SlideShare a Scribd company logo

ansible_rhel_90.pdf

S
ssuserd254491

This document provides an overview and agenda for an Ansible Linux automation workshop. It will cover topics including: - Converting shell scripts to Ansible playbooks - Retrieving information from hosts and deploying applications at scale - Self-service IT using surveys and system roles for Red Hat Enterprise Linux - Integration with Red Hat Insights for monitoring Ansible environments It introduces participants to the core components of Ansible including playbooks, modules, plugins, and inventories. Exercises will have participants use these components to automate tasks like installing and configuring Apache on Linux systems.

Technology
1 of 95
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
Ansible Linux Automation Workshop Introduction to Ansible for Red Hat Enterprise Linux Automation for System Administrators and Operators
2 What you will learn ▸ Overview of public cloud provisioning ▸ Converting shell commands into Ansible Commands. ▸ Retrieving information from hosts ▸ Deploying applications at scale ▸ Self-service IT via surveys ▸ Overview of System Roles for Red Hat Enterprise Linux ▸ Overview of Red Hat Insights integration
3 Introduction Topics Covered: ● What is the Ansible Automation Platform? ● What can it do?
Red Hat Ansible Platform technical deck 4 Automation happens when one person meets a problem they never want to solve again
Too many unintegrated, domain-specific tools Many organizations share the same challenge Red Hat Ansible Platform technical deck 5 SecOps Network ops Devs/DevOps IT ops
Why the Red Hat Ansible Automation Platform? 6 Simplify automation creation and management across multiple domains. Agentless Simple Easily integrate with hybrid environments. Powerful Orchestrate complex processes at enterprise scale. Why the Ansible Automation Platform?
Clouds Storage Your entire IT footprint Why the Red Hat Ansible Automation Platform? 7 Automate the deployment and management of automation Do this... Orchestrate Firewalls Manage configurations Deploy applications Provision / deprovision Deliver continuously Secure and comply Load balancers Applications Containers Virtualization platforms Servers And more ... Network devices On these...
Different teams a single platform Red Hat Ansible Platform technical deck 8 Break down silos Cloud IT ops Devs/DevOps SecOps Network ops Line of business Edge Datacenter Consistent governance
What makes a platform? 9 Automation controller Automation hub Automation services catalog Fueled by an open source community Insights for Ansible Automation Platform Ansible command line Ansible Cloud Services On-premises Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Operators Domain experts Users
Automation and IT modernization Red Hat named a Leader in The Forrester Wave™ Infrastructure Automation Platforms, Q3 2020 ▸ “Ansible continues to grow quickly, particularly among enterprises that are automating networks. The solution excels at providing a variety of deployment options and acting as a service broker to a wide array of other automation tools.” ▸ “Red Hat’s solution is a good fit for customers that want a holistic automation platform that integrates with a wide array of other vendors’ infrastructure.” Source: Gardner, Chris, Glenn O'Donnell, Robert Perdonii, and Diane Lynch. "The Forrester Wave™: Infrastructure Automation Platforms, Q3 2020." Forrester, 10 Aug. 2020. DISCLAIMER: The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Received highest possible score in the criteria of: ● Deployment functionality ● Product Vision ● Partner Ecosystem ● Supporting products and services ● Community support ● Planned product enhancements
Cloud Virt & Container Windows Network Security Monitoring Ansible automates technologies you use Time to automate is measured in minutes AWS Azure Digital Ocean Google OpenStack Rackspace +more Docker VMware RHV OpenStack OpenShift +more ACLs Files Packages IIS Regedits Shares Services Configs Users Domains +more A10 Arista Aruba Cumulus Bigswitch Cisco Dell Extreme F5 Lenovo MikroTik Juniper OpenSwitch +more Checkpoint Cisco CyberArk F5 Fortinet Juniper IBM Palo Alto Snort +more Dynatrace Datadog LogicMonitor New Relic Sensu +more Devops Jira GitHub Vagrant Jenkins Slack +more Storage Netapp Red Hat Storage Infinidat +more Operating Systems RHEL Linux Windows +more
12 Cloud Topics Covered: ● Understanding the Ansible Infrastructure ● Check the prerequisites
Web Servers node1 ansible Workbench Topology node2 node3 Amazon VPC router ● Drink our own champagne. Provisioned by, configured by, and managed by Red Hat Ansible Automation Platform. https://github.com/ansible/workshops ● Learn with the real thing Every student will have their own fully licensed Red Hat Ansible Tower control node. No emulators or simulators here. ● Red Hat Enterprise Linux All four nodes are enterprise Linux, showcasing real life use-cases to help spark ideas for what you can automate today. The lab environment today
Provision Configure Resources Subnets, gateways, security groups, SSH keys Instances RHEL, Cisco, Arista, Checkpoint, Windows, etc Inventory Load and sort newly created instances for further automation How does it work? Ansible environment install Ansible Tower, SSH config, user accounts, etc Code Server Configure in-browser text editor and terminal DNS Configure DNS names for all control nodes Login Website Dynamically create login webpage for students Manage Instructor Inventory Provide inventory and login information and master key Log Information Record student count and instructor for statistics
15 Exercise 1 Topics Covered: ● Understanding the Ansible Infrastructure ● Check the prerequisites
Automation hub Ansible content experience The automation lifecycle Create Red Hat Ansible Platform technical deck: Create 16 Domain experts Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Build Discover Trust Red Hat cloud / on-premises
Ansible playbooks Red Hat Ansible Platform technical deck: Create 17 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started
Red Hat Ansible Platform technical deck: Create 18 What makes up an Ansible playbook? Plugins Modules Plays
--- - name: install and start apache hosts: web become: yes What am I automating? Ansible plays Red Hat Ansible Platform technical deck: Create 19 What are they? Top level specification for a group of tasks. Will tell that play which hosts it will execute on and control behavior such as fact gathering or privilege level. Building blocks for playbooks Multiple plays can exist within an Ansible playbook that execute on different hosts.
The “tools in the toolkit” Ansible modules Red Hat Ansible Platform technical deck: Create 20 What are they? Parametrized components with internal logic, representing a single step to be done. The modules “do” things in Ansible. Language Usually Python, or Powershell for Windows setups. But can be of any language. - name: latest index.html file ... template: src: files/index.html dest: /var/www/html/
The “extra bits” Ansible plugins Red Hat Ansible Platform technical deck: Create 21 What are they? Plugins are pieces of code that augment Ansible’s core functionality. Ansible uses a plugin architecture to enable a rich, flexible, and expandable feature set. Example become plugin: --- - name: install and start apache hosts: web become: yes Example filter plugins: {{ some_variable | to_nice_json }} {{ some_variable | to_nice_yaml }}
The systems that a playbook runs against Ansible Inventory Red Hat Ansible Platform technical deck: Create 22 What are they? List of systems in your infrastructure that automation is executed against [web] webserver1.example.com webserver2.example.com [db] dbserver1.example.com [switches] leaf01.internal.com leaf02.internal.com
Reusable automation actions Ansible roles Red Hat Ansible Platform technical deck: Create 23 What are they? Group your tasks and variables of your automation in a reusable structure. Write roles once, and share them with others who have similar challenges in front of them. --- - name: install and start apache hosts: web roles: - common - webservers
Simplified and consistent content delivery Collections Red Hat Ansible Platform technical deck: Create 24 What are they? Collections are a data structure containing automation content: ▸ Modules ▸ Playbooks ▸ Roles ▸ Plugins ▸ Docs ▸ Tests
