SlideShare uma empresa Scribd logo

Ansible: What, Why & How

Transferir como PPTX, PDF
Alfonso Cabrera
Alfonso Cabrera

Talk from Ansible Charlotte Kickoff meetup!

Tecnologia
1 de 25
Ansible Charlotte Meetup Alfonso Cabrera 4/21/15 ANSIBLE: WHAT, WHY & HOW
WHAT IS IT?
• Open source project started by Michael DeHaan (Red Hat, Puppet) in Feb. 2012 • Automation Engine written in Python • Used as: config mgmt tool, orchestration tool, app deploy tool • Similar tool to Chef, Puppet (but better!) BASICS
TECHNICALLY SPEAKING, • Python 2.7 internals • Dependencies: Python • Push based (can do pull too) • Built for the cloud - connects to servers using SSH keys (Powershell too) • Idempotent – run as many times as you wish! • Human readable syntax: YAML • No central server or special software on servers == AGENTLESS! • Works with modules which can be written in any language (batteries included)
WHY USE IT?
DESIGN PRINCIPLES 1. Simply Clear Automation for Dev, Ops (anyone!) 2. Simply Fast Minimal learning curve (automate fast!) 3. Simply Powerful Several tools in one & batteries included 4. Simply Efficient No complex setup – no agents 5. Simply Secure Reduced footprint– uses standard SSH
END THE DRUDGERY! • Package installs & updates • Vulnerability patches • Software deployments • Server provisioning • Config file consistency • ProTip: Use Ansible to make life easier and enable you to work on the things you want to work on.
SHOW ME DATA • 6th most starred Python project on GitHub (10k stars) • Over 1000 contributing developers on GitHub • Ansible Inc. – in house dev team • Received $6M in VC funding
A CHART!
MORE REASONS TO USE ANSIBLE • Fastest 0 to 60 time in the market– no speed bumps to slow you down • No new ports that need to be opened in your firewall • No server certificates needed • No master servers, no HA – don’t need to “manage the managers” • Excellent documentation with useful examples • There is probably already a core module for your use case: Cloud DB Mon. Web System EC2 MySQL Zabbix HAproxy Yum/Apt Google PostgreSQL Pager Duty Apache Cron Dig Ocean Redis Nagios Git Mount VMware Riak Pingdom Docker SELinux
HOW DOES IT WORK?
BASIC TERMINOLOGY • Inventory: what servers to connect to • Facts: system info discovered • Modules: abstract tasks for different uses • Tasks: run an action from a module with specified arguments • Plays: what tasks to run on what hosts • Playbooks: a list of plays • Roles: organize by server function/type
ANSIBLE CONFIG • Rule #1: Don’t turn off cowsay! • Control whether password is required • Set how many parallel processes to use (default 5) • Set Ansible log path • Set private key file for SSH key auth • Use custom SSH arguments as default • Set defaults for remote user, remote SSH port, SSH timeout
INVENTORY • Inventory file is in INI format • Can specify custom port or SSH user alongside host • Sample:
AD HOC MODE • Run tasks outside of playbooks • Run on full or partial inventory • Can use modules with ad-hoc tasks (use –m)
PLAYBOOKS • A list of plays run against specified hosts • Put them in version control! • Can run on one host at a time or all servers in parallel • YAML syntax • Can use variables • Can use file templates (jinja2) • Can specify only certain tasks to run based on tags
PLAYBOOK EXAMPLE
USE ROLES
A ROLE PLAYBOOK
HOW WE STARTED • Real world use case – deploys were being done with manual, interactive shell scripts by multiple teams! • Dev team would handle first part and inform Ops when tar file was ready for deployment • Ops (me) would have to run a few shell scripts and cross my fingers • Deployments were a pain point for the company • Ansible to the rescue!
HOW WE FIXED DEPLOYMENTS • Goal: Make deployments simpler and more stable • Ansible workflow : • Pull source code from Stash directly (using ro SSH key) • Use composer module to pull in dependencies • Create packaged tar file with code and dependencies • Copy file to dev | test | prod and unpack tar file in webroot • Apply proper file permissions • Other tasks based on playbook logic that checks server/env/app • Gracefully restart Apache • Add comment to JIRA ticket informing team of successful deploy and assign ticket to PM • POST deployment to New Relic using API
ANSIBLE TOWER • Paid product w/ support by Ansible Inc • Web based GUI • Manage nodes, schedule jobs • Auditing • REST API
WRAP UP • Free Preview of Ansible Up and Running by Lorin Hochstein http://www.ansible.com/ansible-book • Excellent docs at http://docs.ansible.com
THANK YOU!

