SlideShare a Scribd company logo

Technical introduction to Red Hat Ansible

P
pbtest

The document outlines a series of webinars focused on IBM Cloud and Red Hat technologies, including technical introductions to various products like Red Hat Ansible and OpenShift. It emphasizes the importance of automation in enterprise environments using Ansible for application deployment, configuration management, and orchestration across diverse IT infrastructures. Additionally, it provides information on how to get started with Ansible, including community resources and training opportunities.

Technology
1 of 50
Download to read offline
1
2
3
4
Most read
5
6
7
8
9
10
Most read
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
© IBM Red Hat Ansible Cloud & Cognitive Webinar Series 14 August 2019
© IBM Cloud & Containerisation Webinar Series • A Series of Webinars • Technical Audience • IBMers & Business Partners • Delivered online – and recorded to view later & share with your teams 1 AP Webinar: Cloud & Containerisation Launch 12 June 2 AP Webinar: IBM Cloud Private - Under the hood for an hour 14 June 3 AP Webinar: Red Hat OpenShift - See it presented by a Red Hatter. 21 June 4 AP Webinar: Multi Cloud Manager - From zero to demo in an hour. 28 June 5 Technical introduction to Red Hat Ansible 14 August 6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite 21 August 7 Technical introduction to Red Hat OpenStack 28 August
IBM Cloud / July 2019 / © 2019 IBM Corporation Open standards to liberate apps, workloads, and developers Open source ecosystems to speed innovation Secure, open access to data and AI for new insights
IBM Cloud / July 2019 / © 2019 IBM Corporation Expertise – Ecosystem An extensive ecosystem built on open source and open standards accelerate innovation.
© IBM Speaker Brian Stinehart Solution Architect Red Hat
Technical Introduction to Red Hat Ansible Introduction to Ansible for engineers and operators
● Introduction to automation ● How Ansible automation works ● Understanding Ansible modules and playbooks ● Executing Ansible playbooks ● Using Ansible Tower to scale automation to the enterprise 7 What you will learn
8 Automation happens when one person meets a problem they never want to solve again
ACCELERATE INTEGRATE COLLABORATE 9
An enterprise-wide automation strategy INDIVIDUAL TEAM ENTERPRISE must benefit individuals first.
11 Ansible Trajectory
Why Ansible? Simple Powerful Agentless App deployment Configuration management Workflow orchestration Network automation Orchestrate the app lifecycle Human readable automation No special coding skills needed Tasks executed in order Usable by every team Get productive quickly Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update Get started immediately More efficient & more secure
REDHATANSIBLETOWER REDHATANSIBLEENGINE S cale +operationalize your automation S upport for your Ansible automation CONTROL KNOWLEDGE DELEGATION SIMPLE POWERFUL AGENTLESS FUELEDBYAN INNOVATIVEOPEN SOURCECOMMUNITY What is Ansible Automation?
USE CASES USERS ANSIBLE ENGINE PYTHON CODEBASE OPEN SOURCE MODULE LIBRARY PLUGINS CLOUD AWS, GOOGLE CLOUD, AZURE … INFRASTRUCTURE LINUX, WINDOWS, UNIX … NETWORKS ARISTA, CISCO, JUNIPER … CONTAINERS DOCKER, LXC … SERVICES DATABASES, LOGGING, SOURCE CONTROL MANAGEMENT… TRANSPORT SSH, WINRM, ETC. AUTOMATE YOUR ENTERPRISE ADMINS ANSIBLE CLI & CI SYSTEMS ANSIBLE PLAYBOOKS …. ANSIBLE TOWER SIMPLE USER INTERFACE TOWER API ROLE-BASED ACCESS CONTROL KNOWLEDGE & VISIBILITY SCHEDULED & CENTRALIZED JOBS CONFIGURATION MANAGEMENT APP DEPLOYMENT CONTINUOUS DELIVERY SECURITY & COMPLIANCE ORCHESTRATION PROVISIONING
Common use cases ● Role out patches and updates ● Schedule backups ● Restore from any timestamp ● Build workflows that rollback Update, Backup and Restore ● Check configuration standards ● Track configuration drift ● Enforce configuration policy Configuration ● Adhere to security standards ● Build reports ● Audit systems and configurations Compliance ✓ ✓ ✓ ✓
What else can I do using Ansible? Automate the deployment and management of your entire IT footprint. Orchestration Do this... Firewalls Configuration Management Application Deployment Provisioning Continuous Delivery Security and Compliance On these... Load Balancers Applications Containers Clouds Servers Infrastructure Storage And more... Network Devices
Ansible Automation works across teams DEV QA/SECURITY I.T. OPERATIONS BUSINESS NETWORK
Cloud Virt & Container Windows Network Devops Monitoring Ansible automates technologies you use Time to automate is measured in minutes AWS Azure Digital Ocean Google OpenStack Rackspace +more Docker VMware RHV OpenStack OpenShift +more ACLs Files Packages IIS Regedits Shares Services Configs Users Domains +more Arista A10 Cumulus Bigswitch Cisco Cumulus Dell F5 Juniper Palo Alto OpenSwitch +more Jira GitHub Vagrant Jenkins Bamboo Atlassian Subversion Slack Hipchat +more Dynatrace Airbrake BigPanda Datadog LogicMonitor Nagios New Relic PagerDuty Sensu StackDriver Zabbix +more Storage Netapp Red Hat Storage Infinidat +more Operating Systems Rhel And Linux Unix Windows +more