Red Hat Ansible Platform technical deck: Create 25 nginx_core ├── MANIFEST.json ├── playbooks │ ├── deploy-nginx.yml │ └── ... ├── plugins ├── README.md └── roles ├── nginx │ ├── defaults │ ├── files │ │ └── … │ ├── tasks │ └── templates │ └── ... ├── nginx_app_protect └── nginx_config --- - name: Install NGINX Plus hosts: all tasks: - name: Install NGINX include_role: name: nginxinc.nginx vars: nginx_type: plus - name: Install NGINX App Protect include_role: name: nginxinc.nginx_app_protect vars: nginx_app_protect_setup_license: false nginx_app_protect_remove_license: false nginx_app_protect_install_signatures: false deploy-nginx.yml Collections
90+ Why the Red Hat Ansible Automation Platform? Network Security Infrastructure Cloud certified platforms 26
Network Devices / API Endpoints Linux / Windows Hosts Module code is copied to the managed node, executed, then removed Module code is executed locally on the control node Ansible Automation Platform Ansible Automation Platform Local Execution Remote Execution How Ansible Automation Works
28 ● Follow the steps in to access environment ● Use the IP provided to you, the script only has example IP ● Which editor do you use on command line? If you don’t know, we have a short intro Verify Lab Access
Lab Time Complete exercise 1-setup now in your lab environment
30 Exercise 2 Topics Covered: ● Ansible inventories ● Accessing Ansible docs ● Modules and getting help
31 ▸ Ansible works against multiple systems in an inventory ▸ Inventory is usually file based ▸ Can have multiple groups ▸ Can have variables for each group or even host Inventory
Ansible Inventory Red Hat Ansible Platform technical deck: Create 32 The Basics An example of a static Ansible inventory including systems with IP addresses as well as fully qualified domain name (FQDN) [myservers] 10.42.0.2 10.42.0.6 10.42.0.7 10.42.0.8 10.42.0.100 host.example.com
Ansible Inventory - The Basics 33 [app1srv] appserver01 ansible_host=10.42.0.2 appserver02 ansible_host=10.42.0.3 [web] node-[1:30] ansible_host=10.42.0.[31:60] [web:vars] apache_listen_port=8080 apache_root_path=/var/www/mywebdocs/ [all:vars] ansible_user=kev ansible_ssh_private_key_file=/home/kev/.ssh/id_rsa
Ansible Inventory - Variables 34 [app1srv] appserver01 ansible_host=10.42.0.2 appserver02 ansible_host=10.42.0.3 [web] node-[1:30] ansible_host=10.42.0.[31:60] [web:vars] apache_listen_port=8080 apache_root_path=/var/www/mywebdocs/ [all:vars] ansible_user=ender ansible_ssh_private_key_file=/home/ender/.ssh/id_rsa
Ansible Inventory - Groups 35 [nashville] bnaapp01 bnaapp02 [atlanta] atlapp03 atlapp04 [south:children] atlanta nashville hsvapp05
Accessing the Ansible docs Red Hat Ansible Platform technical deck: Create 36 $ ansible-navigator doc -l -m stdout add_host amazon.aws.aws_az_facts amazon.aws.aws_caller_facts amazon.aws.aws_caller_info . . . . . With the use of the latest command utility ansible-navigator, one can trigger access to all the modules available to them as well as details on specific modules. A formal introduction to ansible-navigator and how it can be used to run playbooks in the following exercise.
Accessing the Ansible docs Red Hat Ansible Platform technical deck: Create 37 $ ansible-navigator doc user -m stdout > ANSIBLE.BUILTIN.USER (/usr/lib/python3.8/site-packages/ansible/m odules/user.py) Manage user accounts and user attributes. For Windows targets, use the [ansible.windows.win_user] module instead. Aside from listing a full list of all the modules, you can use ansible-navigator to provide details about a specific module. In this example, we are getting information about the user module.
Bash vs. Ansible - name: Run mssql-conf setup command: /opt/mssql/bin/mssql-conf -n setup accept-eula environment: - MSSQL_SA_PASSWORD: "{{ MSSQL_SA_PASSWORD }}" - MSSQL_PID: "{{ MSSQL_PID }}" when: install is changed - name: Add mssql-tools to $PATH lineinfile: path: "{{ item }}" line: export PATH="$PATH:/opt/mssql-tools/bin" loop: - ~/.bash_profile - ~/.bashrc echo Running mssql-conf setup... sudo MSSQL_SA_PASSWORD=$MSSQL_SA_PASSWORD MSSQL_PID=$MSSQL_PID /opt/mssql/bin/mssql-conf -n setup accept-eula echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc source ~/.bashrc
Lab Time Complete exercise 2-thebasics now in your lab environment
40 Exercise 3 Topics Covered: ● Playbooks basics ● Running a playbook
Ansible playbooks Red Hat Ansible Platform technical deck: Create 41 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A play
Ansible playbooks Red Hat Ansible Platform technical deck: Create 42 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A task
Ansible playbooks Red Hat Ansible Platform technical deck: Create 43 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A module
Ansible Colors 44 A task executed as expected, no change was made. A task executed as expected, making a change A task failed to execute successfully Running Playbooks The most important colors of Ansible
Where it all starts A playbook run Red Hat Ansible Platform technical deck: Operate 45 ▸ A playbook is interpreted and run against one or multiple hosts - task by task. The order of the tasks defines the execution. ▸ In each task, the module does the actual work.
Using the latest ansible-navigator command Running an Ansible Playbook Red Hat Ansible Platform technical deck: Create 46 What is ansible-navigator? ansible-navigator command line utility and text-based user interface (TUI) for running and developing Ansible automation content. It replaces the previous command used to run playbooks “ansible-playbook”. $ ansible-navigator run playbook.yml
Bye ansible-playbook, Hello ansible-navigator ansible-navigator Red Hat Ansible Platform technical deck: Create 47 How do I use ansible-navigator? As previously mentioned, it replaces the ansible-playbook command. As such it brings two methods of running playbooks: ▸ Direct command-line interface ▸ Text-based User Interface (TUI) # Direct command-line interface method $ ansible-navigator run playbook.yml -m stdout # Text-based User Interface method $ ansible-navigator run playbook.yml
ansible command ansible-navigator command ansible-config ansible-navigator config ansible-doc ansible-navigator doc ansible-inventory ansible-navigator inventory ansible-playbook ansible-navigator run Mapping to previous Ansible commands ansible-navigator
Common subcommands ansible-navigator Name Description CLI Example Colon command within TUI collections Explore available collections ansible-navigator collections --help :collections config Explore the current ansible configuration ansible-navigator config --help :config doc Review documentation for a module or plugin ansible-navigator doc --help :doc images Explore execution environment images ansible-navigator images --help :images inventory Explore and inventory ansible-navigator inventory --help :inventory replay Explore a previous run using a playbook artifact ansible-navigator replay --help :replay run Run a playbook ansible-navigator run --help :run welcome Start at the welcome page ansible-navigator welcome --help :welcome
Lab Time Complete exercise 3-playbooks now in your lab environment
51 Exercise 4 Topics Covered: ● Working with variables ● What are facts?
Ansible playbooks Red Hat Ansible Platform technical deck: Create 52 --- - name: variable playbook test hosts: localhost vars: var_one: awesome var_two: ansible is var_three: "{{ var_two }} {{ var_one }}" tasks: - name: print out var_three debug: msg: "{{ var_three }}"
Ansible playbooks Red Hat Ansible Platform technical deck: Create 53 --- - name: variable playbook test hosts: localhost vars: var_one: awesome var_two: ansible is var_three: "{{ var_two }} {{ var_one }}" tasks: - name: print out var_three debug: msg: "{{ var_three }}" ansible is awesome
Ansible Facts 54 tasks: - name: Collect all facts of host setup: gather_subset: - 'all' ▸ Just like variables, really... ▸ … but: coming from the host itself! ▸ Check them out with the setup module
Ansible playbooks Red Hat Ansible Platform technical deck: Create 55 --- - name: facts playbook hosts: localhost tasks: - name: Collect all facts of host setup: gather_subset: - ‘all’ $ ansible-navigator run playbook.yml
