self-service it - red hat...self-service it with ansible tower & microsoft azure chris...

SELF-SERVICE ITW I T HA N S I B L E TO W E R & M I C R O S O F T A Z U R E

Chris HouseknechtDave Johnson

June 2016

#redhat #rhsummit

1

THE HARD PART ISBUILDING THE MACHINETHAT BUILDS THEPRODUCT

—Dennis Crowley, Co-Founder/CEO of Foursquare

2 . 1

T H O S E W H O A R E M O S TS U C C E S S F U L A R E C A PA B L E O F‘ H I G H E R L E V E L T H I N K I N G ’ —T H E Y A R E A B L E TO S T E P B AC KA N D D E S I G N A ‘ M AC H I N E ’C O N S I S T I N G O F T H E R I G H TP E O P L E D O I N G T H E R I G H TT H I N G S TO G E T W H AT T H E Y WA N T.

—Ray Dalio, Founder of Bridgewater Associates

2 . 2

"already allowed us to save at least 10-15 hours per weekmanaging our systems"

"we’ve been able to cut down certain processes from 17 hoursto 3 minutes"

2 . 3

AUTOMATION

CATALOG

PLATFORM

2 . 4

AUTOMATION

CATALOG

PLATFORM

2 . 5

PLATFORM

AUTOMATION

CATALOG

2 . 6

PLATFORM

AUTOMATION

CATALOG

2 . 7

#redhat #rhsummit

3 . 1

MICROSOFT AZURE

NEW ANSIBLE MODULES FOR AZURE

DYNAMIC INVENTORY SYNC

FULL SUPPORT FOR RESOURCE MANAGER

# Red Hat #rhsummit

3 . 2

MICROSOFT AZURER E S O U R C E M A N AG E R

Resource GroupsTemplate DeploymentTagsAccess Control

# Red Hat #rhsummit

3 . 3

MICROSOFT AZURE

Updated dynamic inventory synchronization [1]

[1] https://github.com/ansible/ansible/blob/devel/contrib/inventory/azure_rm.py

Automatically groups hosts by:

Resource GroupLocationSecurity GroupTag KeyTag Key : Value

Optionally, turn off one or all groupings

Conditionally select hosts with matching group values

Controll from azure_rm.ini

DY N A M I C I N V E N TO RY

3 . 4

http://github.com/ansible/ansible/blob/devel/contrib/inventory/azure_rm.py

MICROSOFT AZURE

azure_rm_storageaccountazure_rm_storageblobazure_rm_securitygroupazure_rm_virtualnetworkazure_rm_subnetazure_rm_networkinterfaceazure_rm_publicipaddressazure_rm_resourcegroupazure_rm_virtualmachineazure_rm_deployment

N E W A Z U R E M O D U L E S

3 . 5

MICROSOFT AZUREN E W A Z U R E M O D U L E S

Core supportShared library

AuthenticationValidationTag handlingParameters

# Red Hat #rhsummit

3 . 6

MICROSOFT AZURE

Getting started with Azure guide [1]

[1] http://docs.ansible.com/ansible/guide_azure.html


Requirements and setupAuthenticationCreating a virtual machineUsing dynamic inventory

# Red Hat #rhsummit

3 . 7

http://docs.ansible.com/ansible/guide_azure.html

MICROSOFT AZURE

Pull Requests Welcome!Issues on Github at ansible/anible-modules-core#ansible on IRCAnsible Project and Ansible Development mailing lists onGoogle


# Red Hat #rhsummit

3 . 8

#redhat #rhsummit

4 . 1

WHAT IS ANSIBLE?

It’s a simple automation language that canperfectly describe an IT application infrastructure inAnsible Playbooks.

It’s an automation engine that runs AnsiblePlaybooks.