7 Platforms 28 Modules 17 Platforms 141 Modules 29 Platforms 267 Modules 33 Platforms 463 Modules 2.1 May 2016 2.2 Oct 2016 2.3 Apr 2017 2.4 Sep 2017 NETWORK AUTOMATION PROGRESS 40 Platforms 572 Modules 2.5 Mar 2018 45 Platforms 639 Modules 2.6 Jun 2018 50 Platforms 700 Modules 2.7 Oct 2018 2.8 July 2019 65 Platforms 1000 Modules
ANSIBLE AUTOMATION ENGINE CMDB USERS INVENTORY HOSTS NETWORK DEVICES PLUGINS CLI MODULES ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD
ANSIBLE AUTOMATION ENGINE CMDB USERS INVENTORY HOSTS NETWORK DEVICES PLUGINS CLI MODULES ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD PLAYBOOKS ARE WRITTEN IN YAML Tasks are executed sequentially Invoke Ansible modules
--- - name: install and start apache hosts: web become: yes vars: http_port: 80 tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present copy: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started
GITHUB github.com/ansible/ansible-examples LAMP + HAPROXY + NAGIOS github.com/ansible/ansible-examples/tree/master/lamp_haproxy WINDOWS github.com/ansible/ansible-examples/tree/master/windows SECURITY COMPLIANCE github.com/ansible/ansible-lockdown NETWORK AUTOMATION ansible.com/linklight github.com/network-automation Playbook examples:
ANSIBLE AUTOMATION ENGINE CMDB USERS INVENTORY HOSTS NETWORK DEVICES PLUGINS CLI ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD MODULES ARE “TOOLS IN THE TOOLKIT” Python, Powershell, or any language Extend Ansible simplicity to the entire stack MODULES CORE NETWORK COMMUNITY
How Ansible Works NETWORKING DEVICES LINUX/WINDOWS HOSTS Module code is copied to the managed node, executed, then removed Module code is executed locally on the control node
Module Documentation https://docs.ansible.com/ ● Documentation is required as part of module submission ● Multiple Examples for every module ● Broken into relevant sections
ANSIBLE AUTOMATION ENGINE CMDB USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD MODULES PLUGINS INVENTORY INVENTORY [web] webserver1.example.com webserver2.example.com [db] dbserver1.example.com [switches] leaf01.internal.com leaf02.internal.com [firewalls] checkpoint01.internal.com [lb] f5-01.internal.com
ANSIBLE AUTOMATION ENGINE USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK MODULES PLUGINS INVENTORY CMDB ServiceNow, Cobbler, BMC, Custom cmdb PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD CMDB
ANSIBLE AUTOMATION ENGINE USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK MODULES PLUGINS INVENTORY PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD CLOUD Red Hat Openstack, Red Hat Satellite, VMware, AWS EC2, Rackspace, Google Compute Engine, Azure CMDB
Individual ENGINE Inventory Target Environment Modules Playbook How Ansible Works Source Control Configuration Playbooks Credentials
How Ansible Works - The Power of Ansible Tower 1 2 3 4 5 6 7 8 9
[student1@ansible networking-workshop]$ ansible-playbook facts.yml PLAY [gather information from routers] ********************************************************* TASK [gather router facts] ******************************************************************* ok: [rtr1] PLAY RECAP ****************************************************************************** rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Running the Ansible Playbook What did this Ansible Playbook do?
[student1@ansible networking-workshop]$ ansible-playbook facts.yml -v PLAY [gather information from routers] ********************************************************* Using /home/student1/.ansible.cfg as config file TASK [gather router facts] ******************************************************************* ok: [rtr1] => changed=false ansible_net_iostype: IOS-XE ansible_net_memtotal_mb: 2180495 ansible_net_model: CSR1000V ansible_net_python_version: 2.7.5 ansible_net_serialnum: 964A1H0D1RM ansible_net_system: ios ansible_net_version: 16.09.02 <<abbreviated output>> PLAY RECAP ****************************************************************************** rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Running the Ansible Playbook with verbosity
Build reports with Ansible Facts
AUTOMATION ACROSS THE ENTERPRISE
36 CONFIDENTIAL Individual Network device Playbooks ENGINE Individual Windows Team Network Team Playbooks Playbooks Network device Teams Windows Team Network Team Playbooks Playbooks Network device Virtual project or automation Team WORKFLOW Enterprise Extending Ansible to the Enterprise
Automatic Provisioning at Speed and Scale - The Journey.
