OpenMunich December 1, 2017 OPEN SOURCING ANSIBLE Roland Wolters Senior Product Manager, Red Hat GmbH
AUTOMATE REPEAT IT 2
WHAT IS ANSIBLE AUTOMATION? --$] ansible-playbook -i inventory playbook.yml - name: install and start apache The Ansible project is an open source community [user@hostname: hosts: all sponsored by Red Hat. It s also a simple PLAY [install and start apache] *********************************** vars: automation language that perfectly describes IT http_port: 80 [Gathering Facts] ******************************************** application environments in Ansible Playbooks. TASK max_clients: 200 ok: [webserver.local] remote_user: root Ansible Engine is a supported product built fromtask [install httpd] ********************************************** changed: [webserver.local] tasks: the Ansible community project. - name: install httpd TASK [write the apache config file] ******************************** yum: pkg=httpd state=latest changed: [webserver.local] Ansible Tower is an enterprise framework for - name: write the apache config file TASK [start httpd] ************************************************* controlling, securing, managing and extending your changed: template: [webserver.local] src=/srv/httpd.j2 dest=/etc/httpd.conf Ansible automation (community or engine) with a PLAY RECAP ********************************************************* UI and RESTful API. - name: start httpd webserver.local : ok=4 changed=3 unreachable=0 service: name=httpd state=started 3 failed=0
WHY ANSIBLE? SIMPLE 4 POWERFUL AGENTLESS Human readable automation App deployment Agentless architecture No special coding skills needed Configuration management Uses OpenSSH & WinRM Tasks executed in order Workflow orchestration No agents to exploit or update Usable by every team Network automation Get started immediately Get productive quickly Orchestrate the app lifecycle More efficient & more secure
WHAT CAN I DO WITH ANSIBLE? Automate the deployment and management of your entire IT footprint. Do this... Orchestration Configuration Management Application Deployment Provisioning Continuous Delivery Security and Compliance On these... 5 Firewalls Load Balancers Applications Containers Clouds Servers Infrastructure Storage Network Devices And more...
HOW ANSIBLE WORKS CMDB PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD ANSIBLE S AUTOMATION ENGINE USERS HOSTS INVENTORY API NETWORK DEVICES MODULES PLUGINS ANSIBLE PLAYBOOK Applications 6 CONFIDENTIAL
ANSIBLE THE LANGUAGE OF DEVOPS 7
HOW DOES THE LANGUAGE LOOK LIKE? --- name: name: install install and and start start apache nginx hosts: hosts: web web become: become: yes yes vars: vars: http_port: http_port: 80 80 tasks: tasks: - name: name: httpd nginx package package is is present present yum: package: name: name: httpd nginx state: state: latest latest - name: name: latest config index.html file is present file is and present variable replaced copy: template: src: src: files/index.html files/nginx.conf.j2 dest: dest: /var/www/html/ /etc/nginx/nginx.conf - name: name: httpd nginx is is started started service: service: name: name: httpd nginx state: state: started started 8
FOR WHOM IS THE LANGUAGE FOR? ANSIBLE PLAYBOOK From development DEV/TEST Q/A to production. OPERATIONS MANAGEMENT OUTSOURCERS Ansible is the first automation language that can be read and written across IT. Ansible is the only automation engine that can automate the entire application lifecycle and continuous delivery pipeline. 9
ANSIBLE SHIPS WITH OVER 1250 MODULES CLOUD VIRT AND CONTAINER WINDOWS NETWORK NOTIFY AWS Docker ACLs Arista HipChat Azure VMware Files A10 IRC CenturyLink RHEV Commands Cumulus Jabber CloudScale OpenStack Packages Big Switch Email Digital Ocean OpenShift IIS Cisco RocketChat Docker Atomic Regedits Cumulus Sendgrid Google CloudStack Shell Dell Slack Linode And more... Shares F5 Twilio OpenStack Services Juniper And more... Rackspace DSC Palo Alto And more... Users OpenSwitch Domains And more... And more... 10