Recomendados

Vagrant and Chef on FOSSASIA 2014
Vagrant and Chef on FOSSASIA 2014Vagrant and Chef on FOSSASIA 2014
Vagrant and Chef on FOSSASIA 2014Michael Lihs
 
Automate your Development Environment with Vagrant & Chef
Automate your Development Environment with Vagrant & Chef Automate your Development Environment with Vagrant & Chef
Automate your Development Environment with Vagrant & Chef Michael Lihs
 
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20Michael Lihs
 
The New Frontend Toolchain
The New Frontend ToolchainThe New Frontend Toolchain
The New Frontend ToolchainBruno Abrantes
 
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web ScaleSaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web ScaleSaltStack
 
Configuration Management - Finding the tool to fit your needs
Configuration Management - Finding the tool to fit your needsConfiguration Management - Finding the tool to fit your needs
Configuration Management - Finding the tool to fit your needsSaltStack
 
Chef + AWS + CodeIgniter
Chef + AWS + CodeIgniterChef + AWS + CodeIgniter
Chef + AWS + CodeIgniterciconf
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAlberto Molina Coballes
 

Recomendados

Vagrant and Chef on FOSSASIA 2014
Vagrant and Chef on FOSSASIA 2014Vagrant and Chef on FOSSASIA 2014
Vagrant and Chef on FOSSASIA 2014Michael Lihs
 
Automate your Development Environment with Vagrant & Chef
Automate your Development Environment with Vagrant & Chef Automate your Development Environment with Vagrant & Chef
Automate your Development Environment with Vagrant & Chef Michael Lihs
 
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20
Continuous Integration with Open Source Tools - PHPUgFfm 2014-11-20Michael Lihs
 
The New Frontend Toolchain
The New Frontend ToolchainThe New Frontend Toolchain
The New Frontend ToolchainBruno Abrantes
 
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web ScaleSaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web ScaleSaltStack
 
Configuration Management - Finding the tool to fit your needs
Configuration Management - Finding the tool to fit your needsConfiguration Management - Finding the tool to fit your needs
Configuration Management - Finding the tool to fit your needsSaltStack
 
Chef + AWS + CodeIgniter
Chef + AWS + CodeIgniterChef + AWS + CodeIgniter
Chef + AWS + CodeIgniterciconf
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAlberto Molina Coballes
 
Ansible Best Practices - July 30
Ansible Best Practices - July 30Ansible Best Practices - July 30
Ansible Best Practices - July 30tylerturk
 
Configuration manager presentation
Configuration manager presentationConfiguration manager presentation
Configuration manager presentationjeyg
 
Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUptylerturk
 
How Ansible Makes Automation Easy
How Ansible Makes Automation EasyHow Ansible Makes Automation Easy
How Ansible Makes Automation EasyPeter Sankauskas
 
The Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With PuppetThe Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With PuppetMike Merideth
 
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner) Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner) Puppet
 
DCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityDCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityGeoff Harcourt
 
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)Puppet
 
SaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google ScaleSaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google ScaleSaltStack
 
From Test to Live with Rex
From Test to Live with RexFrom Test to Live with Rex
From Test to Live with RexJan Gehring
 
Puppet Development Workflow
Puppet Development WorkflowPuppet Development Workflow
Puppet Development WorkflowJeffery Smith
 
Implementing your own Google App Engine
Implementing your own Google App Engine Implementing your own Google App Engine
Implementing your own Google App Engine Virtual JBoss User Group
 
OWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP HackathonOWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP HackathonSimon Bennetts
 
Hashicorp at holaluz
Hashicorp at holaluzHashicorp at holaluz
Hashicorp at holaluzRicard Clau
 
2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting Started2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting StartedSimon Bennetts
 
Git+jenkins+rex presentation
Git+jenkins+rex presentationGit+jenkins+rex presentation
Git+jenkins+rex presentationDwi Sasongko Supriyadi
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleItamar Hassin
 
rsyslog meets docker
rsyslog meets dockerrsyslog meets docker
rsyslog meets dockerRainer Gerhards
 
Command box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPLCommand box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPLColdFusionConference
 
Serverspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collideServerspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collidem_richardson
 