38 CONFIDENTIAL Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software Stage 1: improving existing processes SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes Build workload specific SOE (Keep current tooling in place) - Satellite & SCCM - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) API Call back to Service Desk to close off process Your organisation may have invested in processes and tooling for server provisioning. A good first step is to use Ansible to complement existing investments by: ● Streamlining the manual process into an automation workflow ● Improving the process with pre/post config and testing ● Filling gaps in current tooling Initiate build - Pre-Installation checks. Fail fast
39 CONFIDENTIAL As you go, look to further improve the process by reducing the number of tools and manual steps For example use Ansible modules that can hook into VMWare and Cloud APIs to provision base templates. Initiate build - Pre-Installation checks. Fail fast Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes API Call back to Service Desk to close off process Build workload specific SOE (Ansible modules) - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Stage 2: reducing the number of tools
40 CONFIDENTIAL - Allow teams to provision corporate standard SOE’s for on-premise and clouds as required after approval process complete - Allow teams to extend SOE build to deliver the outcome Network Config - Firewall, Ports - VPC - VLANs - Access Control Lists Application/Business Outcome Application, CICD, Testing teams call Tower API API Call back to Service Desk to close one process and raise another Application builds & configuration - AppServers - DBServers - Middleware Initiate build - Pre-Installation checks. Fail fast Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes Build workload specific SOE (Ansible modules) - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Stage 3: self service the SOE process & extend
41 CONFIDENTIAL Ansible Tower - Schedule non critical patching & Upgrades - Apply compliance config - Log outputs to SIEM Day 2 - Updates/Patching/Continuous Compliance Day N - Maintenance/Break Fix Ansible Tower - Break Fix - Ad Hoc commands at scale - Log Outputs to SIEM - Resist, Resist, Resist manual change - aspire for 80% automated 20% manual Team X Windows Team Network Team Playbooks Playbooks Network device Virtual project or automation Team WORKFLOW Enterprise Enterprise Tooling -Helpdesk -ServiceNow -Monitoring -Privileged Accounts -CMDB.... Source Control Stage 4: Day 2-N operations is just as important
THE LAST STAGE? Ansible Playbook + Network config. Make Changes Control Version Check Out Branch Check In Branch / Create PR 1 Notifies of pass / fail Monitors repository for changes Test changes Notify of PR 2 Merge Branch 3 Deploy Playbooks Notifies of deployment Pulls new Playbooks 4
43 ● Ansible Automation Training workshops - Windows, Linux and Networking ○ hands on Ansible playbook training hosted onsite to upskill resources and increase adoption ● Ansible use case discovery workshops & ROI exercises ○ Workshop to help uncover high business impact, low cost to implement automation use cases to help drive an investment in Ansible automation ● Red Hat supported MVP Ansible Tower trials ○ Prove a use case in your environment to support business case development ● Ansible smart start programs ○ Combine Ansible Red Hat Training and Red Hat consulting services to fasttrack your journey to ROI. Next Steps?
Technical introduction to Red Hat Ansible
And we are just getting started…
GET STARTED JOIN THE COMMUNITY WORKSHOPS & TRAINING SHARE YOUR STORY ansible.com/get-started ansible.com/tower-trial ansible.com/workshops Red Hat Training ansible.com/community Follow us @Ansible Friend us on Facebook Next Steps
Chat with us ● Slack https://ansiblenetwork.slack.com Join by clicking here https://bit.ly/2OfNEBr ● IRC #ansible-network on freenode http://webchat.freenode.net/?channels=ansible-network
Bookmark the Github organization ● Examples, samples and demos ● Run network topologies right on your laptop
CONFIDENTIAL Designator linkedin.com/company/red-hat youtube.com/AnsibleAutomation facebook.com/ansibleautomation twitter.com/ansible github.com/ansible CORPORATE SLIDE TEMPLATES 49 Thank you
© IBM Cloud & Containerisation Webinar Series • A Series of Webinars • Technical Audience • IBMers & Business Partners • Delivered online – and recorded to view later & share with your teams 1 AP Webinar: Cloud & Containerisation Launch 12 June 2 AP Webinar: IBM Cloud Private - Under the hood for an hour 14 June 3 AP Webinar: Red Hat OpenShift - See it presented by a Red Hatter. 21 June 4 AP Webinar: Multi Cloud Manager - From zero to demo in an hour. 28 June 5 Technical introduction to Red Hat Ansible 14 August 6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite 21 August 7 Technical introduction to Red Hat OpenStack 28 August

