Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ansible Best Practices - July 30


Published on

This is a powerpoint presentation that I put together discussing best practices with Ansible, although it more specifically targets ansible playbooks. The topics include content organization, tips for writing playbooks, discussion around idempotency and it's importance, the power of jinja2 within ansible, and finishes with some lessons learned.

This presentation was delivered on July 30th at WP Engine's office for the Austin Ansible MeetUp.

Published in: Technology

Ansible Best Practices - July 30

  1. 1. Ansible Best PracticesTyler Turk – DevOps Engineer at WP Engine
  2. 2. Who am I? DevOps Engineer at WP Engine Enjoys Operations, Development, and long walks on the beach
  3. 3. General Overview
  4. 4. Content Organization • Follow hierarchy best practices • Use roles for content • Simplify your roles
  5. 5. Make it readable; keep it simple • Always provide a task name • Always define state • Over-use comments and white-space
  6. 6. Tag all the things • Tags help organization • --skip-tags=tags,to,skip • --tags=only,run,these,tags
  7. 7. Don’t Repeat Yourself! • Re-use code when possible • Leverage jinja2 templating • Avoid duplication unless absolutely necessary
  8. 8. Idempotency
  9. 9. What is idempotence? Idempotence is the property of certain operations in mathematics and computer science, that can be applied multiple times without changing the result beyond the initial application
  10. 10. Why is idempotency important? Config Management that lacks idempotency introduces doubt! • Ensure no changes unless things actually change • Some idempotency issues can be big issues (> versus >>) • Hides the real changes in a cloud of doubt • Reduction in speed if changes are consistently made • Testing becomes increasingly difficult
  11. 11. Shooting Yourself in the Foot • Conflicting tasks for differing roles • Remember: Don’t Repeat Yourself! • Double check your work
  12. 12. How do we get there? • Fully understand requirements • Document required processes and procedures • Requirement verification with invested parties • Review module docs to ensure it is idempotent
  13. 13. Some Modules Lacking Idempotency • Shell module • Command module • File module with touch argument
  14. 14. What are changed_when and failed_when?
  15. 15. Templating
  16. 16. Jinja2 – An Introduction • Python templating language • Many filters available (to_nice_json, to_nice_yaml, sort) • Conditional evaluation on task result (success, changed, failed, skipped) Additional Information:
  17. 17. Variables with Jinja2 • Avoid dictionaries if values will change • Accessible with double curly braces {{ i_am_a_variable }} {{ cluster.datacenter }} • Verify variable definition {% if cluster.lbmaster is not defined %} # Potential Error: No lbmaster {% endif %}
  18. 18. More with Jinja2 • Simple file templating with loops • Simple file templating with if/else • Even use variables for file names! • Iterate through items, globs, and hashes
  19. 19. Lessons Learned
  20. 20. Lessons Learned • Long running tasks should run in screen! • Leverage the community on IRC • Validate proper order of operations • Overly document playbooks and procedures
  21. 21. More Lessons Learned • Burn and churn on virtual instances for additional testing • Consistency in playbook development • Implement actual testing with ansible-lint and other CI utilities • Do not merge non-idempotent pull requests
  22. 22. Questions? What about testing? That’s next!
  23. 23. References Ansible Playbook Best Practices Ansible (Real Life) Good Practices Jinja2 Documentation