Ansible Navigator TUI Red Hat Ansible Platform technical deck: Create 56 PLAY NAME OK CHANGED UNREACHABLE FAILED SKIPPED IGNORED IN PROGRESS TASK COUNT PROGRESS 0│facts playbook 2 0 0 0 0 0 0 2 COMPLETE RESULT HOST NUMBER CHANGED TASK TASK ACTION DURATION 0│OK localhost 0 False Gathering Facts gather_facts 1s 1│OK localhost 1 False Collect all facts of host setup 1s PLAY [facts playbook:1] ******************************************************************************************************************* TASK [Collect all facts of host] *************************************************************************************************************** OK: [localhost] . . 12 │ ansible_facts: 13│ ansible_all_ipv4_addresses: 14│ - 10.0.2.100 15│ ansible_all_ipv6_addresses: 16│ - fe80::1caa:f0ff:fe15:23c4
57 $ tree ansible-files/ ├── deploy_index_html.yml ├── files │ ├── dev_web.html │ └── prod_web.html ├── group_vars │ └── web.yml └── host_vars └── node2.yml Ansible Inventory - Managing Variables In Files
$ cat group_vars/web.yml --- stage: dev 58 ├── deploy_index_html.yml ├── files │ ├── dev_web.html │ └── prod_web.html ├── group_vars │ └── web.yml └── host_vars └── node2.yml Ansible Inventory - Managing Variables In Files $ cat host_vars/node2.yml --- stage: prod - name: copy web.html copy: src: "{{ stage }}_web.html" dest: /var/www/html/index.html
Lab Time Complete exercise 4-variables now in your lab environment
60 Exercise 5 Topics Covered: ● Surveys
Controller surveys allow you to configure how a job runs via a series of questions, making it simple to customize your jobs in a user-friendly way. An Ansible Controller survey is a simple question-and-answer form that allows users to customize their job runs. Combine that with Controller’s role-based access control, and you can build simple, easy self-service for your users. Surveys
Once a Job Template is saved, the Survey menu will have an Add Button Click the button to open the Add Survey window. Creating a Survey (1/2)
The Add Survey window allows the Job Template to prompt users for one or more questions. The answers provided become variables for use in the Ansible Playbook. Creating a Survey (2/2)
When launching a job, the user will now be prompted with the Survey. The user can be required to fill out the Survey before the Job Template will execute. Using a Survey
Lab Time Complete exercise 5-surveys now in your lab environment
66 Exercise 6 Topics Covered: ● Red Hat Enterprise Linux System Roles
Physical SIte Physical SIte Automation Hub and Ansible Galaxy Ansible Content Roles & Collections
Linux System Roles Collection ● Consistent user interface to provide settings to a given subsystem that is abstract from any particular implementation Examples kdump network selinux timesync
Importing roles and collections Red Hat Ansible Platform technical deck: Create 69 --- - name: example system roles playbook hosts: web tasks: - name: Configure Firewall include_role: name: linux-system-roles.firewall - name: Configure Timesync include_role: name: redhat.rhel_system_roles.timesync timesync role is referenced from the RHEL System Roles Collection
Lab Time Complete exercise 6-system-roles now in your lab environment
71 Exercise 7 Topics Covered: ● Red Hat Insights intro ● Insights integration
Helping you better manage your hybrid and cloud environments Red Hat Insights What is Red Hat Insights? Predicting risks Recommending actions Analyzing costs
A cloud analytics platform that helps you better manage your hybrid and cloud environments Red Hat Insights What does Red Hat Insights do? ▸ Gathers configuration and utilization data from your Red Hat® products ▸ Analyzes the data based on Red Hat knowledge and expertise ▸ Generates and prioritizes insights for you to take action
Red Hat Insights ▸ Configuration review to make sure systems are setup correctly ▸ Centralized view of all CVEs, patches, and compliance risks ▸ Easily identify interoperability issues from the hypervisor or cloud, through the OS, and through the application stack ▸ Identify drift to make sure systems are the same ▸ Know how many subscriptions you are using in seconds Use Red Hat’s expertise and knowledge to evaluate your systems How does Red Hat Insights help me?
Red Hat Insights Hybrid cloud console Access at cloud.redhat.com
Red Hat Insights for Red Hat Ansible Automation Platform Savings planner Automation calculator Advisor Drift Automation analytics Business Track and optimize spending Operations Improve stability and performance Security Reduce risk Efficient hybrid-cloud scale Red Hat Insights for Red Hat Ansible Automation Platform For all your hybrid-cloud challenges Policies
Savings Planner Create a plan that details: ● How long manual work takes ● How often manual work is performed ● How many hosts are impacted ● List of tasks to be automated Results in estimated time and cost savings of automation. Red Hat Insights for Red Hat Ansible Automation Platform
Savings planner: Pre-plan your automation savings Red Hat Insights for Red Hat Ansible Automation Platform Business
Automation Calculator Measures the success of your automation ● See most to least save tasks in terms of $$ ● Determine ROI of your automation Red Hat Insights for Red Hat Ansible Automation Platform
Automation calculator: Calculate your ROI from automation using the data gathered by Red Hat Insights analytics Red Hat Insights for Red Hat Ansible Automation Platform Business
Automation Analytics Provides a detailed view of automation activity across your organization ● Health Notifications ● Organization Statistics Red Hat Insights for Red Hat Ansible Automation Platform
Automation analytics: Gather information about how automation is being used in your environment Red Hat Insights for Red Hat Ansible Automation Platform Operations
Advisor Analyzes your automation controller deployments for issues with: ● Availability ● Performance ● Stability ● Security Red Hat Insights for Red Hat Ansible Automation Platform
Advisor: Availability, performance, stability, and security risk analysis Red Hat Insights for Red Hat Ansible Automation Platform Operations
Drift Lets you created baselines and compare systems to identify: ● Differences from a baseline ● Differences from other systems ● Differences from historical system profiles Red Hat Insights for Red Hat Ansible Automation Platform
Drift: Create baselines and compare systems to monitor for differences as systems drift Red Hat Insights for Red Hat Ansible Automation Platform Operations
Policies Lets you create your own internal policies based on facts collected by Insights ● Quickly identify situations that exist that shouldn’t Red Hat Insights for Red Hat Ansible Automation Platform
Policies: Define and monitor against your own policies to identify misalignment Red Hat Insights for Red Hat Ansible Automation Platform Security
Reports Provides executive summaries of automation across the organization ● Defined in collaboration with existing customers ○ Hosts changed by job template ○ Changes made by job template ○ Job template run rate ● Track automation KPIs and identify discrepancies Red Hat Insights for Red Hat Ansible Automation Platform
Reports: Provide executive summaries of automation across the organization Red Hat Insights for Red Hat Ansible Automation Platform
Red Hat Insights Included with your Red Hat Enterprise Linux subscription Assesses customer’s Red Hat environments Remediates findings with prescriptive remediation steps or an Ansible playbook Insights rule contributions directly from Red Hat subject matter experts Identifying risks for Availability, performance, stability and security
Insights plans with Ansible playbooks Solve common issues through Ansible Automation
Insights ● Insights provides Ansible Playbooks for resolving many common risks. ● Dynamically generates Ansible Playbooks for risk remediation ● Playbooks can be downloaded and run via ansible-playbook or Satellite Insights connected to Ansible Controller ● View identified risks in the Tower inventory ● Execute generated Ansible Playbook as a Tower job ● Use Tower for enterprise risk remediation ANSIBLE & INSIGHTS While Insights includes Ansible playbooks for risks, Insights alone can’t perform remediation of the risks.
Next steps 94 Learn more Where to go next Get started ▸ Workshops ▸ Documents ▸ Youtube ▸ Twitter ▸ Evals ▸ cloud.redhat.com Get serious ▸ Red Hat Automation Adoption Journey ▸ Red Hat Training ▸ Red Hat Consulting
linkedin.com/company/red-hat youtube.com/AnsibleAutomation facebook.com/ansibleautomation twitter.com/ansible github.com/ansible 95 Thank you