More Related Content

PDF
Red hat ansible automation technical deck
Juraj Hantak
 
PDF
ansible_rhel_90.pdf
ssuserd254491
 
PDF
Ansible automation sa technical deck q2 fy19
dvillaco
 
PDF
06 network automationwithansible
Khairul Zebua
 
PDF
Ansible nice-pdf-copy-for-pres
Manmohan Singh
 
PPTX
Ansible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Vietnam Open Infrastructure User Group
 
PPTX
Intro to-ansible-sep7-meetup
Ramesh Godishela
 
PDF
ansible_rhel.pdf
ssuser6d347b
 
Red hat ansible automation technical deck
Juraj Hantak
 
ansible_rhel_90.pdf
ssuserd254491
 
Ansible automation sa technical deck q2 fy19
dvillaco
 
06 network automationwithansible
Khairul Zebua
 
Ansible nice-pdf-copy-for-pres
Manmohan Singh
 
Ansible Automation - Enterprise Use Cases | Juncheng Anthony Lin
Vietnam Open Infrastructure User Group
 
Intro to-ansible-sep7-meetup
Ramesh Godishela
 
ansible_rhel.pdf
ssuser6d347b
 

Similar to Technical introduction to Red Hat Ansible (20)

PDF
Ansible at work
Bas Meijer
 
PPTX
Ansible: What, Why & How
Alfonso Cabrera
 
PPTX
Accelerating with Ansible
Global Knowledge Training
 
PPTX
Red Hat Ansible Client presentation Level 2.PPTX
Alejandro Daricz
 
PPTX
final-technical-roadmap-aap-2 ansible redhat
pbtest
 
PDF
Ansible Automation to Rule Them All
Tim Fairweather
 
PPTX
slidesaver.app_ptiswhansiblewyeddik.pptx
hatimlebbar3
 
PPTX
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
PDF
03 ansible towerbestpractices-nicholas
Khairul Zebua
 
PDF
Ansible & Salt - Vincent Boon
MyNOG
 
PPTX
Go Faster with Ansible (AWS meetup)
Richard Donkin
 
PDF
Automation with Ansible and Containers
Rodolfo Carvalho
 
PDF
Ansible
Rahul Bajaj
 
PDF
Learning Ansible 2 2nd Edition Fabio Alessandro Locati
puksoupng5544
 
PDF
Ansible.pdf
shaikshazil1
 
PDF
Introduction to Ansible in RHEL- RHCE.pdf
RHCSA Guru
 
PPTX
Go Faster with Ansible (PHP meetup)
Richard Donkin
 
PPTX
Learn you some Ansible for great good!
David Lapsley
 
PDF
"Using Automation Tools To Deploy And Operate Applications In Real World Scen...
ConSol Consulting & Solutions Software GmbH
 
PDF
"Using Automation Tools To Deploy And Operate Applications In Real World Scen...
ConSol Consulting & Solutions Software GmbH
 