What we talk about when we talk about DevOps
What we talk about when we talk about DevOpsWhat we talk about when we talk about DevOps
What we talk about when we talk about DevOpsRicard Clau
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat OverviewMandi Walls
 

Mais conteúdo relacionado

Mais procurados

Ansible Best Practices - July 30
Ansible Best Practices - July 30Ansible Best Practices - July 30
Ansible Best Practices - July 30tylerturk
 
Configuration manager presentation
Configuration manager presentationConfiguration manager presentation
Configuration manager presentationjeyg
 
Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUptylerturk
 
How Ansible Makes Automation Easy
How Ansible Makes Automation EasyHow Ansible Makes Automation Easy
How Ansible Makes Automation EasyPeter Sankauskas
 
The Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With PuppetThe Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With PuppetMike Merideth
 
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner) Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner) Puppet
 
DCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityDCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityGeoff Harcourt
 
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)Puppet
 
SaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google ScaleSaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google ScaleSaltStack
 
From Test to Live with Rex
From Test to Live with RexFrom Test to Live with Rex
From Test to Live with RexJan Gehring
 
Puppet Development Workflow
Puppet Development WorkflowPuppet Development Workflow
Puppet Development WorkflowJeffery Smith
 
OWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP HackathonOWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP HackathonSimon Bennetts
 
Hashicorp at holaluz
Hashicorp at holaluzHashicorp at holaluz
Hashicorp at holaluzRicard Clau
 
2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting Started2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting StartedSimon Bennetts
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleItamar Hassin
 
Command box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPLCommand box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPLColdFusionConference
 
Serverspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collideServerspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collidem_richardson
 

Mais procurados (20)

Ansible Best Practices - July 30
Ansible Best Practices - July 30Ansible Best Practices - July 30
Ansible Best Practices - July 30
 
Configuration manager presentation
Configuration manager presentationConfiguration manager presentation
Configuration manager presentation
 
Introduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUpIntroduction to Ansible - Jan 28 - Austin MeetUp
Introduction to Ansible - Jan 28 - Austin MeetUp
 
How Ansible Makes Automation Easy
How Ansible Makes Automation EasyHow Ansible Makes Automation Easy
How Ansible Makes Automation Easy
 
The Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With PuppetThe Art and Zen of Managing Nagios With Puppet
The Art and Zen of Managing Nagios With Puppet
 
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner) Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
Puppet Camp Chicago 2014: Running Multiple Puppet Masters (Beginner)
 
DCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityDCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production Parity
 
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
 
SaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google ScaleSaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltConf14 - Brendan Burns, Google - Management at Google Scale
 
From Test to Live with Rex
From Test to Live with RexFrom Test to Live with Rex
From Test to Live with Rex
 
Puppet Development Workflow
Puppet Development WorkflowPuppet Development Workflow
Puppet Development Workflow
 
Implementing your own Google App Engine
Implementing your own Google App Engine Implementing your own Google App Engine
Implementing your own Google App Engine
 
OWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP HackathonOWASP 2013 APPSEC USA ZAP Hackathon
OWASP 2013 APPSEC USA ZAP Hackathon
 
Hashicorp at holaluz
Hashicorp at holaluzHashicorp at holaluz
Hashicorp at holaluz
 
2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting Started2014 ZAP Workshop 1: Getting Started
2014 ZAP Workshop 1: Getting Started
 
Git+jenkins+rex presentation
Git+jenkins+rex presentationGit+jenkins+rex presentation
Git+jenkins+rex presentation
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using Ansible
 
rsyslog meets docker
rsyslog meets dockerrsyslog meets docker
rsyslog meets docker
 
Command box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPLCommand box, Package Manager, Automation, REPL
Command box, Package Manager, Automation, REPL
 
Serverspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collideServerspec and Sensu - Testing and Monitoring collide
Serverspec and Sensu - Testing and Monitoring collide
 

Semelhante a Ansible: What, Why & How

What we talk about when we talk about DevOps
What we talk about when we talk about DevOpsWhat we talk about when we talk about DevOps
What we talk about when we talk about DevOpsRicard Clau
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat OverviewMandi Walls
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)yalini97
 
The Art & Zen of Managing Nagios with Puppet
The Art & Zen of Managing Nagios with PuppetThe Art & Zen of Managing Nagios with Puppet
The Art & Zen of Managing Nagios with PuppetVictorOps
 