More Related Content

PPTX
ABU Red Hat Ansible Automation Platform Technical Deck.pptx
GanangSaputro2
 
PDF
Ansible Automation Platform.pdf
VuHoangAnh14
 
PDF
INTRODUCING Red Hat ANSIBLE Automation Platform
pbtest
 
PPTX
slidesaver.app_ptiswhansiblewyeddik.pptx
hatimlebbar3
 
PPTX
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
PDF
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH
 
PDF
Red hat cloud platforms
Giovanni Galloro
 
PDF
Why Pay for Open Source Linux? Avoid the Hidden Cost of DIY
Enterprise Management Associates
 
ABU Red Hat Ansible Automation Platform Technical Deck.pptx
GanangSaputro2
 
Ansible Automation Platform.pdf
VuHoangAnh14
 
INTRODUCING Red Hat ANSIBLE Automation Platform
pbtest
 
slidesaver.app_ptiswhansiblewyeddik.pptx
hatimlebbar3
 
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH
 
Red hat cloud platforms
Giovanni Galloro
 
Why Pay for Open Source Linux? Avoid the Hidden Cost of DIY
Enterprise Management Associates
 

Similar to ansible_rhel_90.pdf (20)

PDF
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summits
 
PDF
Linux Containers and Docker SHARE.ORG Seattle 2015
Filipe Miranda
 
PDF
.NET Cloud-Native Bootcamp- Los Angeles
VMware Tanzu
 
PPTX
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
PPTX
Delivering IaaS with Open Source Software
Mark Hinkle
 
PDF
Red hat ansible automation technical deck
Juraj Hantak
 
PDF
The DevOps Paradigm
NaLUG
 
PDF
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
Marco Ferrigno
 
PPTX
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Jonas Rosland
 
PPTX
Platform engineering 101
Sander Knape
 
PPTX
Cloudexpowest opensourcecloudcomputing-1by arun kumar
Arun Kumar
 
PPTX
Cloudexpowest opensourcecloudcomputing-1by arun kumar
Arun Kumar
 
PDF
Hybrid Cloud, Kubeflow and Tensorflow Extended [TFX]
Animesh Singh
 
PDF
Red Hat multi-cluster management & what's new in OpenShift
Kangaroot
 
PPTX
Cloud computing: highlights
Luís Bastião Silva
 
PDF
Docker and Containers overview - Docker Workshop
Jonas Rosland
 
PPTX
Docker Training - June 2015
{code}
 
PPT
Lamp Zend Security
Ram Srivastava
 
PPTX
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
Georg Ember
 
PPSX
PeopleSoft Cloud Architecture - OpenWorld 2016
Graham Smith
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summits
 