Ansible at work
Bas Meijer
 
Ansible: What, Why & How
Alfonso Cabrera
 
Accelerating with Ansible
Global Knowledge Training
 
Red Hat Ansible Client presentation Level 2.PPTX
Alejandro Daricz
 
final-technical-roadmap-aap-2 ansible redhat
pbtest
 
Ansible Automation to Rule Them All
Tim Fairweather
 
slidesaver.app_ptiswhansiblewyeddik.pptx
hatimlebbar3
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
03 ansible towerbestpractices-nicholas
Khairul Zebua
 
Ansible & Salt - Vincent Boon
MyNOG
 
Go Faster with Ansible (AWS meetup)
Richard Donkin
 
Automation with Ansible and Containers
Rodolfo Carvalho
 
Ansible
Rahul Bajaj
 
Learning Ansible 2 2nd Edition Fabio Alessandro Locati
puksoupng5544
 
Ansible.pdf
shaikshazil1
 
Introduction to Ansible in RHEL- RHCE.pdf
RHCSA Guru
 
Go Faster with Ansible (PHP meetup)
Richard Donkin
 
Learn you some Ansible for great good!
David Lapsley
 
"Using Automation Tools To Deploy And Operate Applications In Real World Scen...
ConSol Consulting & Solutions Software GmbH
 
"Using Automation Tools To Deploy And Operate Applications In Real World Scen...
ConSol Consulting & Solutions Software GmbH
 
Ad

More from pbtest (8)

PPTX
Veeam Backup Directly to Object Storage.pptx
pbtest
 
PDF
INTRODUCING Red Hat ANSIBLE Automation Platform
pbtest
 
PDF
IBM Storage security and Key differences in FlashSystem 5000 family
pbtest
 
PPTX
final-red-hat-te-2023-gaurav-midha open to world
pbtest
 
PPTX
rhte-2023-myths-about-openshift-virtualization-joachim-von-thadden.pptx
pbtest
 
PPTX
NBU Flex Container Hardware Overview Presentation
pbtest
 
PPTX
What's new in System Recovery 22.pptx
pbtest
 
PPTX
Tanzu Partner Competencies Overview EN.pptx
pbtest
 
Veeam Backup Directly to Object Storage.pptx
pbtest
 
INTRODUCING Red Hat ANSIBLE Automation Platform
pbtest
 
IBM Storage security and Key differences in FlashSystem 5000 family
pbtest
 
final-red-hat-te-2023-gaurav-midha open to world
pbtest
 
rhte-2023-myths-about-openshift-virtualization-joachim-von-thadden.pptx
pbtest
 
NBU Flex Container Hardware Overview Presentation
pbtest
 
What's new in System Recovery 22.pptx
pbtest
 
Tanzu Partner Competencies Overview EN.pptx
pbtest
 
Ad

Recently uploaded (20)

PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Approach and Philosophy of On baking technology
30anthuong17
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
KodekX | Application Modernization Development
KodekX
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
A Presentation on Artificial Intelligence
memembruh336
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 