4 . 2

Human readable automation

No special coding skills needed

Tasks executed in order

Get productive quickly

App deployment

Configuration management

Workflow orchestration

Orchestrate the app lifecycle

Agentless architecture

Uses OpenSSH & WinRM

No agents to exploit or update

More efficient & more secure

SIMPLE POWERFUL AGENTLESS

4 . 3

PLAYBOOKS ARE WRITTEN IN YAML

Tasks are executed sequentiallyInvoke Ansible modules

4 . 5

MODULES ARE “TOOLS IN THE TOOLKIT”

Python, Powershell, or any languageExtend Ansible simplicity to entire stack

4 . 6

Azure, EC2, OpenStack, VMware,Rackspace, GCE,Red Hat Satellite, CloudFormsHanlon, CobblerCustom CMDB

4 . 7

#redhat #rhsummit

5 . 1

WHAT IS ANSIBLE TOWER?Ansible tower is an enterprise framework for controlling,securing and managing your Ansible automation – with a UIand restful API.

1 Role-based access control

2 Push-button deployment

3 Centralized logging

4 RESTful API

5 . 2

PLAYBOOKS!

#redhat #rhsummit

6 . 1

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun

A book containing a sports team's strategies and plays,especially in football.

6 . 2

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun

A book containing a sports team's strategies and plays,especially in football.

6 . 3

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun

A playbook is Ansible’s configuration, deployment, andorchestration language.

6 . 4

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun


A playbook can be used to manage configurations of anddeployments to remote machines. At a more advancedlevel, they can sequence multi-tier rollouts and delegateactions to other hosts.

6 . 5

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun



Playbooks are human-readable, written in a simple textlanguage called YAML.

6 . 6

PLAYBOOKS

#redhat #rhsummit

PLAY • BOOK

/'plā,book/

noun

Playbooks are Ansible’s configuration, deployment, andorchestration language.


Playbooks are human-readable, written in a simple textlanguage calledYAML.

A playbook is composed of one or more ‘plays’ in a list.

6 . 7

PLAYBOOKS

#redhat #rhsummit

- name: Create Virtual Machinehosts: localhostconnection: localgather_facts: notasks:

- name: Create resource groupazure_rm_resourcegroup:

name: "{{ resourcegroup_name }}"location: eastustags: "{{ tags }}"

-name: Create virtual machineazure_rm_virtualmachine:

name: testing-001

6 . 8

PLAYBOOKS

#redhat #rhsummit





name: testing-001

PLAY

/plā/

noun

Maps a group of hosts to a set oftasks.

6 . 9

PLAYBOOKS

#redhat #rhsummit





name: testing-001

6 . 10

PLAYBOOKS

#redhat #rhsummit

- name: Create Virtual Machine

hosts: localhostconnection: localgather_facts: notasks:




name: testing-001

6 . 11

PLAYBOOKS

#redhat #rhsummit

- name: Create Virtual Machinehosts: localhost

connection: localgather_facts: notasks:




name: testing-001

6 . 12

PLAYBOOKS

#redhat #rhsummit





name: testing-001

FACTS

/fakts/

noun

Useful variables about remotehosts that can be used within aplaybook.

6 . 13

PLAYBOOKS

#redhat #rhsummit

- name: Create Virtual Machinehosts: localhostconnection: localgather_facts: no

tasks:- name: Create resource group

azure_rm_resourcegroup:name: "{{ resourcegroup_name }}"location: eastustags: "{{ tags }}"


name: testing-001

6 . 14

PLAYBOOKS

#redhat #rhsummit

- name: Create Virtual Machinehosts: localhostconnection: localgather_facts: no

tasks:




name: testing-001

Task

/task/

noun

A unit of work. At a basic level, atask is a call to an Ansiblemodule.

6 . 15

PLAYBOOKS

#redhat #rhsummit





name: testing-001

6 . 16

PLAYBOOKS

#redhat #rhsummit


- name: Create resource group

azure_rm_resourcegroup:name: "{{ resourcegroup_name }}"location: "{{ location }}"tags: "{{ tags }}"


name: testing-001

6 . 17

PLAYBOOKS

#redhat #rhsummit



azure_rm_resourcegroup:

name: "{{ resourcegroup_name }}"

location: "{{ location }}"

tags: "{{ tags }}"


name: testing-001

6 . 18

PLAYBOOKS

#redhat #rhsummit



azure_rm_resourcegroup:

name: "{{ resourcegroup_name }}"

location: "{{ location }}"

tags: "{{ tags }}"


name: testing-001

6 . 19

PLAYBOOKS

#redhat #rhsummit


name: testing-001resource_group: "{{ resourcegroup_name }}"vm_size: Standard_D1admin_username: adminssh_public_keys: "{{ ssh_keys }}"image: "{{ image }}"

