23
Ansible Configuration Management Made Easy
| Date post: | 13-Apr-2017 |
| Category: |
Technology |
| Upload: | jonathan-frappier |
| View: | 127 times |
| Download: | 1 times |
AnsibleConfiguration Management Made Easy
What is Ansible
“App deployment, configuration management and orchestration - all from one system.”
Who is the competition?
Which one do I chose?
…It depends…
• What are you trying to do?
• What Operating Systems are you managing?
• What other systems do you work with?
• What languages is your team familiar with?
Nail…Meet Hammer
Using Puppet…
Example – Install the Sysdig Monitoring Agent
Using Puppet…(Con’t)
Example – Install the Sysdig Monitoring Agent
(Anyone remember what this file was called?
Using Puppet…(Again…)
Example – Install the Sysdig Monitoring Agent
Using Puppet (Continued…)
Using Puppet…(FFS…)
Example – Install the Sysdig Monitoring Agent
Did you remember to install these guys?
Simple
Using Ansible!
Example – Install the Sysdig Monitoring Agent
Agentless
Ansible connects to hosts using SSH
SSH Key – List of all hosts for Ansible to manage
Password – append --ask-pass and --ask-become-pass
Files
Ansible can be useful using just two files (though we can do a lot more as well)
Inventory (hosts file) – List of all hosts for Ansible to manage
Playbook – List of commands processed in order (no guessing) for the specified hosts
Availability
All you need is love… no wait wrong presentation
All you need is GitHub (or a backup of your playbooks and hosts file)
Inventory
Located in /etc/ansible/hosts - can be as simple as you want/need it to be
Hosts fileAwesome as you wanna be…
Handy options
--ask-pass – prompts for a password to connect to the specified host(s), used when not using SSH keys
--ask-become-pass – Use when sudo is required to run the playbook/command
--check – Checks the playbook to see if it will work, but doesn’t execute on the remote host (or –C)
--module-name – specific the module you want to run for ad-hoc commands (or –m)
--module-path – path to the module if required (or –M)
--tree – path to log output (or –t)
A few hosts pre-reqs
Python – at least 2.5, no issue with modern distributions
SSH – SSH/Port 22 must be open from the control machine to the host (agentless and all)
SSH Keys – Ensure user account used by Ansible has SSH keys added from control-machine to all hosts
User account – Account used by Ansible has correct permissions on hosts (e.g. sudo for installs)
Demo Time!
MOAR EXAMPLES
MOAR EXAMPLES
Advanced Stuff and more resource
Roles – Separates vars, files, handlers
• Allows you to assign vars via inventory
Ansible Galaxy – Repository of community contributed roles
Ansible Tower – Commercial version, free for up to 10 nodes
• Scheduling
• RBAC
Q&A
Q: How do I do this crazy silly thing you likely do not know about?
A: https://docs.ansible.com
Q: What about this random version of linux that some guy wrote out of his basement?
A: https://docs.ansible.com
Q: What is better, Star Wars or Star Strek
A:
Thank you
Ansible
Don't think you can. Know you can!
![Introduction to security - start [APNIC TRAINING WIKI] · ANSIBLE Introduction 33. Hosts ANSIBLE Introduction •List of devices or group of devices where ansiblepush configuration](https://static.documents.pub/doc/80x56/5ed3c278a0e09216242fe78e/introduction-to-security-start-apnic-training-wiki-ansible-introduction-33.jpg)
