The document discusses zero-code multi-cloud automation using Ansible and Terraform, highlighting the challenges in automation and the benefits of these tools in facilitating configuration management and infrastructure as code. It explains how Avi Networks integrates with Ansible and Terraform to streamline operations and improve multi-cloud environments through adaptive and intelligent automation. The document includes various demos and examples to illustrate the practical implementation of these automation tools for better resource management and operational efficiency.

1. Zero Code Multi-Cloud Automation with
Ansible and Terraform
Gaurav Rastogi, Architect – Avi Networks
Lei Yang, Director of Product Marketing

2. Agenda
Automation Challenges
Introduction to Avi Networks
Ansible / Terraform Primer
Integration with Avi
Demos

3. Does your automation journey feel like this?

4. Poll: Where are you on your
automation journey?

5. • Automation is hard
– Complicated
– Fragile
• Full lifecycle automation
– Day 0
– Day 1+
– Multi-cloud
• Ecosystem integration
– 100% vs. 99% RESTful APIs
– Least amount of friction to
leading platforms integration
Top 3 Challenges

6. Agenda
Automation Challenges
Introduction to Avi Networks
Ansible / Terraform Primer
Integration with Avi
Demos

7. Intent-based Application Services
Declare desired outcomes and Avi does the heavy lifting
AVI VANTAGE PLATFORM
Software Load Balancers
Intelligent
Web Application Firewall Elastic Service Mesh

8. BARE METAL VIRTUALIZED CONTAINERSON PREMISES PUBLIC CLOUDVIRTUALIZED CONTAINERS
Avi Vantage Platform
CONTROLLER
SERVICE
ENGINE
SEPARATE CONTROL
& DATA PLANE
ELASTICITY
INTELLIGENCE AUTOMATIONMULTI-CLOUD

9. Automation Operationalizes Digital Transformation
Day 1+
• Use case driven
• Full lifecycle management
• Recurring savings
• Adaptive to changes
Intent-based
 Adaptive and learning based
 Dynamic & continuous monitoring
 Automatically program network, cloud,
and app environments
CLI/Scripting
/Excel
GUI/Workflow/
Tools
API/Orchestration
Framework
Day 0
• Configuration focused
• Self-service provisioning
• One time saving
• Static

10. Poll: Do you plan to use the
following automation tools?

11. Agenda
Automation Challenges
Introduction to Avi Networks
Ansible / Terraform Primer
Integration with Avi
Demos

12. Ansible - IT automation and orchestration platform
• Now acquired by Redhat
• It can streamline operations such as:
– Configuration of servers
– Application deployment
– Continuous testing of already installed applications
– Provisioning
– Orchestration
– Automation of tasks
• YAML based configuration which is easy to read and write till one has to use
JinJa!

13. Why Ansible?
• Shell / Perl scripts rock in the beginning – then they turn into a rock!
– Unmanageable and difficult to maintain
– Cannot skip N steps and start shell script from N+1th step
– Does not provide feedback on what has been done and what it is doing!
– Not easy to add option to simply skip some steps
– It does not provide feedback on what steps did not change vs what changed?
– Audit and debug logs
– Need to be a developer!
• Ansible can invoke modular shell scripts - very common practice!
“I can write a shell script to do everything! why not Python?”

14. Terraform - Write, Plan, and Create Infrastructure as Code
• HashiCorp Terraform enables you to safely and predictably create, change, and improve
infrastructure. It is an open source tool that codifies APIs into declarative configuration files that
can be shared amongst team members, treated as code, edited, reviewed, and versioned.
• Like Ansible it can be used for full application automation
• It is declarative by design - Manages dependency of resources implicitly
• HCL based “plans” for infrastructure

15. Agenda
Automation Challenges
Introduction to Avi Networks
Ansible / Terraform Primer
Integration with Avi
Demos

16. Poll: What are your top challenges
with automation integration?

17. Avi Ansible Integration Landscape
Avi Controller / SE Roles
avicontroller
(linux server)
avicontroller-csp
avicontroller-azure
avicontroller-vmware
avicontroller-k8s
Avi Ansible modules (Avi within top 50 contributors)
avisdk role - packages all Avi Ansible modules
avise-csp
Ansible Modules (104) - one / REST resource + others
Ansible Utilities
Avi Migration output as Ansible
Avi Config (JSON) to Ansible Converter
aviconfig role - Declarative Model
Avi Ansible Examples - Devops Github
Avi Docker Role

