGR8Conf
 
Just one-shade-of-openstack
Just one-shade-of-openstackJust one-shade-of-openstack
Just one-shade-of-openstackRoberto Polli
 
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS Summit
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS SummitAutomatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS Summit
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS SummitAmazon Web Services
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariAlejandro Fernandez
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Prajal Kulkarni
 
Introduction To Apache Mesos
Introduction To Apache MesosIntroduction To Apache Mesos
Introduction To Apache MesosJoe Stein
 
Service discovery and configuration provisioning
Service discovery and configuration provisioningService discovery and configuration provisioning
Service discovery and configuration provisioningSource Ministry
 
Terraform, Ansible or pure CloudFormation
Terraform, Ansible or pure CloudFormationTerraform, Ansible or pure CloudFormation
Terraform, Ansible or pure CloudFormationgeekQ
 
Ansible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonAnsible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonMyNOG
 
Incrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern AutomationIncrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern AutomationSean Chittenden
 
Solutions for bi-directional Integration between Oracle RDMBS & Apache Kafka
Solutions for bi-directional Integration between Oracle RDMBS & Apache KafkaSolutions for bi-directional Integration between Oracle RDMBS & Apache Kafka
Solutions for bi-directional Integration between Oracle RDMBS & Apache KafkaGuido Schmutz
 
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...confluent
 
Red Hat Agile integration Workshop Labs
Red Hat Agile integration Workshop LabsRed Hat Agile integration Workshop Labs
Red Hat Agile integration Workshop LabsJudy Breedlove
 
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...Timofey Turenko
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...NETWAYS
 
Developing your first application using FIWARE
Developing your first application using FIWAREDeveloping your first application using FIWARE
Developing your first application using FIWAREFIWARE
 

Similar to Data manipulation for configuration management using Ansible (20)

Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of Truth
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of Truth
 
DevOps Enabling Your Team
DevOps Enabling Your TeamDevOps Enabling Your Team
DevOps Enabling Your Team
 
Just one-shade-of-openstack
Just one-shade-of-openstackJust one-shade-of-openstack
Just one-shade-of-openstack
 
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS Summit
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS SummitAutomatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS Summit
Automatically Scaling Your Kubernetes Workloads - SVC209-S - Anaheim AWS Summit
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.
 
Introduction To Apache Mesos
Introduction To Apache MesosIntroduction To Apache Mesos
Introduction To Apache Mesos
 
Play 2.0
Play 2.0Play 2.0
Play 2.0
 
Service discovery and configuration provisioning
Service discovery and configuration provisioningService discovery and configuration provisioning
Service discovery and configuration provisioning
 
Terraform, Ansible or pure CloudFormation
Terraform, Ansible or pure CloudFormationTerraform, Ansible or pure CloudFormation
Terraform, Ansible or pure CloudFormation
 
Bosh 2.0
Bosh 2.0Bosh 2.0
Bosh 2.0
 
Ansible & Salt - Vincent Boon
Ansible & Salt - Vincent BoonAnsible & Salt - Vincent Boon
Ansible & Salt - Vincent Boon
 
Incrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern AutomationIncrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern Automation
 
Solutions for bi-directional Integration between Oracle RDMBS & Apache Kafka
Solutions for bi-directional Integration between Oracle RDMBS & Apache KafkaSolutions for bi-directional Integration between Oracle RDMBS & Apache Kafka
Solutions for bi-directional Integration between Oracle RDMBS & Apache Kafka
 
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...
Solutions for bi-directional integration between Oracle RDBMS and Apache Kafk...
 