Smart Platform Infrastructure with AWS
Smart Platform Infrastructure with AWSSmart Platform Infrastructure with AWS
Smart Platform Infrastructure with AWSJames Huston
 
August Webinar - Water Cooler Talks: A Look into a Developer's Workbench
August Webinar - Water Cooler Talks: A Look into a Developer's WorkbenchAugust Webinar - Water Cooler Talks: A Look into a Developer's Workbench
August Webinar - Water Cooler Talks: A Look into a Developer's WorkbenchHoward Greenberg
 
Adding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecAdding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecMandi Walls
 
Puppet Camp Denver 2015: Nagios Management With Puppet
Puppet Camp Denver 2015: Nagios Management With PuppetPuppet Camp Denver 2015: Nagios Management With Puppet
Puppet Camp Denver 2015: Nagios Management With PuppetPuppet
 
ServerTemplates - The Next Generation
ServerTemplates - The Next GenerationServerTemplates - The Next Generation
ServerTemplates - The Next GenerationRightScale
 
Introduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitIntroduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitJennifer Davis
 
Production Ready WordPress - WC Utrecht 2017
Production Ready WordPress - WC Utrecht 2017Production Ready WordPress - WC Utrecht 2017
Production Ready WordPress - WC Utrecht 2017Edmund Turbin
 
Midwest PHP - Scaling Magento
Midwest PHP - Scaling MagentoMidwest PHP - Scaling Magento
Midwest PHP - Scaling MagentoMathew Beane
 
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...Nagios
 
Php internal architecture
Php internal architecturePhp internal architecture
Php internal architectureElizabeth Smith
 
Getting Started With Jenkins And Drupal
Getting Started With Jenkins And DrupalGetting Started With Jenkins And Drupal
Getting Started With Jenkins And DrupalPhilip Norton
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012Jan Jongboom
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Kangaroot
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 

Semelhante a Ansible: What, Why & How (20)

What we talk about when we talk about DevOps
What we talk about when we talk about DevOpsWhat we talk about when we talk about DevOps
What we talk about when we talk about DevOps
 
Habitat Overview
Habitat OverviewHabitat Overview
Habitat Overview
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)
 
The Art & Zen of Managing Nagios with Puppet
The Art & Zen of Managing Nagios with PuppetThe Art & Zen of Managing Nagios with Puppet
The Art & Zen of Managing Nagios with Puppet
 
Smart Platform Infrastructure with AWS
Smart Platform Infrastructure with AWSSmart Platform Infrastructure with AWS
Smart Platform Infrastructure with AWS
 
August Webinar - Water Cooler Talks: A Look into a Developer's Workbench
August Webinar - Water Cooler Talks: A Look into a Developer's WorkbenchAugust Webinar - Water Cooler Talks: A Look into a Developer's Workbench
August Webinar - Water Cooler Talks: A Look into a Developer's Workbench
 
Adding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpecAdding Security and Compliance to Your Workflow with InSpec
Adding Security and Compliance to Your Workflow with InSpec
 
The Architect Way
The Architect WayThe Architect Way
The Architect Way
 
Puppet Camp Denver 2015: Nagios Management With Puppet
Puppet Camp Denver 2015: Nagios Management With PuppetPuppet Camp Denver 2015: Nagios Management With Puppet
Puppet Camp Denver 2015: Nagios Management With Puppet
 
ServerTemplates - The Next Generation
ServerTemplates - The Next GenerationServerTemplates - The Next Generation
ServerTemplates - The Next Generation
 
Introduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen SummitIntroduction to Chef - Techsuperwomen Summit
Introduction to Chef - Techsuperwomen Summit
 
Production Ready WordPress - WC Utrecht 2017
Production Ready WordPress - WC Utrecht 2017Production Ready WordPress - WC Utrecht 2017
Production Ready WordPress - WC Utrecht 2017
 
Midwest PHP - Scaling Magento
Midwest PHP - Scaling MagentoMidwest PHP - Scaling Magento
Midwest PHP - Scaling Magento
 
Heroku
HerokuHeroku
Heroku
 
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...
 