Technical introduction to Red Hat Ansible

  • 1. © IBM Red Hat Ansible Cloud & Cognitive Webinar Series 14 August 2019
  • 2. © IBM Cloud & Containerisation Webinar Series • A Series of Webinars • Technical Audience • IBMers & Business Partners • Delivered online – and recorded to view later & share with your teams 1 AP Webinar: Cloud & Containerisation Launch 12 June 2 AP Webinar: IBM Cloud Private - Under the hood for an hour 14 June 3 AP Webinar: Red Hat OpenShift - See it presented by a Red Hatter. 21 June 4 AP Webinar: Multi Cloud Manager - From zero to demo in an hour. 28 June 5 Technical introduction to Red Hat Ansible 14 August 6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite 21 August 7 Technical introduction to Red Hat OpenStack 28 August
  • 3. IBM Cloud / July 2019 / © 2019 IBM Corporation Open standards to liberate apps, workloads, and developers Open source ecosystems to speed innovation Secure, open access to data and AI for new insights
  • 4. IBM Cloud / July 2019 / © 2019 IBM Corporation Expertise – Ecosystem An extensive ecosystem built on open source and open standards accelerate innovation.
  • 6. Technical Introduction to Red Hat Ansible Introduction to Ansible for engineers and operators
  • 7. ● Introduction to automation ● How Ansible automation works ● Understanding Ansible modules and playbooks ● Executing Ansible playbooks ● Using Ansible Tower to scale automation to the enterprise 7 What you will learn
  • 8. 8 Automation happens when one person meets a problem they never want to solve again
  • 12. Why Ansible? Simple Powerful Agentless App deployment Configuration management Workflow orchestration Network automation Orchestrate the app lifecycle Human readable automation No special coding skills needed Tasks executed in order Usable by every team Get productive quickly Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update Get started immediately More efficient & more secure
  • 13. REDHATANSIBLETOWER REDHATANSIBLEENGINE S cale +operationalize your automation S upport for your Ansible automation CONTROL KNOWLEDGE DELEGATION SIMPLE POWERFUL AGENTLESS FUELEDBYAN INNOVATIVEOPEN SOURCECOMMUNITY What is Ansible Automation?
  • 14. USE CASES USERS ANSIBLE ENGINE PYTHON CODEBASE OPEN SOURCE MODULE LIBRARY PLUGINS CLOUD AWS, GOOGLE CLOUD, AZURE … INFRASTRUCTURE LINUX, WINDOWS, UNIX … NETWORKS ARISTA, CISCO, JUNIPER … CONTAINERS DOCKER, LXC … SERVICES DATABASES, LOGGING, SOURCE CONTROL MANAGEMENT… TRANSPORT SSH, WINRM, ETC. AUTOMATE YOUR ENTERPRISE ADMINS ANSIBLE CLI & CI SYSTEMS ANSIBLE PLAYBOOKS …. ANSIBLE TOWER SIMPLE USER INTERFACE TOWER API ROLE-BASED ACCESS CONTROL KNOWLEDGE & VISIBILITY SCHEDULED & CENTRALIZED JOBS CONFIGURATION MANAGEMENT APP DEPLOYMENT CONTINUOUS DELIVERY SECURITY & COMPLIANCE ORCHESTRATION PROVISIONING
  • 15. Common use cases ● Role out patches and updates ● Schedule backups ● Restore from any timestamp ● Build workflows that rollback Update, Backup and Restore ● Check configuration standards ● Track configuration drift ● Enforce configuration policy Configuration ● Adhere to security standards ● Build reports ● Audit systems and configurations Compliance ✓ ✓ ✓ ✓
  • 16. What else can I do using Ansible? Automate the deployment and management of your entire IT footprint. Orchestration Do this... Firewalls Configuration Management Application Deployment Provisioning Continuous Delivery Security and Compliance On these... Load Balancers Applications Containers Clouds Servers Infrastructure Storage And more... Network Devices
  • 17. Ansible Automation works across teams DEV QA/SECURITY I.T. OPERATIONS BUSINESS NETWORK
  • 18. Cloud Virt & Container Windows Network Devops Monitoring Ansible automates technologies you use Time to automate is measured in minutes AWS Azure Digital Ocean Google OpenStack Rackspace +more Docker VMware RHV OpenStack OpenShift +more ACLs Files Packages IIS Regedits Shares Services Configs Users Domains +more Arista A10 Cumulus Bigswitch Cisco Cumulus Dell F5 Juniper Palo Alto OpenSwitch +more Jira GitHub Vagrant Jenkins Bamboo Atlassian Subversion Slack Hipchat +more Dynatrace Airbrake BigPanda Datadog LogicMonitor Nagios New Relic PagerDuty Sensu StackDriver Zabbix +more Storage Netapp Red Hat Storage Infinidat +more Operating Systems Rhel And Linux Unix Windows +more
  • 19. 7 Platforms 28 Modules 17 Platforms 141 Modules 29 Platforms 267 Modules 33 Platforms 463 Modules 2.1 May 2016 2.2 Oct 2016 2.3 Apr 2017 2.4 Sep 2017 NETWORK AUTOMATION PROGRESS 40 Platforms 572 Modules 2.5 Mar 2018 45 Platforms 639 Modules 2.6 Jun 2018 50 Platforms 700 Modules 2.7 Oct 2018 2.8 July 2019 65 Platforms 1000 Modules
