intro to automation & orchestration with red hat ansible · •jump-start your automation...
TRANSCRIPT
Intro to Automation & Orchestration with Red Hat AnsibleBogdan BeneaRed Hat Solution Architect 26/02/2020
Azure
AWS
Private
First Some Terminology
• Private Cloud – Data Center virtualized• Public Cloud – AWS & Azure• Hybrid Cloud – mix of both
© 2020 F5 Networks 2
App2
Apps
Apps
App2
Apps AppsApps
App1
App1
Apps
Apps
Deploying Applications in Traditional DC
• Ask Network team for Resources
• Ask Server team for Resources
• Ask Storage team for Resources
• Buy needed hardware
• Finally build App and test
$© 2020 F5 Networks 3
Why Cloud?
Two Reasons…
• Cost• Rent vs Buy Hardware
• Speed to Market (Business Agility)• What does Business Agility Mean? -> Deploy Apps FAST
• “2~3 weeks -> 1 day” – banking company A• “1~2 weeks -> 1 day” – banking company B• “11 days -> 6 hours” – ISP hosting company
Only in some cases
© 2020 F5 Networks 4
How do you get “Speed” to Market?
• Automation & Orchestration
• Automation Tools
• Container Platforms
• Cloud Environments
© 2020 F5 Networks
5
What is Automation & Orchestration?
Historically• Command scripts to create config • Customer Issues – BIG-IP knowledge needed• Difficult to Add & Delete BIG-IP’s Now• iControl REST API – Customers build their own• BIG-IP Cloud Edition –
• App Templates & Service Scaling Groups• Application views from BIG-IQ
Future • Cloud-native App services & F5 Cloud services
© 2020 F5 Networks 6
Silverline
App Servers
Public
What value does F5 bring to Cloud?
Full Proxy
TCP Client
TCP Server
SSL Offload
Internet
Access (APM)
Auth Servers
Security (AFM & ASM)
BIG-IP
1. Common Interface
2. Proxy between
3. Application Services
ADC Portfolio to address All Applications
• Source: IDC, 2018; F5
Applications1000’sFEW
Applications
More complex, higher TCO
Cloud-native
Application architecture BIG-IP Cloud Edition
Cloud-Native App Services
BIG-IP HW, VE
F5 Cloud Services
# of applications, 2017, millions
33 M 36 M 191 M
# of applications, 2022, millions 44 M 198 M 1,452 M
© 2020 F5 Networks 8
Container 3Container 2Container 1VM 3VM 2VM 1
What are Containers?
Infrastructure
Operating System
Hypervisor
Guest OS Guest OSGuest OS
Bins/Libs
App 1
Bins/Libs
App 2
Bins/Libs
App 3
Infrastructure
Operating System
Container Runtime Environment
Bins/Libs
App 1
Bins/Libs
App 2
Bins/Libs
App 3
Virtual Machines Containers
Lightweight, fast, portable!
“Kind of feels like a virtual machine, but sheds all the weight and startup overhead of a guest operating system”
vs
© 2020 F5 Networks 10
Methodologies
Traditional• Organizational Silos• Monolithic Processes• Waterfall Development
Agile• Collaborative Teams• Continuous Processes• Agile Development
STOP GO ∞© 2020 F5 Networks 11
Declarative Model
• Declarative methodology implies that you define the desired outcome and depend on underlying mechanisms to deliver that outcome.
• This methodology tries to reduce or eliminate the need for domain specific knowledge.
© 2020 F5 Networks 12
Why organizations use automated frameworks
© 2020 F5 Networks 13
71% 51%
REDUCE OPEX SCALING TO MEET DEMAND
43%
TIME TO MARKET
$
Why Ansible?
© 2020 F5 Networks 14
SIMPLE POWERFUL AGENTLESSHuman readable
automation
No special coding skills needed
Tasks executed in order
Get productive quickly
App deployment
Configuration management
Workflow orchestration
Orchestrate the app lifecycle
Agentless architecture
Uses OpenSSH & WinRM
No agents to exploit or update
More efficient & more secure
• Composed of three different high-level elements:
What is Ansible?
© 2020 F5 Networks 15
Modules are the tools in your workshop
Playbooks are your instruction manuals
The Inventory of hosts are your raw material
F5 Modules in Ansible v2.9
© 2020 F5 Networks 18
BIG-IP device features• bigip_device_dns
• bigip_device_ntp
• bigip_device_sshd
• bigip_hostname
• bigip_routedomain
• bigip_selfip
• bigip_sys_db
• bigip_sys_global
• bigip_vlan
• bigip_user
• bigip_provision
• bigip_qkview
• bigip_snmp
• bigip_snmp_trap
• bigip_configsync_actions
BIG-IP DNS features• bigip_gtm_datacenter
• bigip_gtm_facts
• bigip_gtm_virtual_server
• bigip_gtm_wide_ip
• bigip_gtm_pool
BIG-IP LTM Features• bigip_irule
• bigip_monitor_tcp_echo
• bigip_monitor_tcp_half_open
• bigip_monitor_http
• bigip_monitor_tcp
• bigip_node
• bigip_pool
• bigip_pool_member
• bigip_snat_pool
• bigip_ssl_certificate
• bigip_virtual_server
• bigip_virtual_address
164 Modules + Active Development!
BIG-IP ASM, AFM & APM• bigip_asm_secpolicy
•
• bigip_afm_acls
•
• bigip_apm_access_policy
• Jump-start your automation project with content from the Ansible community. Galaxy provides pre-packaged units of work known to Ansible as roles.
• Roles can be dropped into Ansible PlayBooks and immediately put to work.
• Community driven pre-made modules & roles available for download:• https://galaxy.ansible.com/search?deprecated=false&keywords=F5%20&orde
r_by=-relevance&page=1• Simple customization
Ansible Galaxy
• Ansible web-based interface• RBAC• Credentials management• Priced and supported
Ansible Tower
© 2020 F5 Networks 20
PROJECT
PLAYBOOKSINVENTORY TEMPLATES
PLAY 1
PLAY 2
BIG-IP .JSON
AS3 JINJA2