18. Avi Ansible Special Modules in addition to the REST modules
• avi_api_session: Proxy to any AVI API
• avi_useraccount: Module to change password on controller
• avi_gslb_service_patch_member: Helper moule to do smart deep level PATCH
not possible via API
• avi_api_version (PaddyPower): Fetch controller version
• avi_api_file_service: Fetch and upload files to Avi Controller: supports check
mode and idempotency

19. Avi Terraform Integration
https://github.com/avinetworks/terraform-provider-avi
• Full featured Avi Terraform provider
• Resources: CRUD for Avi REST resources.
• Data Sources: Expose Read-only Avi REST resources.
• Import Avi REST resources
• Special handling for System objects that are not created by Terraform but can
still be managed via Avi provider

20. Goal – Path to Zero Code Application Automation
Automation with different levels of abstraction based on your preference
API SDK
JSON
Swagger Spec
Python
Go, etc.
Ansible
Modules
Ansible
Role
Playbook as Code
Custom, in-house orchestration
(Dev teams)
Focus on automation, not code
(DevOps, ITOps, NetOps)
Terraform Provider
ZeroCode
YAM / HCL
Config

21. Agenda
Automation Challenges
Introduction to Avi Networks
Ansible / Terraform Primer
Integration with Avi
Demos

22. Avi Ansible Modules - Proxy+ to REST API
check mode, idempotent, single connection to Avi Controller across tasks...
Avi Module Common Params
● name- Name of the object
● tenant- Tenant context for operation
● tenant_ref- tenant of object
● avi_credentials- API credentials
● state- present or absent
● cloud_ref- Reference to cloud when using non
default cloud
● api_context- re-use existing login CSRFToken and
sessionid
● avi_api_update_method- PUT vs PATCH
● avi_api_patch_op: Patch operation
● Mostly Auto-generated
● Documentation at Ansible
---
- hosts: localhost
connection: local
vars:
avi_credentials:
controller: "{{ controller }}"
username: admin
password: "{{ password }}"
api_version: 17.2.1
tenant: admin
tasks:
- name: Avi Pool
avi_pool:
name: test-pool
avi_credentials: "{{avi_credentials}}"
state: "{{ state | default('present')}}"
health_monitor_refs:
- '/api/healthmonitor?name=System-HTTP'

23. Demo #1
Basic Avi / Ansible Demo – create a virtual service (VS)

24. Avi Ansible Config Role – Zero code!
avi_config:
pool:
- name: app1-pool
#state: absent
lb_algorithm: LB_ALGORITHM_ROUND_ROBIN
servers:
- ip:
addr: "{{ pool_server1 }}"
type: 'V4'
- ip:
addr: "{{ pool_server2 }}"
type: 'V4'
virtualservice:
- name: app1
services:
- port: 80
pool_ref: '/api/pool?name=app1-pool'
#pool_ref:
# state: absent
vip:
- ip_address:
addr: "{{ app1_vip }}"
type: 'V4'
vip_id: '1'
 YAML based declarative configuration
 Handles resource dependency internally
 Preserves all benefits of Ansible Modules
 Idempotent
 Check mode
 Audit trail
 Repeatability
 Easy iteration – pick where it stopped
- name: Avi Application | Setup App1
include_role:
name: avinetworks.aviconfig
vars:
avi_config_file: "avi_config.yml"

25. Demo #2
1. Create a new avi_config.yml
2. Perform deployment using Ansible
3. Confirm Deployment is successful
4. There should not be any change reported for second run

26. Demo #3
Basic Avi / Terraform demo

27. Next Steps
• FREE trial
– avinetworks.com/try
• Avi Ansible Modules
– https://docs.ansible.com/ansible/latest/modules/list_of_network_modules.html#avi
• Avi / Ansible Modules examples
– https://github.com/avinetworks/devops/tree/master/ansible
• Avi Ansible Galaxy for all the roles - https://galaxy.ansible.com/avinetworks
– Aviconfig
– Avisdk
– Avicontroller, avicontroller-csp, avicontroller-vmware
• Avi /Terraform examples
– https://github.com/avinetworks/terraform-provider-avi
• Avi tools Docker
– Docker pull avinetworks/avitools:latest

28. Questions
https://avinetworks.com/contact-us/
grastogi@avinetworks.com
https://www.linkedin.com/in/grrastogi/