Red Hat Agile integration Workshop Labs
Red Hat Agile integration Workshop LabsRed Hat Agile integration Workshop Labs
Red Hat Agile integration Workshop Labs
 
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
 
Developing your first application using FIWARE
Developing your first application using FIWAREDeveloping your first application using FIWARE
Developing your first application using FIWARE
 

More from Joel W. King

DevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptxDevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptxJoel W. King
 
BRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptxBRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptxJoel W. King
 
Introduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSIntroduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSJoel W. King
 
NetDevOps Development Environments
NetDevOps Development EnvironmentsNetDevOps Development Environments
NetDevOps Development EnvironmentsJoel W. King
 
Using Batfish for Network Analysis
Using Batfish for Network AnalysisUsing Batfish for Network Analysis
Using Batfish for Network AnalysisJoel W. King
 
Cisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design GuideCisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design GuideJoel W. King
 
Meraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk PhantomMeraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk PhantomJoel W. King
 
Business Ready Teleworker Design Guide
Business Ready Teleworker Design GuideBusiness Ready Teleworker Design Guide
Business Ready Teleworker Design GuideJoel W. King
 
DevNet Study Group: Using a SDK
DevNet Study Group: Using a SDKDevNet Study Group: Using a SDK
DevNet Study Group: Using a SDKJoel W. King
 
Foray into Ansible Content Collections
Foray into Ansible Content CollectionsForay into Ansible Content Collections
Foray into Ansible Content CollectionsJoel W. King
 
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...Joel W. King
 
Enabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with AnsibleEnabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with AnsibleJoel W. King
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Joel W. King
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Joel W. King
 
Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Joel W. King
 
Introduction to Git for Network Engineers
Introduction to Git for Network EngineersIntroduction to Git for Network Engineers
Introduction to Git for Network EngineersJoel W. King
 
World Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking WorkshopWorld Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking WorkshopJoel W. King
 
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...Joel W. King
 

More from Joel W. King (20)

DevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptxDevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptx
 
BRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptxBRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptx
 
Introduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSIntroduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOS
 
NetDevOps Development Environments
NetDevOps Development EnvironmentsNetDevOps Development Environments
NetDevOps Development Environments
 
Using Batfish for Network Analysis
Using Batfish for Network AnalysisUsing Batfish for Network Analysis
Using Batfish for Network Analysis
 
Cisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design GuideCisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design Guide
 
Meraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk PhantomMeraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk Phantom
 
Business Ready Teleworker Design Guide
Business Ready Teleworker Design GuideBusiness Ready Teleworker Design Guide
Business Ready Teleworker Design Guide
 
DevNet Study Group: Using a SDK
DevNet Study Group: Using a SDKDevNet Study Group: Using a SDK
DevNet Study Group: Using a SDK
 
Foray into Ansible Content Collections
Foray into Ansible Content CollectionsForay into Ansible Content Collections
Foray into Ansible Content Collections
 
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
 
Enabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with AnsibleEnabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with Ansible
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...
 
Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)
 
Introduction to Git for Network Engineers
Introduction to Git for Network EngineersIntroduction to Git for Network Engineers
Introduction to Git for Network Engineers
 
Under the Hood
Under the HoodUnder the Hood
Under the Hood
 
What is Code?
What is Code?What is Code?
What is Code?
 
World Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking WorkshopWorld Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking Workshop
 