  • 21. ANSIBLE AUTOMATION ENGINE CMDB USERS INVENTORY HOSTS NETWORK DEVICES PLUGINS CLI MODULES ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD PLAYBOOKS ARE WRITTEN IN YAML Tasks are executed sequentially Invoke Ansible modules
  • 22. --- - name: install and start apache hosts: web become: yes vars: http_port: 80 tasks: - name: httpd package is present yum: name: httpd state: latest - name: latest index.html file is present copy: src: files/index.html dest: /var/www/html/ - name: httpd is started service: name: httpd state: started
  • 23. GITHUB github.com/ansible/ansible-examples LAMP + HAPROXY + NAGIOS github.com/ansible/ansible-examples/tree/master/lamp_haproxy WINDOWS github.com/ansible/ansible-examples/tree/master/windows SECURITY COMPLIANCE github.com/ansible/ansible-lockdown NETWORK AUTOMATION ansible.com/linklight github.com/network-automation Playbook examples:
  • 24. ANSIBLE AUTOMATION ENGINE CMDB USERS INVENTORY HOSTS NETWORK DEVICES PLUGINS CLI ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD MODULES ARE “TOOLS IN THE TOOLKIT” Python, Powershell, or any language Extend Ansible simplicity to the entire stack MODULES CORE NETWORK COMMUNITY
  • 25. How Ansible Works NETWORKING DEVICES LINUX/WINDOWS HOSTS Module code is copied to the managed node, executed, then removed Module code is executed locally on the control node
  • 26. Module Documentation https://docs.ansible.com/ ● Documentation is required as part of module submission ● Multiple Examples for every module ● Broken into relevant sections
  • 27. ANSIBLE AUTOMATION ENGINE CMDB USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD MODULES PLUGINS INVENTORY INVENTORY [web] webserver1.example.com webserver2.example.com [db] dbserver1.example.com [switches] leaf01.internal.com leaf02.internal.com [firewalls] checkpoint01.internal.com [lb] f5-01.internal.com
  • 28. ANSIBLE AUTOMATION ENGINE USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK MODULES PLUGINS INVENTORY CMDB ServiceNow, Cobbler, BMC, Custom cmdb PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD CMDB
  • 29. ANSIBLE AUTOMATION ENGINE USERS HOSTS NETWORK DEVICES CLI ANSIBLE PLAYBOOK MODULES PLUGINS INVENTORY PUBLIC / PRIVATE CLOUD PUBLIC / PRIVATE CLOUD CLOUD Red Hat Openstack, Red Hat Satellite, VMware, AWS EC2, Rackspace, Google Compute Engine, Azure CMDB
  • 31. How Ansible Works - The Power of Ansible Tower 1 2 3 4 5 6 7 8 9
  • 32. [student1@ansible networking-workshop]$ ansible-playbook facts.yml PLAY [gather information from routers] ********************************************************* TASK [gather router facts] ******************************************************************* ok: [rtr1] PLAY RECAP ****************************************************************************** rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Running the Ansible Playbook What did this Ansible Playbook do?
  • 33. [student1@ansible networking-workshop]$ ansible-playbook facts.yml -v PLAY [gather information from routers] ********************************************************* Using /home/student1/.ansible.cfg as config file TASK [gather router facts] ******************************************************************* ok: [rtr1] => changed=false ansible_net_iostype: IOS-XE ansible_net_memtotal_mb: 2180495 ansible_net_model: CSR1000V ansible_net_python_version: 2.7.5 ansible_net_serialnum: 964A1H0D1RM ansible_net_system: ios ansible_net_version: 16.09.02 <<abbreviated output>> PLAY RECAP ****************************************************************************** rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Running the Ansible Playbook with verbosity
  • 34. Build reports with Ansible Facts
  • 36. 36 CONFIDENTIAL Individual Network device Playbooks ENGINE Individual Windows Team Network Team Playbooks Playbooks Network device Teams Windows Team Network Team Playbooks Playbooks Network device Virtual project or automation Team WORKFLOW Enterprise Extending Ansible to the Enterprise
  • 37. Automatic Provisioning at Speed and Scale - The Journey.
  • 38. 38 CONFIDENTIAL Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software Stage 1: improving existing processes SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes Build workload specific SOE (Keep current tooling in place) - Satellite & SCCM - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) API Call back to Service Desk to close off process Your organisation may have invested in processes and tooling for server provisioning. A good first step is to use Ansible to complement existing investments by: ● Streamlining the manual process into an automation workflow ● Improving the process with pre/post config and testing ● Filling gaps in current tooling Initiate build - Pre-Installation checks. Fail fast