Linux Containers and Docker SHARE.ORG Seattle 2015
Filipe Miranda
 
.NET Cloud-Native Bootcamp- Los Angeles
VMware Tanzu
 
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
Delivering IaaS with Open Source Software
Mark Hinkle
 
Red hat ansible automation technical deck
Juraj Hantak
 
The DevOps Paradigm
NaLUG
 
The DevOps paradigm - the evolution of IT professionals and opensource toolkit
Marco Ferrigno
 
Docker and containers - For Boston Docker Meetup Workshop in March 2015
Jonas Rosland
 
Platform engineering 101
Sander Knape
 
Cloudexpowest opensourcecloudcomputing-1by arun kumar
Arun Kumar
 
Cloudexpowest opensourcecloudcomputing-1by arun kumar
Arun Kumar
 
Hybrid Cloud, Kubeflow and Tensorflow Extended [TFX]
Animesh Singh
 
Red Hat multi-cluster management & what's new in OpenShift
Kangaroot
 
Cloud computing: highlights
Luís Bastião Silva
 
Docker and Containers overview - Docker Workshop
Jonas Rosland
 
Docker Training - June 2015
{code}
 
Lamp Zend Security
Ram Srivastava
 
IBM BP Session - Multiple CLoud Paks and Cloud Paks Foundational Services.pptx
Georg Ember
 
PeopleSoft Cloud Architecture - OpenWorld 2016
Graham Smith
 
Ad

Recently uploaded (20)

PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Approach and Philosophy of On baking technology
30anthuong17
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Encapsulation theory and applications.pdf
gurumoop
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Ad