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

Data manipulation for configuration management using Ansible

  • 1. February2020 Joel W. King Engineering and Innovations Global Solutions Development Data manipulation techniques for configuration management using Ansible
  • 2. Title: Data manipulation techniques for configuration management using Ansible What is the most important thing that people will learn from your presentation?: This talk explores techniques and best practices for ingesting, manipulating and storing configuration management data for managing multi-cloud infrastructure deployments using Ansible. Abstract: Ansible is widely adopted as a configuration management tool for both on-premise infrastructure and multi-cloud deployments. Most learning tracks focus on procedural programming concepts, learning playbook syntax. This talk focuses on techniques to ingest, manipulate and optimize configuration management data to drive the process. We examine techniques to create data sinks for audit and input to downstream workflows. Also highlighted is the application of relational, NoSQL and graph databases as well as sequential files used for configuration management.
  • 4.  Low Barrier to Entry  Highly Extensible  Broad Industry adoption for Configuration Management  ACI Modules 100 for ACI and MSO https://youtu.be/3vuPRoyOIFo WWT Saves Time and Money Using Ansible Automation docs.ansible.com/ansible/latest/modules/list_of_network_modules.html#aci docs.ansible.com/ansible/latest/scenario_guides/guide_aci.html
  • 5. AUTOMATION: BASICS: variables and facts AUTOMATION: PRIVATE CLOUD : Cisco ACI AUTOMATION: SECURITY AND COMPLIANCE AUTOMATION: ADVANCED FEATURES: plugins | facts modules KNOWLEDGE EXPERIENCE USE CASES SHARE YOUR
  • 6. Background and use cases are typically network and security automation focused. Ansible Playbooks != programming language https://developer.cisco.com/codeexchange/explore#search=joelwking Use Ansible Collections! Design playbooks to be data driven
  • 8. 01100100011000010111010001100001 DATA (SOURCE OF TRUTH) PROCESS (TASKS) INFRASTRUCTURE BUSINESS REQUIREMENTS DESIRED STATE KNOWLEDGE EXPERIENCE How Google does Machine Learning … It's all about data https://www.coursera.org/learn/google-machine-learning/
  • 9.
  • 11. Ansible facts are variables that are automatically discovered by Ansible from a managed host. Facts are pulled by the setup module.(*) (*) Automation with Ansible -Student Workbook Variables can be defined in a bewildering variety of places in an Ansible project.(*) HOSTS NETWORK DEVICES { API }
  • 12. IPAM GLOBAL CONFIG YAML ENCRYPTED CREDENTIALS SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK PROGRAMMABILITY DEVELOPER MongoDB DEVELOPMENT OPERATIONALIZE ANSIBLE PLAYBOOKANSIBLE PLAYBOOK ROLES | COLLECTIONS Minio INFRASTRUCTURE MANAGEMENT PUBLISH CONSUME
  • 13. https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable command line values (eg “-u user”) role defaults [1] inventory file or script group vars [2] inventory group_vars/all [3] playbook group_vars/all [3] inventory group_vars/* [3] playbook group_vars/* [3] inventory file or script host vars [2] inventory host_vars/* [3] playbook host_vars/* [3] host facts / cached set_facts [4] play vars play vars_prompt play vars_files role vars (defined in role/vars/main.yml) block vars (only for tasks in block) task vars (only for the task) include_vars set_facts / registered vars role (and include_role) params include params extra vars (always win precedence) most least
  • 14. administrator@flint:~/ansible/playbooks$ python Python 2.7.12 (default, Oct 8 2019, 14:14:10) [GCC 5.4.0 20160609] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import yaml >>> input = ''' ... - name: '/usr/bin/ansible' ... state: put ... meta_data: 'foo=bar' ... - name: '{{ playbook_dir }}/files/csv123.csv' ... state: put ... meta_data: 'foo=bar' ... ''' >>> data = yaml.load(input) >>> type(data) <type 'list'> >>> type(data[0]) <type 'dict'> >>> data[0] {'state': 'put', 'meta_data': 'foo=bar', 'name': '/usr/bin/ansible'} >>> #!/usr/bin/ansible-playbook --- # # - name: Data Manipulation | Meetup | Ansible Durham | S3 hosts: s3.amazonaws.com connection: local gather_facts: '{{ facts | default("no") }}' module_defaults: aws_s3: aws_access_key: '{{ access.key }}' aws_secret_key: '{{ secret.key }}' bucket: '{{ bucket }}' vars: input: - name: '/usr/bin/ansible' state: put meta_data: 'foo=bar' - name: '{{ playbook_dir }}/files/csv123.csv' state: put meta_data: 'foo=bar'