  • 39. 39 CONFIDENTIAL As you go, look to further improve the process by reducing the number of tools and manual steps For example use Ansible modules that can hook into VMWare and Cloud APIs to provision base templates. Initiate build - Pre-Installation checks. Fail fast Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes API Call back to Service Desk to close off process Build workload specific SOE (Ansible modules) - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Stage 2: reducing the number of tools
  • 40. 40 CONFIDENTIAL - Allow teams to provision corporate standard SOE’s for on-premise and clouds as required after approval process complete - Allow teams to extend SOE build to deliver the outcome Network Config - Firewall, Ports - VPC - VLANs - Access Control Lists Application/Business Outcome Application, CICD, Testing teams call Tower API API Call back to Service Desk to close one process and raise another Application builds & configuration - AppServers - DBServers - Middleware Initiate build - Pre-Installation checks. Fail fast Post build configuration - NTP - DNS - Compliance & Security. C2S, STIG - Install Additional Software SOE Request Initiated by Service Desk. -Approvals -Change Control -Business Processes Build workload specific SOE (Ansible modules) - Vmware & Hyper-V Templates - Cloud Instance templates (AMI, ARM..) Post Installation - Basic Sanity Checks - Compliance Checks - Initiate Pen tests. Stage 3: self service the SOE process & extend
  • 41. 41 CONFIDENTIAL Ansible Tower - Schedule non critical patching & Upgrades - Apply compliance config - Log outputs to SIEM Day 2 - Updates/Patching/Continuous Compliance Day N - Maintenance/Break Fix Ansible Tower - Break Fix - Ad Hoc commands at scale - Log Outputs to SIEM - Resist, Resist, Resist manual change - aspire for 80% automated 20% manual Team X Windows Team Network Team Playbooks Playbooks Network device Virtual project or automation Team WORKFLOW Enterprise Enterprise Tooling -Helpdesk -ServiceNow -Monitoring -Privileged Accounts -CMDB.... Source Control Stage 4: Day 2-N operations is just as important
  • 42. THE LAST STAGE? Ansible Playbook + Network config. Make Changes Control Version Check Out Branch Check In Branch / Create PR 1 Notifies of pass / fail Monitors repository for changes Test changes Notify of PR 2 Merge Branch 3 Deploy Playbooks Notifies of deployment Pulls new Playbooks 4
  • 43. 43 ● Ansible Automation Training workshops - Windows, Linux and Networking ○ hands on Ansible playbook training hosted onsite to upskill resources and increase adoption ● Ansible use case discovery workshops & ROI exercises ○ Workshop to help uncover high business impact, low cost to implement automation use cases to help drive an investment in Ansible automation ● Red Hat supported MVP Ansible Tower trials ○ Prove a use case in your environment to support business case development ● Ansible smart start programs ○ Combine Ansible Red Hat Training and Red Hat consulting services to fasttrack your journey to ROI. Next Steps?
  • 45. And we are just getting started…
  • 46. GET STARTED JOIN THE COMMUNITY WORKSHOPS & TRAINING SHARE YOUR STORY ansible.com/get-started ansible.com/tower-trial ansible.com/workshops Red Hat Training ansible.com/community Follow us @Ansible Friend us on Facebook Next Steps
  • 47. Chat with us ● Slack https://ansiblenetwork.slack.com Join by clicking here https://bit.ly/2OfNEBr ● IRC #ansible-network on freenode http://webchat.freenode.net/?channels=ansible-network
  • 48. Bookmark the Github organization ● Examples, samples and demos ● Run network topologies right on your laptop
  • 50. © IBM Cloud & Containerisation Webinar Series • A Series of Webinars • Technical Audience • IBMers & Business Partners • Delivered online – and recorded to view later & share with your teams 1 AP Webinar: Cloud & Containerisation Launch 12 June 2 AP Webinar: IBM Cloud Private - Under the hood for an hour 14 June 3 AP Webinar: Red Hat OpenShift - See it presented by a Red Hatter. 21 June 4 AP Webinar: Multi Cloud Manager - From zero to demo in an hour. 28 June 5 Technical introduction to Red Hat Ansible 14 August 6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite 21 August 7 Technical introduction to Red Hat OpenStack 28 August