ansible_rhel_90.pdf

  • 1. Ansible Linux Automation Workshop Introduction to Ansible for Red Hat Enterprise Linux Automation for System Administrators and Operators
  • 2. 2 What you will learn ▸ Overview of public cloud provisioning ▸ Converting shell commands into Ansible Commands. ▸ Retrieving information from hosts ▸ Deploying applications at scale ▸ Self-service IT via surveys ▸ Overview of System Roles for Red Hat Enterprise Linux ▸ Overview of Red Hat Insights integration
  • 3. 3 Introduction Topics Covered: ● What is the Ansible Automation Platform? ● What can it do?
  • 4. Red Hat Ansible Platform technical deck 4 Automation happens when one person meets a problem they never want to solve again
  • 5. Too many unintegrated, domain-specific tools Many organizations share the same challenge Red Hat Ansible Platform technical deck 5 SecOps Network ops Devs/DevOps IT ops
  • 6. Why the Red Hat Ansible Automation Platform? 6 Simplify automation creation and management across multiple domains. Agentless Simple Easily integrate with hybrid environments. Powerful Orchestrate complex processes at enterprise scale. Why the Ansible Automation Platform?
  • 7. Clouds Storage Your entire IT footprint Why the Red Hat Ansible Automation Platform? 7 Automate the deployment and management of automation Do this... Orchestrate Firewalls Manage configurations Deploy applications Provision / deprovision Deliver continuously Secure and comply Load balancers Applications Containers Virtualization platforms Servers And more ... Network devices On these...
  • 8. Different teams a single platform Red Hat Ansible Platform technical deck 8 Break down silos Cloud IT ops Devs/DevOps SecOps Network ops Line of business Edge Datacenter Consistent governance
  • 9. What makes a platform? 9 Automation controller Automation hub Automation services catalog Fueled by an open source community Insights for Ansible Automation Platform Ansible command line Ansible Cloud Services On-premises Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Operators Domain experts Users
  • 10. Automation and IT modernization Red Hat named a Leader in The Forrester Wave™ Infrastructure Automation Platforms, Q3 2020 ▸ “Ansible continues to grow quickly, particularly among enterprises that are automating networks. The solution excels at providing a variety of deployment options and acting as a service broker to a wide array of other automation tools.” ▸ “Red Hat’s solution is a good fit for customers that want a holistic automation platform that integrates with a wide array of other vendors’ infrastructure.” Source: Gardner, Chris, Glenn O'Donnell, Robert Perdonii, and Diane Lynch. "The Forrester Wave™: Infrastructure Automation Platforms, Q3 2020." Forrester, 10 Aug. 2020. DISCLAIMER: The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Received highest possible score in the criteria of: ● Deployment functionality ● Product Vision ● Partner Ecosystem ● Supporting products and services ● Community support ● Planned product enhancements
  • 11. Cloud Virt & Container Windows Network Security Monitoring Ansible automates technologies you use Time to automate is measured in minutes AWS Azure Digital Ocean Google OpenStack Rackspace +more Docker VMware RHV OpenStack OpenShift +more ACLs Files Packages IIS Regedits Shares Services Configs Users Domains +more A10 Arista Aruba Cumulus Bigswitch Cisco Dell Extreme F5 Lenovo MikroTik Juniper OpenSwitch +more Checkpoint Cisco CyberArk F5 Fortinet Juniper IBM Palo Alto Snort +more Dynatrace Datadog LogicMonitor New Relic Sensu +more Devops Jira GitHub Vagrant Jenkins Slack +more Storage Netapp Red Hat Storage Infinidat +more Operating Systems RHEL Linux Windows +more
  • 12. 12 Cloud Topics Covered: ● Understanding the Ansible Infrastructure ● Check the prerequisites
  • 13. Web Servers node1 ansible Workbench Topology node2 node3 Amazon VPC router ● Drink our own champagne. Provisioned by, configured by, and managed by Red Hat Ansible Automation Platform. https://github.com/ansible/workshops ● Learn with the real thing Every student will have their own fully licensed Red Hat Ansible Tower control node. No emulators or simulators here. ● Red Hat Enterprise Linux All four nodes are enterprise Linux, showcasing real life use-cases to help spark ideas for what you can automate today. The lab environment today
  • 14. Provision Configure Resources Subnets, gateways, security groups, SSH keys Instances RHEL, Cisco, Arista, Checkpoint, Windows, etc Inventory Load and sort newly created instances for further automation How does it work? Ansible environment install Ansible Tower, SSH config, user accounts, etc Code Server Configure in-browser text editor and terminal DNS Configure DNS names for all control nodes Login Website Dynamically create login webpage for students Manage Instructor Inventory Provide inventory and login information and master key Log Information Record student count and instructor for statistics
  • 15. 15 Exercise 1 Topics Covered: ● Understanding the Ansible Infrastructure ● Check the prerequisites
  • 16. Automation hub Ansible content experience The automation lifecycle Create Red Hat Ansible Platform technical deck: Create 16 Domain experts Ansible content domains Infrastructure Cloud Network Security Linux Windows Content creators Build Discover Trust Red Hat cloud / on-premises
  • 17. Ansible playbooks Red Hat Ansible Platform technical deck: Create 17 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started
  • 18. Red Hat Ansible Platform technical deck: Create 18 What makes up an Ansible playbook? Plugins Modules Plays
  • 19. --- - name: install and start apache hosts: web become: yes What am I automating? Ansible plays Red Hat Ansible Platform technical deck: Create 19 What are they? Top level specification for a group of tasks. Will tell that play which hosts it will execute on and control behavior such as fact gathering or privilege level. Building blocks for playbooks Multiple plays can exist within an Ansible playbook that execute on different hosts.
  • 20. The “tools in the toolkit” Ansible modules Red Hat Ansible Platform technical deck: Create 20 What are they? Parametrized components with internal logic, representing a single step to be done. The modules “do” things in Ansible. Language Usually Python, or Powershell for Windows setups. But can be of any language. - name: latest index.html file ... template: src: files/index.html dest: /var/www/html/
  • 21. The “extra bits” Ansible plugins Red Hat Ansible Platform technical deck: Create 21 What are they? Plugins are pieces of code that augment Ansible’s core functionality. Ansible uses a plugin architecture to enable a rich, flexible, and expandable feature set. Example become plugin: --- - name: install and start apache hosts: web become: yes Example filter plugins: {{ some_variable | to_nice_json }} {{ some_variable | to_nice_yaml }}
  • 22. The systems that a playbook runs against Ansible Inventory Red Hat Ansible Platform technical deck: Create 22 What are they? List of systems in your infrastructure that automation is executed against [web] webserver1.example.com webserver2.example.com [db] dbserver1.example.com [switches] leaf01.internal.com leaf02.internal.com
  • 23. Reusable automation actions Ansible roles Red Hat Ansible Platform technical deck: Create 23 What are they? Group your tasks and variables of your automation in a reusable structure. Write roles once, and share them with others who have similar challenges in front of them. --- - name: install and start apache hosts: web roles: - common - webservers
  • 24. Simplified and consistent content delivery Collections Red Hat Ansible Platform technical deck: Create 24 What are they? Collections are a data structure containing automation content: ▸ Modules ▸ Playbooks ▸ Roles ▸ Plugins ▸ Docs ▸ Tests
  • 25. Red Hat Ansible Platform technical deck: Create 25 nginx_core ├── MANIFEST.json ├── playbooks │ ├── deploy-nginx.yml │ └── ... ├── plugins ├── README.md └── roles ├── nginx │ ├── defaults │ ├── files │ │ └── … │ ├── tasks │ └── templates │ └── ... ├── nginx_app_protect └── nginx_config --- - name: Install NGINX Plus hosts: all tasks: - name: Install NGINX include_role: name: nginxinc.nginx vars: nginx_type: plus - name: Install NGINX App Protect include_role: name: nginxinc.nginx_app_protect vars: nginx_app_protect_setup_license: false nginx_app_protect_remove_license: false nginx_app_protect_install_signatures: false deploy-nginx.yml Collections