  • 15. Proper variable naming can make plays more readable and avoid variable name conflicts(*) Use descriptive, unique human-meaningful variable names(*) Prefix variables with it’s “owner” such as a role name or package(*) (*) ANSIBLE BEST PRACTICES: THE ESSENTIALS – Kyle Benson vars: mongodb_database: "{{ database }}" mongodb_collection: "{{ collection }}" mongodb_document: "{{ filename }}" vars: dns: ipv6: - '2001:4860:4860::8888' - '2001:4860:4860::8844' dns6: "{{ dns.ipv6 }}"collection: "{{ mongodb_collection }}"
  • 16. - name: Data Manipulation | Meetup | Ansible Durham hosts: sandboxapicdc.cisco.com connection: local gather_facts: '{{ facts | default("no") }}' vars: foo: name: bar description: '{{ desc | default("This is a test") }}' vars_files: - '{{ playbook_dir }}/files/LTM_vip_v6-3.json' tasks: - name: Hostvars | run with or without gathering facts debug: var: hostvars[inventory_hostname] - name: Variable from vars_file specified debug: var: imdata - name: Variable defined in playbook debug: msg: '{{ foo.description }}' Why might you run gather facts on a local host? Using a dictionary rather than a scalar variable Where is variable ‘imdata’ defined? Difference between? -e 'desc=this is a test’ and -e 'desc="this is a test"'
  • 20. https://docs.ansible.com/ansible/latest/plugins/plugins.html Filters in Ansible… are used for transforming data … Lookup plugins allow Ansible to access data from outside sources. Lookups are an integral part of loops Modules are used as information gatherers _info _facts Modules have modes to ‘put’ or ‘get’ aws_s3
  • 21. #!/usr/bin/ansible-playbook --- # # Copyright (c) 2019 World Wide Technology, Inc. # All rights reserved. # # author: Joel W. King, World Wide Technology # - name: Msg broker for big or little Tetration hosts: localhost gather_facts: yes connection: local vars: verify_broker: 'no' big_tetration: '10.6.36.24:443,10.6.36.25:443,10.6.36.26:443' little_tetration: '192.0.2.1:443' tasks: - debug: msg: 'Big Tetration have three Kafka brokers, pick one: {{ item }}' with_random_choice: '{{ big_tetration.split(",") }}' - debug: msg: 'Little Tetration only has one Kafka broker: {{ item }}' with_random_choice: '{{ little_tetration.split(",") }}' - set_fact: kafka_broker: '{{ item }}' with_random_choice: '{{ big_tetration.split(",") }}' - name: Optionally verify reachability to the broker shell: 'openssl s_client -connect {{ kafka_broker }} -tls1 ' ignore_errors: False register: openssl when: verify_broker|bool return random element from list 10.6.36.24:443 10.6.36.25:443 10.6.36.26:443 192.0.2.1:443 Little Big FORM FACTORS filter returning boolean
  • 22. acl_action: {"ALLOW": "permit", "DROP": "deny"} # translator for action verbs - name: Configure firewall access-list debug: msg: "access-list {{ acl_name }} line 1 extended {{ acl_action[item.action] }} {{item.ip_protocol }}" loop: "{{ tnp.ansible_facts.intents }}" https://gitlab.com/tetration-network-policy-publisher/policy-stream-12-pub-vrf/-/blob/master/view_network_policy_decrypt.yml Policy engine uses different keywords than the firewall where the policy is being applied
  • 23. IPAM GLOBAL CONFIG YAML ENCRYPTED CREDENTIALS YAML SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER https://github.wwt.com/it-automation-aci/ansible-aci-include-data MongoDB BOOTSTRAP EXTRA_VARS PRE-PROCESSING POST-PROCESSING ANSIBLE PLAYBOO K
  • 24. ENCRYPTED CREDENTIALS YAML SERVICE TICKETING SYSTEM VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER BOOTSTRAP EXTRA_VARS https://github.wwt.com/it-automation-aci/ansible-aci-credentials ANSIBLE PLAYBOO K
  • 25. https://gitlab.com/joelwking/cisco_dc_community_of_interest/-/blob/master/demos/engine/playbooks/sample_wwt_roles.yml ./sample.yml -v -i inventory.yml --e 'bootstrap=sample456 All playbooks call these roles for managing credentials and including data
  • 26. VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER MongoDB MongoDB is an open-source document / NoSQL database. Implemented as a Docker Container ANSIBLE PLAYBOO K
