Ansible

And why it works for me

Charles L. Yost

2016-01

Description

A 45 minute overview of the what, where, how, and why of using Ansible. Covers alternatives, what Ansible is, what Ansible's dependencies are, jargon pertaining to Ansible, and what it can do to make your life easier. Also includes some tips and tricks for everyday use.

Speaker Bio

Charles Yost is currently a Security Developer at Binary Defense Systems. He has worked in the IT industry for over 10 years in a wide variety of roles including: Printer Technician, VoIP Systems Administrator, .Net Developer, and Web Developer. Throughout life his number one passion has been learning new skills. He can often be found researching a topic, attempting to keep up with the quickly evolving field of technology. Charles enjoys teaching and talking to others about technology. He is a member of NEOISF, and attends as many InfoSec conferences as he can justify with his wife.

Binary Defense

You can find our booth right outside the door after this talk. As well as our sister company: TrustedSec.

Contact

Twitter: @CHARLESLYOST

GitHub & YouTube: Yoshi325

This Talk:
https://github.com/Yoshi325/talks-ansible

Polls

Who already knows about Ansible?

Who has done development in python before?

Showtime

Some Alternatives

Here are some alternatives:

  • Chef
  • Puppet
  • Salt (a.k.a. SaltStack)
  • and Many Others

Many differences exist between
these alternatives and Ansible.
We will review those differences later.

What is Ansible?

DevOps made simple.
Deploy apps. Manage systems. Crush complexity.
Ansible is a powerful automation tool that you can learn quickly.

www.ansible.com

Ansible is a free software platform for configuring and managing computers. It combines multi-node software deployment, ad hoc task execution, and configuration management.

Ansible (software) | Wikipedia

A way to maintain sanity in the complex and ever-changing world of system configuration.

Me

What's In A Name

It was named "Ansible" after the fictional instantaneous hyperspace communication system featured in Orson Scott Card's Ender's Game, and originally invented by Ursula K. Le Guin for her 1966 novel Rocannon's World."

Ansible (software) | Wikipedia

Also, Releases are named after Van Halen songs.

Server

(Control Machine)

Linux or Mac

SSH

Python (2.6 or later)

Client

(Managed Node)

Linux, Mac, or Windows

SSH or PowerShell

Python (2.4 or later)

Thats it.

Learn The Lingo

Bonus Lingo

Galaxy

Tower (Optional!)

Other Details

Ansible Is:

  • Agentless
  • Configuration is done in YAML
  • Extendable (via Modules written in Python)
  • Primarilly Push Based (with an option for Pull)

And It:

  • Communicates via a JSON protocol
  • Uses a idempotent resource model
  • Has Cloud Integration

Rackspace Cloud Servers, OpenStack,
DigitalOcean Droplets, CloudStack,
Eucalyptus Cloud, AWS, VMware, and KVM

Putting it all Together

  • Create your inventory
  • Create your playbook
    • Create tasks for your playbook or role; utilizing modules
    • Use variables in your tasks
    • Use handlers to chain dependent actions

Tips, Tricks, & Pitfalls

How-To iterate over a list from a shell command:

shell: /command/which/generates/lines
register: output
...
when: item not in output.stdout_lines

Tips, Tricks, & Pitfalls

Store host specific variables in a host_vars folder.

Tips, Tricks, & Pitfalls

To only run a task when a list is NOT empty.

when: list|length > 0

Tips, Tricks, & Pitfalls

If your task hangs forever and is using sudo, confirm that you passed the:

--ask-sudo-pass

comand line option when you ran ansible.

Tips, Tricks, & Pitfalls

There are two ways to structure variables:

1. Dictionary:

networking.interface.ip

2. Scalar:

networking_interface_ip

The drawback to dictionaries is:

when you set a value somewhere else, it will replace the entire dictionary. It does not merge it.

Back to Those Alternatives

Chef

  • Differences
    • Ruby/Erlang
    • Uses an agent by default
    • Only free up to 25 nodes
    • Split between Hosted and On Premise
  • Similarities
    • Cloud Support

Puppet

  • Differences
    • Ruby
    • Requires an agent
    • Split between Enterprise and Open Source
    • Enterprise is the Paid Tier
    • Largely GUI Driven
  • Similarities
    • Cloud Support

Salt/SaltStack

  • Differences
    • ZeroMQ (or RAET) instead of SSH
  • Similarities
    • Python

The End

Resources and Credits

Insanely complete Ansible playbook, showing off all the options

Insanely complete Ansible playbook, showing off all the options | marktheunissen's fork

Install Ansible, Create Your Inventory File, and Run an Ansible Playbook and Some Ansible Commands

Ansible (Real Life) Good Practices

USING ANSIBLE TO RESTORE DEVELOPER SANITY

https://wikpedia.org

http://www.ansible.com/home