Php internal architecture
Php internal architecturePhp internal architecture
Php internal architecture
 
Getting Started With Jenkins And Drupal
Getting Started With Jenkins And DrupalGetting Started With Jenkins And Drupal
Getting Started With Jenkins And Drupal
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
 

Último

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 

Último (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 

Ansible: What, Why & How

  • 1. Ansible Charlotte Meetup Alfonso Cabrera 4/21/15 ANSIBLE: WHAT, WHY & HOW
  • 3. • Open source project started by Michael DeHaan (Red Hat, Puppet) in Feb. 2012 • Automation Engine written in Python • Used as: config mgmt tool, orchestration tool, app deploy tool • Similar tool to Chef, Puppet (but better!) BASICS
  • 4. TECHNICALLY SPEAKING, • Python 2.7 internals • Dependencies: Python • Push based (can do pull too) • Built for the cloud - connects to servers using SSH keys (Powershell too) • Idempotent – run as many times as you wish! • Human readable syntax: YAML • No central server or special software on servers == AGENTLESS! • Works with modules which can be written in any language (batteries included)
  • 6.
  • 7. DESIGN PRINCIPLES 1. Simply Clear Automation for Dev, Ops (anyone!) 2. Simply Fast Minimal learning curve (automate fast!) 3. Simply Powerful Several tools in one & batteries included 4. Simply Efficient No complex setup – no agents 5. Simply Secure Reduced footprint– uses standard SSH
  • 8. END THE DRUDGERY! • Package installs & updates • Vulnerability patches • Software deployments • Server provisioning • Config file consistency • ProTip: Use Ansible to make life easier and enable you to work on the things you want to work on.
  • 9. SHOW ME DATA • 6th most starred Python project on GitHub (10k stars) • Over 1000 contributing developers on GitHub • Ansible Inc. – in house dev team • Received $6M in VC funding
  • 11. MORE REASONS TO USE ANSIBLE • Fastest 0 to 60 time in the market– no speed bumps to slow you down • No new ports that need to be opened in your firewall • No server certificates needed • No master servers, no HA – don’t need to “manage the managers” • Excellent documentation with useful examples • There is probably already a core module for your use case: Cloud DB Mon. Web System EC2 MySQL Zabbix HAproxy Yum/Apt Google PostgreSQL Pager Duty Apache Cron Dig Ocean Redis Nagios Git Mount VMware Riak Pingdom Docker SELinux
  • 12. HOW DOES IT WORK?
  • 13. BASIC TERMINOLOGY • Inventory: what servers to connect to • Facts: system info discovered • Modules: abstract tasks for different uses • Tasks: run an action from a module with specified arguments • Plays: what tasks to run on what hosts • Playbooks: a list of plays • Roles: organize by server function/type
  • 14. ANSIBLE CONFIG • Rule #1: Don’t turn off cowsay! • Control whether password is required • Set how many parallel processes to use (default 5) • Set Ansible log path • Set private key file for SSH key auth • Use custom SSH arguments as default • Set defaults for remote user, remote SSH port, SSH timeout
  • 15. INVENTORY • Inventory file is in INI format • Can specify custom port or SSH user alongside host • Sample:
  • 16. AD HOC MODE • Run tasks outside of playbooks • Run on full or partial inventory • Can use modules with ad-hoc tasks (use –m)
  • 17. PLAYBOOKS • A list of plays run against specified hosts • Put them in version control! • Can run on one host at a time or all servers in parallel • YAML syntax • Can use variables • Can use file templates (jinja2) • Can specify only certain tasks to run based on tags
  • 21. HOW WE STARTED • Real world use case – deploys were being done with manual, interactive shell scripts by multiple teams! • Dev team would handle first part and inform Ops when tar file was ready for deployment • Ops (me) would have to run a few shell scripts and cross my fingers • Deployments were a pain point for the company • Ansible to the rescue!
  • 22. HOW WE FIXED DEPLOYMENTS • Goal: Make deployments simpler and more stable • Ansible workflow : • Pull source code from Stash directly (using ro SSH key) • Use composer module to pull in dependencies • Create packaged tar file with code and dependencies • Copy file to dev | test | prod and unpack tar file in webroot • Apply proper file permissions • Other tasks based on playbook logic that checks server/env/app • Gracefully restart Apache • Add comment to JIRA ticket informing team of successful deploy and assign ticket to PM • POST deployment to New Relic using API
  • 23. ANSIBLE TOWER • Paid product w/ support by Ansible Inc • Web based GUI • Manage nodes, schedule jobs • Auditing • REST API
  • 24. WRAP UP • Free Preview of Ansible Up and Running by Lorin Hochstein http://www.ansible.com/ansible-book • Excellent docs at http://docs.ansible.com