  • 26. 90+ Why the Red Hat Ansible Automation Platform? Network Security Infrastructure Cloud certified platforms 26
  • 27. Network Devices / API Endpoints Linux / Windows Hosts Module code is copied to the managed node, executed, then removed Module code is executed locally on the control node Ansible Automation Platform Ansible Automation Platform Local Execution Remote Execution How Ansible Automation Works
  • 28. 28 ● Follow the steps in to access environment ● Use the IP provided to you, the script only has example IP ● Which editor do you use on command line? If you don’t know, we have a short intro Verify Lab Access
  • 29. Lab Time Complete exercise 1-setup now in your lab environment
  • 30. 30 Exercise 2 Topics Covered: ● Ansible inventories ● Accessing Ansible docs ● Modules and getting help
  • 31. 31 ▸ Ansible works against multiple systems in an inventory ▸ Inventory is usually file based ▸ Can have multiple groups ▸ Can have variables for each group or even host Inventory
  • 32. Ansible Inventory Red Hat Ansible Platform technical deck: Create 32 The Basics An example of a static Ansible inventory including systems with IP addresses as well as fully qualified domain name (FQDN) [myservers] 10.42.0.2 10.42.0.6 10.42.0.7 10.42.0.8 10.42.0.100 host.example.com
  • 33. Ansible Inventory - The Basics 33 [app1srv] appserver01 ansible_host=10.42.0.2 appserver02 ansible_host=10.42.0.3 [web] node-[1:30] ansible_host=10.42.0.[31:60] [web:vars] apache_listen_port=8080 apache_root_path=/var/www/mywebdocs/ [all:vars] ansible_user=kev ansible_ssh_private_key_file=/home/kev/.ssh/id_rsa
  • 34. Ansible Inventory - Variables 34 [app1srv] appserver01 ansible_host=10.42.0.2 appserver02 ansible_host=10.42.0.3 [web] node-[1:30] ansible_host=10.42.0.[31:60] [web:vars] apache_listen_port=8080 apache_root_path=/var/www/mywebdocs/ [all:vars] ansible_user=ender ansible_ssh_private_key_file=/home/ender/.ssh/id_rsa
  • 35. Ansible Inventory - Groups 35 [nashville] bnaapp01 bnaapp02 [atlanta] atlapp03 atlapp04 [south:children] atlanta nashville hsvapp05
  • 36. Accessing the Ansible docs Red Hat Ansible Platform technical deck: Create 36 $ ansible-navigator doc -l -m stdout add_host amazon.aws.aws_az_facts amazon.aws.aws_caller_facts amazon.aws.aws_caller_info . . . . . With the use of the latest command utility ansible-navigator, one can trigger access to all the modules available to them as well as details on specific modules. A formal introduction to ansible-navigator and how it can be used to run playbooks in the following exercise.
  • 37. Accessing the Ansible docs Red Hat Ansible Platform technical deck: Create 37 $ ansible-navigator doc user -m stdout > ANSIBLE.BUILTIN.USER (/usr/lib/python3.8/site-packages/ansible/m odules/user.py) Manage user accounts and user attributes. For Windows targets, use the [ansible.windows.win_user] module instead. Aside from listing a full list of all the modules, you can use ansible-navigator to provide details about a specific module. In this example, we are getting information about the user module.
  • 38. Bash vs. Ansible - name: Run mssql-conf setup command: /opt/mssql/bin/mssql-conf -n setup accept-eula environment: - MSSQL_SA_PASSWORD: "{{ MSSQL_SA_PASSWORD }}" - MSSQL_PID: "{{ MSSQL_PID }}" when: install is changed - name: Add mssql-tools to $PATH lineinfile: path: "{{ item }}" line: export PATH="$PATH:/opt/mssql-tools/bin" loop: - ~/.bash_profile - ~/.bashrc echo Running mssql-conf setup... sudo MSSQL_SA_PASSWORD=$MSSQL_SA_PASSWORD MSSQL_PID=$MSSQL_PID /opt/mssql/bin/mssql-conf -n setup accept-eula echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc source ~/.bashrc
  • 39. Lab Time Complete exercise 2-thebasics now in your lab environment
  • 40. 40 Exercise 3 Topics Covered: ● Playbooks basics ● Running a playbook
  • 41. Ansible playbooks Red Hat Ansible Platform technical deck: Create 41 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A play
  • 42. Ansible playbooks Red Hat Ansible Platform technical deck: Create 42 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A task
  • 43. Ansible playbooks Red Hat Ansible Platform technical deck: Create 43 --- - name: install and start apache hosts: web become: yes tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present template: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started A module
  • 44. Ansible Colors 44 A task executed as expected, no change was made. A task executed as expected, making a change A task failed to execute successfully Running Playbooks The most important colors of Ansible
  • 45. Where it all starts A playbook run Red Hat Ansible Platform technical deck: Operate 45 ▸ A playbook is interpreted and run against one or multiple hosts - task by task. The order of the tasks defines the execution. ▸ In each task, the module does the actual work.
  • 46. Using the latest ansible-navigator command Running an Ansible Playbook Red Hat Ansible Platform technical deck: Create 46 What is ansible-navigator? ansible-navigator command line utility and text-based user interface (TUI) for running and developing Ansible automation content. It replaces the previous command used to run playbooks “ansible-playbook”. $ ansible-navigator run playbook.yml
  • 47. Bye ansible-playbook, Hello ansible-navigator ansible-navigator Red Hat Ansible Platform technical deck: Create 47 How do I use ansible-navigator? As previously mentioned, it replaces the ansible-playbook command. As such it brings two methods of running playbooks: ▸ Direct command-line interface ▸ Text-based User Interface (TUI) # Direct command-line interface method $ ansible-navigator run playbook.yml -m stdout # Text-based User Interface method $ ansible-navigator run playbook.yml
  • 48. ansible command ansible-navigator command ansible-config ansible-navigator config ansible-doc ansible-navigator doc ansible-inventory ansible-navigator inventory ansible-playbook ansible-navigator run Mapping to previous Ansible commands ansible-navigator
  • 49. Common subcommands ansible-navigator Name Description CLI Example Colon command within TUI collections Explore available collections ansible-navigator collections --help :collections config Explore the current ansible configuration ansible-navigator config --help :config doc Review documentation for a module or plugin ansible-navigator doc --help :doc images Explore execution environment images ansible-navigator images --help :images inventory Explore and inventory ansible-navigator inventory --help :inventory replay Explore a previous run using a playbook artifact ansible-navigator replay --help :replay run Run a playbook ansible-navigator run --help :run welcome Start at the welcome page ansible-navigator welcome --help :welcome
  • 50. Lab Time Complete exercise 3-playbooks now in your lab environment
  • 51. 51 Exercise 4 Topics Covered: ● Working with variables ● What are facts?
  • 52. Ansible playbooks Red Hat Ansible Platform technical deck: Create 52 --- - name: variable playbook test hosts: localhost vars: var_one: awesome var_two: ansible is var_three: "{{ var_two }} {{ var_one }}" tasks: - name: print out var_three debug: msg: "{{ var_three }}"
  • 53. Ansible playbooks Red Hat Ansible Platform technical deck: Create 53 --- - name: variable playbook test hosts: localhost vars: var_one: awesome var_two: ansible is var_three: "{{ var_two }} {{ var_one }}" tasks: - name: print out var_three debug: msg: "{{ var_three }}" ansible is awesome
  • 54. Ansible Facts 54 tasks: - name: Collect all facts of host setup: gather_subset: - 'all' ▸ Just like variables, really... ▸ … but: coming from the host itself! ▸ Check them out with the setup module
  • 55. Ansible playbooks Red Hat Ansible Platform technical deck: Create 55 --- - name: facts playbook hosts: localhost tasks: - name: Collect all facts of host setup: gather_subset: - ‘all’ $ ansible-navigator run playbook.yml
