Ansible - capabdou/guide-devops GitHub Wiki

Rob Marti (Training Architect)

What is server automation?

Why do we need to automate?

  1. Security: consistency of configuration leads to a more secure environment. Ansible has modules to manage host-based firwalls, SELinux setting, and file and user permissions, in adition to **interacting with external tools **like Splunk (log crrelation software) or Cisco, Fortinet, and Check Point (external firewalls)

  2. Compliance : Putting policy into code and then applying that code to your servers allows you to ensure compliance throughout your data center. Consistency in configuration: the most common use for Ansible is making sure all your servers that are doing the same job ar configured the same. Especially with the amount of virtualization and different cloud technologies, keeping up to date throughout your environment van be a challenge. Ansible can copy and customize configuration files to every server in a group so they're al configured the same.

  3. Rapid Deployment (provisioning) : With server builds defined by code, the speed to deploy a new server or service goes up. Provisionning: Ansible is designed to handle the entire lifecycle of a server. From bootstrapping a node to connecting storage to installing and configuring applications, Ansible can manage the whole process.

What are some use cases for server automation in general, and how does Ansible address them?

How hard is it to implement an Ansible solution?

Ansible as a Whole

Server Automation : run one task on many servers instead of one at a time

Modules : The backbone of Ansible - the thing actually doing the work

Playbooks : Comparable to Bash scripts but significantly more powerful and customizable

Idempotent : Changes only happen once, regardless of the number of times it's run

Ad-Hoc Commands : Comparable to one-line commands in Bash but more powerful

Agentless : Doesn't require additional software on the target servers

What is Idempotent?

An operation is idempotent if the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions.

For exemple: When you call the yum module to ensure a package is installed, running it again just verifies it's installed.

Why Is Idempotency Important?

YAML Tutorial : A Complete Language Guide with Examples

https://spacelift.io/blog/yaml

Templating (Jinja2)

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_templating.html

Ansible: A Comprehensive Beginner’s Guide

https://medium.com/@RitajBiri/ansible-f1fc094ac0ab

Ansible Best Practices and Examples

https://medium.com/@amareswer/ansible-best-practices-and-examples-72893d8b19be

How to Use Different Types of Ansible Variables (Examples)

https://spacelift.io/blog/ansible-variables

Ansible Playbook Examples - Sample Ansible Playbooks | Devops Junction

https://www.middlewareinventory.com/blog/ansible-playbook-example/