AUTOMATION FOR TEAMS Ansible Tower technical introduction and overview 11
WHAT IS MISSING? SIMPLE 12 POWERFUL AGENTLESS
CENTRAL Central place for everyone Simple, powerful API Overview of present and past Uses REST for quick adoption Create workflows, schedule jobs Have one common view 13 INTEGRATION No special agents or lib needed Integrate with everything ACCESS Teams and users enable RBAC Deposit credentials securely Assign access to unprivileged Separate access and execution
WHAT IS ANSIBLE TOWER? Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a UI and RESTful API. Role-based access control Deploy entire applications with push-button deployment access All automations are centrally logged 14
. ADMINS ANSIBLE CLI & CI SYSTEMS ANSIBLE PLAYBOOKS ANSIBLE TOWER ROLE-BASED ACCESS CONTROL SCHEDULED & CENTRALIZED JOBS KNOWLEDGE & VISIBILITY SIMPLE USER INTERFACE TOWER API USERS ANSIBLE OPEN SOURCE MODULE LIBRARY PYTHON CODEBASE PLUGINS TRANSPORT SSH, WINRM, ETC. AUTOMATE YOUR ENTERPRISE INFRASTRUCTURE NETWORKS CONTAINERS CLOUD SERVICES LINUX, WINDOWS, UNIX ARISTA, CISCO, JUNIPER DOCKER, LXC AWS, GOOGLE CLOUD, AZURE DATABASES, LOGGING, SOURCE CONTROL MANAGEMENT USE CASES PROVISIONING 15 CONFIGURATION MANAGEMENT APP DEPLOYMENT CONTINUOUS DELIVERY SECURITY & COMPLIANCE ORCHESTRATION
YESTERDAY 16
HISTORY THE EARLY DAYS 17 Founded in 2012 Feb 1, 2013: 1.0, featuring diff and check March 4, 2013: AnsibleWorks as company started June 10, 2013: Roles (1.2) August 5, 2013: Ansibleworks AWX 1.2 (Tower!) December 19, 2013: Galaxy February 28, 2014: Vault (1.5) August 6, 2014: Brace yourself, Windows is here! August 19, 2014: Tower 2.0 October 16, 2015: Red Hat acquires Ansible December 14, 2015: Galaxy 2.0 Beta January 12, 2106: Ansible 2.0 May 26, 2016: Networking (2.1) July 20, 2016: Tower 3.0 July 28, 2016: Ansible-Container released
TODAY 18
PRESENT Present days 19 September 7, 2017: AWX released open source, upstream Tower project also: Ansible Engine September 18, 2017: Ansible 2.4 October 2, 2017: Tower 3.2
AWX 20
WHY? Q: Why is Red Hat doing this? 21
WHY? Q: Why is Red Hat doing this? Because this is what Red Hat does. 22
DIFFERENCES Tower vs AWX 23 AWX is the upstream project frequently released fast moving focus: features, features, features
DIFFERENCES Tower vs AWX AWX is the upstream project frequently released fast moving focus: features, features, features Tower is the product selected releases, hardened, tested long term support services, training, packages, certifications focus on: stability, security, reliability It s like Fedora and RHEL! 24
ENGINE Ansible Engine Ansible Engine is a supported product based on Ansible. 25
ENGINE Ansible Engine Ansible Engine is a supported product based on Ansible. Read: CLI with support. 26 Selected modules covered by the SLA Support, fixes, and so on Additional networking add-on available covering specifc modules
UPDATES Ansible 2.4 27 Python >= 2.6! multiple inventories, new inventory plugins
UPDATES Ansible 2.4 Python >= 2.6! multiple inventories, new inventory plugins Tower 3.2 28 Smart Inventories Instance Groups Isolated Nodes Named URLs in API API v2, btw.
TOMORROW 29
THE LEGAL STUFF The content set forth herein does not constitute in any way a binding or legal agreement or impose any legal obligation or duty on Red Hat. This information is provided for discussion purposes only and is subject to change for any or no reason. 30
FUTURE Ansible 31 New loop technology Further Python 3 - at some distant point Python 3 only Better tools for contributors facts namespaces
FUTURE AWX / Tower 32 Containerizing (on OpenShift, for example) Scaling
GETTING STARTED Have you used Ansible already? Try Tower for free: ansible.com/tower-trial Would you like to learn Ansible? It s easy to get started: ansible.com/get-started Want to learn more? Videos, webinars, case studies, whitepapers: ansible.com/resources 33