-name: Add new VM to inventory

add_host:

6 . 20

PLAYBOOKS

#redhat #rhsummit


name: testing-001resource_group: "{{ resourcegroup_name }}"vm_size: Standard_D1admin_username: adminssh_public_keys: "{{ ssh_keys }}"

image: "{{ image }}"


add_host:

6 . 21

PLAYBOOKS

#redhat #rhsummit

-name: Create virtual machine

azure_rm_virtualmachine:name: testing-001resource_group: "{{ resourcegroup_name }}"vm_size: Standard_D1admin_username: adminssh_public_keys: "{{ ssh_keys }}"



add_host:

6 . 22

PLAYBOOKS

#redhat #rhsummit


azure_rm_virtualmachine:

name: testing-001

resource_group: "{{ resourcegroup_name }}"

vm_size: "{{ vm_size }}"

admin_username: admin

ssh_public_keys: "{{ ssh_keys }}"



add_host:

6 . 23

PLAYBOOKS

#redhat #rhsummit



name: testing-001resource_group: "{{ resourcegroup_name }}"vm_size: "{{ vm_size }}"

admin_username: adminssh_public_keys: "{{ ssh_keys }}"



add_host:

6 . 24

PLAYBOOKS

#redhat #rhsummit



name: testing-001

resource_group: "{{ resourcegroup_name }}"

vm_size: "{{ vm_size }}"

admin_username: admin

ssh_public_keys: "{{ ssh_keys }}"



add_host:

6 . 25

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:

ansible_host: "{{...publicIPAddress.properties.ipAddress }}"fqdn: "{{...publicIPAddress.properties.dnsSettings.fqdn }}"

- name: Configure Galaxy VM

hosts: galaxy

become: yes

become: root

roles:

- role: galaxy_configure

6 . 26

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:

ansible_host: "{{...publicIPAddress.properties.ipAddress }}"

fqdn: "{{...publicIPAddress.properties.dnsSettings.fqdn }}"


hosts: galaxy

become: yes

become: root

roles:


6 . 27

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 28

PLAYBOOKS

#redhat #rhsummit


name: "{{ arm_vm_name }}"

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 29

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 30

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 31

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 32

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:



- name: Configure for Galaxy deployment

hosts: galaxy

become: yes

beome: root

roles:


6 . 33

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 34

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy become: yes

become: root

roles:


6 . 35

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes become root:

roles:


6 . 36

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root roles:


6 . 37

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles: - role: galaxy_configure

ROLE

/rōl/

noun

All the tasks, variables, handlers,templates and files needed tocomplete a unit of work. A role is selfcontained and completely reusable.

6 . 38

PLAYBOOKS

#redhat #rhsummit


name: testing-001

groups: galaxy

add_host:




hosts: galaxy

become: yes

become: root

roles:


6 . 39

PLAYBOOKS

#redhat #rhsummit

SO... WHAT DOES A PLAYBOOK ACTUALLY LOOK LIKE?

6 . 40

PLAYBOOKS

#redhat #rhsummit

G A L A X YHTTP://GALAXY.ANSIBLE.COM

6 . 41

DEMONSTRATION!

#redhat #rhsummit

7

GETTING STARTED

Have you used Ansible already? Try Tower for free:ansible.com/tower-trial

Would you like to learn Ansible? It’s easy to get started:ansible.com/get-started

Want to learn more?ansible.com/whitepapers

Ansible for Azure:

docs.ansible.com/ansible/guide_azure.html

docs.ansible.com/ansible/list_of_cloud_modules.html#azure

8

LEARN. NETWORK.EXPERIENCE OPEN SOURCE.

#redhat #rhsummit

[email protected]

[email protected]

9

self-service it - red hat...self-service it with ansible tower & microsoft azure chris...

Documents