  • 27.
  • 28. SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface. ANSIBLE PLAYBOO K
  • 29. - name: Data Manipulation | Meetup | Ansible Durham | S3 hosts: s3.amazonaws.com connection: local gather_facts: '{{ facts | default("no") }}' module_defaults: aws_s3: aws_access_key: '{{ access.key }}' aws_secret_key: '{{ secret.key }}' bucket: '{{ bucket }}' vars: keys: '/home/administrator/amazon_web_service/access_keys/s3.yml' input: - name: '/usr/bin/ansible' state: put meta_data: 'foo=bar' - name: '{{ playbook_dir }}/files/sample_csv_file.csv' state: put meta_data: 'foo=bar' vars_files: - '{{ keys }}' tasks: - name: PUT/upload with metadata aws_s3: object: '{{ item.name }}' src: '{{ item.name }}' mode: '{{ item.state }}' metadata: '{{ item.meta_data }}' loop: '{{ input }}'
  • 30. https://min.io/product MinIO is best suited for high performance tasks such as analytics, machine learning and modern, high throughput application development. … … As an object store, MinIO can store unstructured data such as photos, videos, log files, backups and container / VM images. Size of an object can range from a few KBs to a maximum of 5TB. https://en.wikipedia.org/wiki/Minio Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface.
  • 33. Configuration  Network Engineers like spreadsheets  Free and readily available – no training  YAML, JSON and XML confound non-programmers tabular structure to hierarchical
  • 34. ./csv_to_mongo.yml -e filename="/it-automation-aci/TEST_DATA/aci_constructs_policies_3.csv" --skip-tags "mongo" tasks: - name: Get facts from CSV file csv_to_facts: src: '{{ filename }}' table: spreadsheet vsheets: - VRFs: - VRF - Tenant - TENANTs: - Tenant - APs: - Tenant - AppProfile - debug: msg: '{{ TENANTs }}' TASK [debug] ****************************************************************************************************************** ok: [localhost] => {} MSG: [{u'Tenant': u'WWT-INT'}, {u'Tenant': u'WWT-DMZ'}, {u'Tenant': u'WWT_NULL'}] UNIQUE (SET) OF TENANTS PRESENT IN THE SPREADSHEET CSV FILE FROM EXCEL VIRTUAL SPREADSHEET https://github.com/joelwking/csv-source-of-truth
  • 35. Contract Subject (vzSubj) Contract (vzBrCP) Filter (vzFilter) Filter Entry (vzEntry) Bind Filter to Contract Subject (vzRsSubjFiltAtt) Tenant (fvTenant) End Point Group (fvAEPg) Application Profile (fvAP) Bind EPGs to Contracts (fv:RsCons, fv:RsProv) Looping over ‘virtual spreadsheet
  • 36. # # This Excel / CSV file is managed by network engineering, it identifies the target Tenant, AP and EPG # - block: - name: Extract the specified sheet from the Excel file xls_to_csv: src: '{{ spreadsheet }}' dest: '{{ playbook_dir }}/files/aci/' sheets: '{{ sheet_name }}' - name: Load the EPG, AP and Tenant mapping csv_to_facts: src: '{{ playbook_dir }}/files/aci/{{ sheet_name }}.csv' vsheets: - TENANTs: - ap - epg - tenant - name: Iterate over the spreadsheet roles, creating an associative array (dictionary) using the EPG as the key set_fact: epg_ap_tenant: "{{ epg_ap_tenant | combine( {item.epg: item} ) }}" loop: "{{ TENANTs }}"
  • 38. When network configuration (policy) is generated programmatically, it must be applied to network devices programmatically. Zero Trust Architecture (2nd Draft) https://csrc.nist.gov/publications/detail/sp/800-207/draft
  • 39. VERSION CONTROL SOURCE OF TRUTH NETWORK DEPLOYMENT ENGINEER ANSIBLE PLAYBOO K
  • 41.  Most Network Engineers are not familiar with data serialization formats – which is why we use spreadsheets.  Don’t clutter playbooks with conditionals validating data format  Playbooks are not intended to be programming languages, write modules, and plugins.  Structure your data so it drives the functionality of the playbooks
  • 42. Examples from the Cisco Data Center webinar https://gitlab.com/joelwking/cisco_dc_community_of_interest CSV source of truth https://github.com/joelwking/csv-source-of-truth Foray into Ansible Content Collections https://www.slideshare.net/joelwking/foray-into-ansible-content-collections YAML Magic https://www.slideshare.net/roidelapluie/yaml-magic The 100% Open Source, Enterprise-Grade, Amazon S3 Compatible Object Storage https://min.io/ https://docs.minio.io/docs/minio-quickstart-guide.html