  • 56. Ansible Navigator TUI Red Hat Ansible Platform technical deck: Create 56 PLAY NAME OK CHANGED UNREACHABLE FAILED SKIPPED IGNORED IN PROGRESS TASK COUNT PROGRESS 0│facts playbook 2 0 0 0 0 0 0 2 COMPLETE RESULT HOST NUMBER CHANGED TASK TASK ACTION DURATION 0│OK localhost 0 False Gathering Facts gather_facts 1s 1│OK localhost 1 False Collect all facts of host setup 1s PLAY [facts playbook:1] ******************************************************************************************************************* TASK [Collect all facts of host] *************************************************************************************************************** OK: [localhost] . . 12 │ ansible_facts: 13│ ansible_all_ipv4_addresses: 14│ - 10.0.2.100 15│ ansible_all_ipv6_addresses: 16│ - fe80::1caa:f0ff:fe15:23c4
  • 57. 57 $ tree ansible-files/ ├── deploy_index_html.yml ├── files │ ├── dev_web.html │ └── prod_web.html ├── group_vars │ └── web.yml └── host_vars └── node2.yml Ansible Inventory - Managing Variables In Files
  • 58. $ cat group_vars/web.yml --- stage: dev 58 ├── deploy_index_html.yml ├── files │ ├── dev_web.html │ └── prod_web.html ├── group_vars │ └── web.yml └── host_vars └── node2.yml Ansible Inventory - Managing Variables In Files $ cat host_vars/node2.yml --- stage: prod - name: copy web.html copy: src: "{{ stage }}_web.html" dest: /var/www/html/index.html
  • 59. Lab Time Complete exercise 4-variables now in your lab environment
  • 61. Controller surveys allow you to configure how a job runs via a series of questions, making it simple to customize your jobs in a user-friendly way. An Ansible Controller survey is a simple question-and-answer form that allows users to customize their job runs. Combine that with Controller’s role-based access control, and you can build simple, easy self-service for your users. Surveys
  • 62. Once a Job Template is saved, the Survey menu will have an Add Button Click the button to open the Add Survey window. Creating a Survey (1/2)
  • 63. The Add Survey window allows the Job Template to prompt users for one or more questions. The answers provided become variables for use in the Ansible Playbook. Creating a Survey (2/2)
  • 64. When launching a job, the user will now be prompted with the Survey. The user can be required to fill out the Survey before the Job Template will execute. Using a Survey
  • 65. Lab Time Complete exercise 5-surveys now in your lab environment
  • 66. 66 Exercise 6 Topics Covered: ● Red Hat Enterprise Linux System Roles
  • 67. Physical SIte Physical SIte Automation Hub and Ansible Galaxy Ansible Content Roles & Collections
  • 68. Linux System Roles Collection ● Consistent user interface to provide settings to a given subsystem that is abstract from any particular implementation Examples kdump network selinux timesync
  • 69. Importing roles and collections Red Hat Ansible Platform technical deck: Create 69 --- - name: example system roles playbook hosts: web tasks: - name: Configure Firewall include_role: name: linux-system-roles.firewall - name: Configure Timesync include_role: name: redhat.rhel_system_roles.timesync timesync role is referenced from the RHEL System Roles Collection
  • 70. Lab Time Complete exercise 6-system-roles now in your lab environment
  • 71. 71 Exercise 7 Topics Covered: ● Red Hat Insights intro ● Insights integration
  • 72. Helping you better manage your hybrid and cloud environments Red Hat Insights What is Red Hat Insights? Predicting risks Recommending actions Analyzing costs
  • 73. A cloud analytics platform that helps you better manage your hybrid and cloud environments Red Hat Insights What does Red Hat Insights do? ▸ Gathers configuration and utilization data from your Red Hat® products ▸ Analyzes the data based on Red Hat knowledge and expertise ▸ Generates and prioritizes insights for you to take action
  • 74. Red Hat Insights ▸ Configuration review to make sure systems are setup correctly ▸ Centralized view of all CVEs, patches, and compliance risks ▸ Easily identify interoperability issues from the hypervisor or cloud, through the OS, and through the application stack ▸ Identify drift to make sure systems are the same ▸ Know how many subscriptions you are using in seconds Use Red Hat’s expertise and knowledge to evaluate your systems How does Red Hat Insights help me?
  • 75. Red Hat Insights Hybrid cloud console Access at cloud.redhat.com
  • 76. Red Hat Insights for Red Hat Ansible Automation Platform Savings planner Automation calculator Advisor Drift Automation analytics Business Track and optimize spending Operations Improve stability and performance Security Reduce risk Efficient hybrid-cloud scale Red Hat Insights for Red Hat Ansible Automation Platform For all your hybrid-cloud challenges Policies
  • 77. Savings Planner Create a plan that details: ● How long manual work takes ● How often manual work is performed ● How many hosts are impacted ● List of tasks to be automated Results in estimated time and cost savings of automation. Red Hat Insights for Red Hat Ansible Automation Platform
  • 78. Savings planner: Pre-plan your automation savings Red Hat Insights for Red Hat Ansible Automation Platform Business
  • 79. Automation Calculator Measures the success of your automation ● See most to least save tasks in terms of $$ ● Determine ROI of your automation Red Hat Insights for Red Hat Ansible Automation Platform
  • 80. Automation calculator: Calculate your ROI from automation using the data gathered by Red Hat Insights analytics Red Hat Insights for Red Hat Ansible Automation Platform Business
  • 81. Automation Analytics Provides a detailed view of automation activity across your organization ● Health Notifications ● Organization Statistics Red Hat Insights for Red Hat Ansible Automation Platform
  • 82. Automation analytics: Gather information about how automation is being used in your environment Red Hat Insights for Red Hat Ansible Automation Platform Operations
  • 83. Advisor Analyzes your automation controller deployments for issues with: ● Availability ● Performance ● Stability ● Security Red Hat Insights for Red Hat Ansible Automation Platform
  • 84. Advisor: Availability, performance, stability, and security risk analysis Red Hat Insights for Red Hat Ansible Automation Platform Operations
  • 85. Drift Lets you created baselines and compare systems to identify: ● Differences from a baseline ● Differences from other systems ● Differences from historical system profiles Red Hat Insights for Red Hat Ansible Automation Platform
  • 86. Drift: Create baselines and compare systems to monitor for differences as systems drift Red Hat Insights for Red Hat Ansible Automation Platform Operations
  • 87. Policies Lets you create your own internal policies based on facts collected by Insights ● Quickly identify situations that exist that shouldn’t Red Hat Insights for Red Hat Ansible Automation Platform
  • 88. Policies: Define and monitor against your own policies to identify misalignment Red Hat Insights for Red Hat Ansible Automation Platform Security
  • 89. Reports Provides executive summaries of automation across the organization ● Defined in collaboration with existing customers ○ Hosts changed by job template ○ Changes made by job template ○ Job template run rate ● Track automation KPIs and identify discrepancies Red Hat Insights for Red Hat Ansible Automation Platform
  • 90. Reports: Provide executive summaries of automation across the organization Red Hat Insights for Red Hat Ansible Automation Platform
  • 91. Red Hat Insights Included with your Red Hat Enterprise Linux subscription Assesses customer’s Red Hat environments Remediates findings with prescriptive remediation steps or an Ansible playbook Insights rule contributions directly from Red Hat subject matter experts Identifying risks for Availability, performance, stability and security
  • 92. Insights plans with Ansible playbooks Solve common issues through Ansible Automation
  • 93. Insights ● Insights provides Ansible Playbooks for resolving many common risks. ● Dynamically generates Ansible Playbooks for risk remediation ● Playbooks can be downloaded and run via ansible-playbook or Satellite Insights connected to Ansible Controller ● View identified risks in the Tower inventory ● Execute generated Ansible Playbook as a Tower job ● Use Tower for enterprise risk remediation ANSIBLE & INSIGHTS While Insights includes Ansible playbooks for risks, Insights alone can’t perform remediation of the risks.
  • 94. Next steps 94 Learn more Where to go next Get started ▸ Workshops ▸ Documents ▸ Youtube ▸ Twitter ▸ Evals ▸ cloud.redhat.com Get serious ▸ Red Hat Automation Adoption Journey ▸ Red Hat Training ▸ Red Hat Consulting